Wednesday, December 4, 2013

ICS-CERT Publishes Siemens SINAMICS Advisory

This afternoon the DHS ICS-CERT published an advisory for an authentication bypass vulnerability in the Siemens SINAMICS S/G controller family. Siemens self-reported the vulnerability today and reported that they have a firmware update available to mitigate the vulnerability.

ICS-CERT reports that a relatively unskilled attacker could remotely exploit this vulnerability and be able to execute administrative operations over the network without authentication. Siemens explains that the firmware upgrade closes the affected ports and services.

No comments:

/* Use this with templates/template-twocol.html */