Siemensβ SICAM P850 and P855 products are affected by vulnerabilities that could allow remote exploits, such as CSRF and incorrect permission issues. CISA advises updating to version 3.11 or later and restricting network access to mitigate these risks. #Siemens #ICSVulnerabilities
Keypoints
- Siemens issued security advisories for vulnerabilities affecting SICAM P850 and P855 devices.
- Exploitable vulnerabilities include CSRF and incorrect permission assignment that could lead to arbitrary device actions.
- These issues primarily impact versions prior to 3.11, requiring users to update their firmware.
- Mitigation strategies include updating firmware, restricting access, and following Siemensβ operational guidelines.
- CISA recommends minimizing network exposure, using VPNs for remote access, and performing impact analysis before deploying security measures.
Read More: https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-11