SSA-603476 (Last Update: 2019-12-10): Web Vulnerabilities in SIMATIC CP 343-1/CP 443-1 Modules and SIMATIC S7-300/S7-400 CPUs

Published

2019-12-10 00:00:00 UTC

Summary

SIMATIC CP 343-1 Advanced/CP-443-1 Advanced devices and SIMATIC S7-300/S7-400 CPUs are affected by two vulnerabilities. One of the vulnerabilities could allow remote attackers to perform operations as an authenticated user under certain conditions.

Siemens has released updates for SIMATIC CP 343-1 Advanced and SIMATIC CP 443-1 Advanced devices. Siemens recommends applying specific countermeasures for the remaining affected products. Siemens will update this advisory when new information becomes available.