SSA-899560 (Last Update: 2019-12-10): Vulnerabilities in SIPROTEC 5 relays and DIGSI 5


2019-12-10 00:00:00 UTC


The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.