SSA-242353 (Last Update: 2020-01-14): Access Control Vulnerability in SINAMICS PERFECT HARMONY GH180

Published

2020-01-14 00:00:00 UTC

Summary

A race condition in the restart behaviour of SINAMICS PERFECT HARMONY GH180 could allow an unauthorized attacker with physical access to the affected device to restart the HMI with disabled security controls, which could be used to launch further attacks against the affected device.

Siemens recommends customers to apply a configuration change on affected devices to resolve the issue. Detailed instructions are available through customer support.