Wednesday, December 9, 2020

13 Updates Published – 12-8-20

Yesterday the CISA NCCIC-ICS updated thirteen control system security advisories for products from Siemens.

LOGO! Update #1

This update provides additional information on an advisory that was originally published on August 31st, 2017 (not August 13th as reported in the advisory, a simple case of typing dyslexia I suppose). The new information includes adding mitigation solution for CVE-2017-12735.

SCALANCE Update

This update provides additional information on an advisory that was originally published on June 14th, 2018 and most recently updated on June 11th, 2019. The new information includes adding data about successor products for SIMATIC RF182C and RFID 181EIP

LOGO! Update #2

This update provides additional information on an advisory that was originally published on May 14th, 2019. The new information includes adding a mitigation solution for LOGO! 8 BM

LOGO! Update #3

This update provides additional information on an advisory that was originally published on May 14th, 2019. The new information includes adding mitigation measures.

Industrial Products Update #1

This update provides additional information on an advisory that was originally published on September 10th, 2019 and most recently updated on October 13th, 2020. The new information includes adding solution for SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP.

PROFINET Update

This update provides additional information on an advisory that was originally published on February 11th, 2020 and most recently updated on August 11th, 2020. The new information includes:

• Adding SIMOTION products to the affected products list;

• Updating information regarding successor products for SIMATIC RF180C and RF182C

SIMATIC Update #1

This update provides additional information on an advisory that was originally published on July 9th, 2020 and most recently updated on July 14th, 2020. The new information includes correcting affected version and patch link for SINAMICS STARTER.

SIMATIC Update #2

This update provides additional information on an advisory that was originally published on July 9th, 2020 and most recently updated on September 8th, 2020. The new information includes adding solution for:

• SIMATIC S7-1500 Software Controller, and

• SINAMICS STARTER

LOGO! Update #4

This update provides additional information on an advisory that was originally published on June 9th, 2020. The new information includes adding mitigation for LOGO! V8.3.

UMC Stack Update

This update provides additional information on an advisory that was originally published on July 14th, 2020 and most recently updated on November 11th, 2020. The new information includes adding solution for Soft Starter ES.

SIMATIC Update #3

This update provides additional information on an advisory that was originally published on August 11th, 2020. The new information includes adding solution for SIMOTICS CONNECT 400.

Industrial Products Update #2

This update provides additional information on an advisory that was originally published on September 8th, 2020 and most recently updated on October 13th, 2020. The new information includes adding solutions for:

• for SIMATIC IPC427E,

• SIMATIC IPC477E, and

• SIMATIC IPC477E PRO

SIMATIC Update #4

This update provides additional information on an advisory that was originally published on September 8th, 2020 and most recently updated on November 10th, 2020. The new information includes adding the following researchers in the acknowledgements section:

• Jongwon Choi from NSR (National Security Research Institute), and

• Taeshik Shon from Ajou University

Other Siemens Updates

Siemens also published updates for five other advisories yesterday. I will report on these this weekend.

No comments:

 
/* Use this with templates/template-twocol.html */