Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:
Siemens simatic update#
SIMATIC ITC2200 V3 PRO: Update to v3.2.1.0 or later version.SIMATIC ITC2200 V3: Update to v3.2.1.0 or later version.SIMATIC ITC1900 V3 PRO: Update to v3.2.1.0 or later version.SIMATIC ITC1900 V3: Update to v3.2.1.0 or later version.SIMATIC ITC1500 V3 PRO: Update to v3.2.1.0 or later version.SIMATIC ITC1500 V3: Update to v3.2.1.0 or later version.Siemens has released updates for the affected products and recommends users update to the latest versions: Siemens reported these vulnerabilities to CISA. COMPANY HEADQUARTERS LOCATION: Germany 3.4 RESEARCHER.CRITICAL INFRASTRUCTURE SECTORS: Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems.A CVSS v3 base score of 9.8 has been calculated the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). SIMATIC ITC2200 V3 PRO: All versions prior to v3.2.1.0ģ.2 VULNERABILITY OVERVIEW 3.2.1 USING COMPONENTS WITH KNOWN VULNERABILITIES CWE-1035.SIMATIC ITC2200 V3: All versions prior to v3.2.1.0.SIMATIC ITC1900 V3 PRO: All versions prior to v3.2.1.0.SIMATIC ITC1900 V3: All versions prior to v3.2.1.0.SIMATIC ITC1500 V3 PRO: All versions prior to v3.2.1.0.SIMATIC ITC1500 V3: All versions prior to v3.2.1.0.Siemens reports these vulnerabilities affect the following SIMATIC Industrial Thin Clients:
Siemens simatic code#
Successful exploitation of these LibVNC vulnerabilities could allow remote code execution, information disclosure, and denial-of-service attacks.
0 kommentar(er)
