Thursday, September 28, 2017

ICS-CERT Publishes Siemens Advisory

Today the DHS ICS-CERT published a control system security advisory for products from Siemens. This advisory describes an improper access control vulnerability for the Siemens Ruggedcom ROS and SCALANCE devices. The vulnerability was self-reported by Siemens. Siemens has developed firmware updates for two of the affected products and a work around for the other products pending firmware development.

ICS-CERT reports that a relatively low skilled attacker on an adjacent network could remotely exploit the vulnerability to perform unauthorized administrative actions.

No comments:

/* Use this with templates/template-twocol.html */