The read out protection of the internal flash of affected devices was not properly set at the end of the manufacturing process. An attacker with physical access to the device could read out the data. Siemens has released new versions for the affected products and recommends to update to the latest versions.
https://cert-portal.siemens.com/productcert/html/ssa-792319.html