Your review has been sent successfully

Siemens Updates

2539
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

15 March, 2020

● High

2020-1016

All

Description:

Siemens has released security updates to address vulnerabilities in the following products:

  • Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet
  • Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200
  • Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P
  • PROFINET Driver for Controller
  • RUGGEDCOM RM1224
  • SCALANCE M-800 / S615
  • SCALANCE W700 IEEE 802.11n
  • SCALANCE X-200 switch family (incl. SIPLUS NET variants)
  • SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
  • SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)
  • SCALANCE XB-200, XC-200, XP-200, XF-200BA and XR-300WG
  • SCALANCE XM-400 switch family
  • SCALANCE XR-500 switch family
  • SIMATIC CP 1616 and CP 1604
  • SIMATIC CP 343-1 (incl. SIPLUS NET variants)
  • SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variants)
  • SIMATIC CP 343-1 ERPC
  • SIMATIC CP 343-1 LEAN (incl. SIPLUS NET variants)
  • SIMATIC CP 443-1 (incl. SIPLUS NET variants)
  • SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variants)
  • SIMATIC CP 443-1 OPC UA
  • SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)
  • SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)
  • SIMATIC ET200AL IM 157-1 PN
  • SIMATIC ET200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0)
  • SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants)
  • SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants)
  • SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)
  • SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants)
  • SIMATIC ET200pro, IM 154-3 PN HF
  • SIMATIC ET200pro, IM 154-4 PN HF
  • SIMATIC ET200S (incl. SIPLUS variants)
  • SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants)
  • SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)
  • SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)
  • SIMATIC IPC Support, Package for VxWorks
  • SIMATIC MV400 family
  • SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant)
  • SIMATIC RF180C
  • SIMATIC RF182C
  • SIMATIC RF600 family
  • SIMATIC S7 PLCSIM Advanced
  • SIMATIC S7-1200 CPU family (incl. SIPLUS variants)
  • SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS
  • SIMATIC S7-1500 Software Controller
  • SINAMICS DCP
  • SOFTNET-IE PNIO

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Denial of service attack (DoS)
  • Man in the middle attack

Best practice and Recommendations:

The CERT team encourages users to review Siemens security advisory and apply the necessary updates:

Last updated at 15 March, 2020

Rate the content

rate-icon
up icon