NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. Also recognize that VPN is only as secure as the connected devices. When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available.Locate control system networks and remote devices behind firewalls, and isolate them from the business network.Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. End Update A Part 2 of 2 -įor more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-470231 at the following location: SIMATIC IPC547G: Update BIOS to R1.21.0.SIMATIC Field-PG M5: Update to v22.01.04.
Siemens provides firmware updates to address the vulnerability for the following affected products, and recommends users update to the newest version: The Operational Guidelines for Industrial Security can be found at:Īdditional information on Industrial Security by Siemens can be found at: In order to run the devices in a protected IT environment, Siemens particularly recommends to configure the environment according to Siemens’ Operational Guidelines for Industrial Security and to follow the recommendations in the product manuals.
MITIGATIONĪs a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. Successful exploitation of this vulnerability could make it easier for attackers to conduct cryptographic attacks against the key material.
0 kommentar(er)
