Siemens Patches Firewall Flaw That Put Operations at Risk

The industrial company on Tuesday released mitigations for eight vulnerabilities overall.

Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized access to industrial networks and ultimately put operations and production at risk.

The SCALANCE S firewall is used to protect secure industrial networks from untrusted network traffic, and allows filtering incoming and outgoing network connections in different ways. Siemens S602, S612, S623, S627-2M SCALANCE devices with software versions prior to V4.0.1.1 are impacted.

Read more…
Source: ThreatPost