SSA-899560 (Last Update: 2020-05-12): Vulnerabilities in SIPROTEC 5 relays and DIGSI 5

Published

2020-05-12 00:00:00 UTC

Summary

The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.