Yesterday CISA’s NCCIC-ICS published seven updates for
control system security advisories for products from Siemens.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

PROFINET Update

This update
provides additional information on an advisory that was originally
published
on October 10th, 2019 and most
recently updated
on September 8th, 2020. The new information
includes:

• Updating affected version
information and adding mitigation measures for or SIMATIC ET200SP IM155-6 PN HA,
and

• Listing ecoPN model (6ES7148-6JG00-0BB0)
as not affected.

TIA Portal Update

This update
provides additional information on an advisory that was originally
published
on January 14th, 2020 and most
recently updated
on April 14th, 2020. The new information
includes updating affected version information and adding mitigation measures
for TIA Portal V14.

Simatic PCS 7 Update

This update
provides additional information on an advisory that was originally
published
on February 11th, 2020 and most
recently updated
on September 8th, 2020. The new information
includes adding mitigation measures for SIMATIC WinCC (TIA Portal) V14.

SCALANCE Update

This update
provides additional information on an advisory that was originally
published
on April 14th, 2020 and most
recently updated
on September 8th, 2020. The new information
includes removing the SCALANCE S-600 family as it is not affected.

SIMOTICS Update

This update
provides additional information on an advisory that was originally
published
on April 14th, 2020. The new information includes updating
affected versions and adding mitigation measures for:

• Desigo PXC, and

• Desigo PXM20

SIMATIC Update

This update
provides additional information on an advisory that was originally
published
on July 9th, 2020 and most
recently updated
on December 8th, 2020. The new information
includes updating affected versions and adding mitigation measures for:

• SIMATIC STEP 7 (TIA Portal) V14,
and

• SIMATIC WinCC Runtime
Professional V14

Opcenter Update

This update
provides additional information on an advisory that was originally
published
on July 14th, 2020 and most
recently updated
on August 11th, 2020. Then new information
includes:

• Adding an insufficiently
protected credentials vulnerability – CVE-2020-28390, and

• Updating mitigation measures

 

Additional Siemens Advisory

 

Siemens published
one additional advisory that was not addressed by NCCIC-ICS yesterday. I will
address that this weekend.

By admin