Security News

A vulnerability in Siemens Simatic programmable logic controller can be exploited to retrieve the hard-coded, global private cryptographic keys and seize control of the devices. "An attacker can use these keys to perform multiple advanced attacks against Siemens SIMATIC devices and the related TIA Portal, while bypassing all four of its access level protections," industrial cybersecurity company Claroty said in a new report.

Siemens has released patches for some of its SIMATIC human-machine interface panels to address a high-severity vulnerability that can be exploited remotely to take full control of a device. SIMATIC HMI panels are designed for operator control and the monitoring of machines and plants.

Siemens on Tuesday released 7 new advisories to inform customers of potentially serious vulnerabilities affecting various SIMATIC and SCALANCE products. Patches and/or mitigations are available...

Siemens informed customers on Tuesday that some of its SIMATIC S7-400 CPUs are affected by a high severity denial-of-service (DoS) vulnerability. read more

German industrial giant Siemens has released security patches for several of its SIMATIC products, including some controllers and a mobile application. Organizations using SIMATIC products were...

Siemens has fixed a remotely executable vulnerability in some versions of its SIMATIC PCS 7 distributed control system, and said that it is working on a fix for remaining affected versions.

Siemens patched two vulnerabilities in products, SIMATIC CP and XHQ, commonly found in industrial control system setups this week

Siemens and ICS-CERT published advisories this week to alert users of improper authentication and privilege escalation vulnerabilities affecting some SIMATIC and XHQ products. read more

Siemens has provided firmware updates addressing vulnerabilities in the SIMATIC WinCC flexible and the SIMATIC S7-300 CPU family.