Siemens Update
1766Warning Date
Severity Level
Warning Number
Target Sector
30 May, 2021
● High
2021-2975
All
Description:
Siemens has released a security update to address a vulnerability in the following products:
- SIMATIC Drive Controller family
- All versions < V2.9.2
- SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)
- All versions
- SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)
- All versions
- SIMATIC S7-1200 CPU family (incl. SIPLUS variants)
- All versions < V4.5.0
- SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)
- All versions < V2.9.2
- SIMATIC S7-1500 Software Controller
- All versions
- SIMATIC S7-PLCSIM Advanced
- All versions < V4.0
Threats:
Attacker could exploit this vulnerability by doing the following:
- Bypass of a protection mechanism
Best practice and Recommendations:
The CERT team encourages users to review Siemens security advisory and apply the necessary updates: