Siemens Patches Critical Security Flaw in Certain Products
Compliance
Compliance Twitter
(Photo: Siemens)
Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary code to access memory areas, enabling them to read sensitive data and use it to launch further attacks, according to a company advisory.
The alert notes the vulnerability, tracked as CVE-2020-15782, is ranked 8.1 - which is highly critical. It affects seven products in the Siemens automation product series SIMATIC S7-1200 and S7-1500 CPU.
The company released updates for the affected products and has urged customers to immediately implement the patches. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not yet available, the company states.