SSA-203306 (Last Update: 2019-03-12): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families

Published

2019-03-12 00:00:00 UTC

Summary

SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.

Siemens has released updates for several affected products, and recommends specific countermeasures for the remaining products.