Yesterday the CISA NCCIC-ICS updated four control system security advisories for products from Siemens.
SCALANCE Update
This update provides additional information on an advisory that was originally published on November 28th, 2017 and most recently updated on May 10th, 2018. The new information includes:
• Added RUGGEDCOM RM1224 to the
list of affected products,
• Updated remediation link for
SCALANCE W1750D,
• Updated CVSS scores, and
• Added CWE IDs.
Industrial Products Update #1
This update provides additional information on an advisory that was originally published on September 10th, 2019 and most recently updated on September 8th, 2020. The new information includes mitigation links for SIMATIC MV500 and SCALANCE W1750D.
Industrial Products Update #2
This update provides additional information on an advisory that was originally published on September 8th, 2020. The new information includes:
• Removing the following from the list
of affected products:
◦ SINUMERIK 840D sl (NCU730.3B),
◦ SINUMERIK 828D (PPU.4 /PPU1740), and
◦ SINUMERIK ONE (NCU1750 / NCU1760).
• Adding mitigation measures for:
◦ SIMATIC IPC627E,
◦ SIMATIC IPC647E,
◦ SIMATIC IPC677E, and
◦ SIMATIC IPC847E
SIMATIC Update
This update provides additional information on an advisory that was originally published on September 8th, 2020. The new information includes adding SIMATIC WinAC RTX (F) 2010 and SINUMERIK 840D sl to the list of affected products.
Other Siemens Updates
Yesterday Siemens published
updates for three additional advisories. If, not covered by NCCIC-ICS before
then (and I do not expect that they will) I will discuss them this weekend.
Posts
No comments:
Post a Comment