SSA-203306 (Last Update: 2018-05-15): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families

Published

2018-05-15 00:00:00

Summary

SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.

Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.

Source

https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf