SSA-273799 (Last Update: 2020-03-10): Vulnerability in SIMATIC products

Published

2020-03-10 00:00:00 UTC

Summary

A vulnerability has been identified in several SIMATIC products. The vulnerability could allow an attacker in a Man-in-the-Middle position to modify network traffic exchanged on port 102/tcp to PLCs of the SIMATIC S7-1200, SIMATIC S7-1500 and SIMATIC SoftwareController CPU families.

Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and recommends specific countermeasures until patches are available.