SIEMENS-SSA-631949 · Published 2020-07-14 · View on Siemens ProductCERT ↗

SSA-631949 (Last Update: 2020-07-14): Ripple20 and Intel SPS Vulnerabilities in SPPA-T3000 Solutions

CVSS N/A MEDIUM

Risk Summary

<p>SPPA-T3000 solutions are affected by vulnerabilities that were recently dislosed by JSOF research lab (“<a href="https://www.jsof-tech.com/ripple20/">Ripple20</a>”) for the TCP/IP stack used in APC UPS systems, and by Intel for the Server Platform Services (<a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html">SPS</a>) used in SPPA-T3000 Application Server and Terminal Server hardware.</p> <p>The advisory provides information to what amount SPAA-T3000 solutions are affected. Detailed information, including solution and mitigation measures, are available for SPPA-T3000 customers in the <a href="https://www.cp4ic.siemens.com/">Siemens Energy Customer Portal</a>.</p>

Remediations

Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-631949 (Last Update: 2020-07-14): Ripple20 and Intel SPS Vulnerabilities in SPPA-T3000 Solutions See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more