Siemens issues emergency SCADA patch
Intelligent flash storage arrays
Got Siemens SCADA? Get patching: the company has issued updates for software using its WinCC application to plug a bunch of remotely-exploitable vulnerabilities.
According to the ICS-CERT advisory, versions of the company’s SIMANTIC WinCC, SIMANTIC PCS7 and TIA Portal V13 (which includes a WinCC runtime) are all vulnerable.
There are two specific problems:
Both vulnerabilities can be exploited with “low skill”, the advisory states, with ICS-CERT adding: “Indicators exist that this vulnerability may have been exploited during a recent campaign.”
Siemens has issued updates for all products, with detailed instructions in this PDF. ®
Remote control for virtualized desktops
Article source: http://go.theregister.com/feed/www.theregister.co.uk/2014/11/27/siemens_issues_emergency_scada_patch/