SSA-203306 (Last Update: 2018-05-15): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families
Published
2018-05-15 00:00:00
Summary
SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.
Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.