[Control systems] Siemens security advisory (AV24–507)

Serial number: AV24-507
Date: September 10, 2024

On September 10, 2024, Siemens published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

  • Automation License Manager software – multiple versions and models
  • Industrial Edge Management OS (IEM–OS) – multiple versions and models
  • SCALANCE W700 802.11 AX Family – multiple versions and models
  • SICAM and SITIPE products – multiple versions and models
  • SIMATIC Batch V9.1 – all versions
  • SIMATIC Information Server – multiple versions and models
  • SIMATIC PCS neo – multiple versions and models
  • SIMATIC S7–200 SMART Devices – multiple versions and models
  • SIMATIC PCS7 – multiple versions and models
  • SIMATIC Process Historian – multiple versions and models
  • SIMATIC SCADA and PCS 7 systems – multiple versions and models
  • SIMATIC WinCC – multiple versions and models
  • SIMATIC WinCC Runtime Professional – multiple versions and models
  • SINEC NMS – all versions
  • SINEMA Remote Connect Server – versions prior to V3.2 SP2
  • SINEMA Remote Connect Client – versions prior to V3.2 SP2
  • SINUMERIK ONE – versions prior to V6.24
  • SINUMERIK 828D V4 – all versions
  • SINUMERIK 828D V5 – versions prior to V5.24
  • SINUMERIK 840D sl V4 – all versions
  • Tecnomatix Plant Simulation – multiple versions and models
  • Totally Integrated Automation Portal (TIA Portal) – multiple versions and models

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

This alert was originated From: Canadian Centre for Cyber Security

https://cyber.gc.ca/en/alerts-advisories/control-systems-siemens-security-advisory-av24-507

Leave a Reply

Your email address will not be published. Required fields are marked *