SSA-542525 (Last Update: 2020-09-08): Authentication Vulnerabilities in SIMATIC HMI Products

Published

2020-09-08 00:00:00 UTC

Summary

SIMATIC HMI Products are affected by two vulnerabilities that could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.

Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.