Siemens Spectrum Power 4

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to remotely execute code as application administrator or locally execute code as operating system administrator.

CVEs (5)

Remediations

• Siemens has identified the following specific workarounds and mitigations users can apply to reduce risk:
• Spectrum Power 4: Update to V4.70 SP12 Update 2 or later version
• As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals.
• Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage
• For more information see the associated Siemens security advisory SSA-339694 in HTML and CSAF.

Affected Vendors

Affected Products (1)

Affected Sectors

Energy