Security News > 2020 > December > Siemens, Schneider Electric Address Serious Vulnerabilities in ICS Products

Siemens, Schneider Electric Address Serious Vulnerabilities in ICS Products
2020-12-09 13:09

Siemens and Schneider Electric on Tuesday informed customers about the availability of patches and mitigations for several potentially serious vulnerabilities affecting their industrial control system products.

The new advisories describe vulnerabilities affecting the company's SICAM, SIMATIC, SIPLUS, LOGO! 8, SENTRON, SIRIUS, and XHQ products.

Siemens has also started releasing patches for its SIPLUS, SIMATIC ITC, SIMATIC WinCC and SIMATIC HMI Panel products to fix several vulnerabilities discovered last year by Kaspersky in the TightVNC open source virtual network computing system.

Siemens has also released an advisory to inform customers that some of its products are affected by one of the recently disclosed Amnesia:33 vulnerabilities affecting TCP/IP stacks.

Last month, Schneider and Claroty disclosed several encryption vulnerabilities allowing hackers to take control of some Modicon PLCs. Schneider informed customers this week that patches and mitigations are available for high- and medium-severity information disclosure, DoS, code execution, command execution, and account credential exposure issues.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/SZB8GT6JDR0/siemens-schneider-electric-address-serious-vulnerabilities-ics-products

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Siemens 1779 26 427 871 201 1525