← Back to home
SIEMENS-SSA-984700  ·  Published 2019-10-08  ·  View on Siemens ProductCERT ↗

SSA-984700 (Last Update: 2019-10-08): Password Storage Vulnerability in SIMATIC IT UADM

CVSS N/A MEDIUM

Risk Summary

<p>A vulnerability has been identified in the SIMATIC IT Unified Architecture Discrete Manufacturing product that caused a password to be encrypted with a predicable encryption key. An authenticated attacker could potentially recover the password and gain access to the TeamCenter station connected to the instance.</p> <p>Siemens provides updates to address the vulnerability, and recommends specific mitigations.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-984700 (Last Update: 2019-10-08): Password Storage Vulnerability in SIMATIC IT UADM See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more