← Back to home
SIEMENS-SSA-242353  ·  Published 2020-01-14  ·  View on Siemens ProductCERT ↗

SSA-242353 (Last Update: 2020-01-14): Access Control Vulnerability in SINAMICS PERFECT HARMONY GH180

CVSS N/A MEDIUM

Risk Summary

<p>A race condition in the restart behaviour of SINAMICS PERFECT HARMONY GH180 could allow an unauthorized attacker with physical access to the affected device to restart the HMI with disabled security controls, which could be used to launch further attacks against the affected device.</p> <p>Siemens recommends customers to apply a configuration change on affected devices to resolve the issue. Detailed instructions are available through customer support.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-242353 (Last Update: 2020-01-14): Access Control Vulnerability in SINAMICS PERFECT HARMONY GH180 See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more