HEIDENHAIN Controller TNC (Update A)

Risk Summary

Successful exploitation of this vulnerability could cause a loss of sensitive data, manipulation of information, and a denial-of-service.

CVEs (1)

Remediations

• HEIDENHAIN has identified the following specific workarounds and mitigations users can apply to reduce risk:
• Block LSV2 and DNC communication using the integrated firewall in the controller's operating system.
• Use zone firewalls to isolate and segment the network of the affected devices.
• Ask your machinery vendor (running HEIDENHAIN controllers) for updates to a recent software version, where SSH tunneling is standard.

Affected Vendors

Affected Products (1)

Affected Sectors

Critical Manufacturing, Communications, Energy, Healthcare and Public Health