The Latest in IT Security

Siemens Patches Flaws in SIMATIC, XHQ Products

23
Jun
2017

siemens-patches-flaws-in-simatic-xhq-products

Siemens and ICS-CERT published advisories this week to alert users of improper authentication and privilege escalation vulnerabilities affecting some SIMATIC and XHQ products.

The SIMATIC communication processor (CP) of the Redundant Network Access (RNA) series, which is designed for connecting S7-400 CPUs to industrial ethernet, is affected by a critical vulnerability that allows a remote, unauthenticated attacker to perform administrative actions on a device.

The security hole, tracked as CVE-2017-6868, affects the SIMATIC CP 44x-1 RNA modules running versions prior to 1.4.1. The flaw can only be exploited if the attacker has network access to TCP port 102 and the processor’s configuration is stored on the corresponding CPU.

Read More

Leave a reply


Categories

FRIDAY, NOVEMBER 22, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments