Siemens and Schneider Electric on Tuesday informed customers about the availability of patches and mitigations for several potentially serious vulnerabilities affecting their industrial control system (ICS) products.
Siemens has released six new advisories and updated 18 previous advisories. The new advisories describe vulnerabilities affecting the company’s SICAM, SIMATIC, SIPLUS, LOGO! 8, SENTRON, SIRIUS, and XHQ products.
In LOGO! 8 and SIPLUS devices, the company fixed eight vulnerabilities, including a critical flaw that can allow an attacker who has network access to gain complete control over the targeted device.
Siemens has also started releasing patches for its SIPLUS, SIMATIC ITC, SIMATIC WinCC and SIMATIC HMI Panel products to fix several vulnerabilities discovered last year by Kaspersky in the TightVNC open source virtual network computing (VNC) system. The flaws include critical and high-severity issues that can be exploited for arbitrary code execution or DoS attacks.
The German industrial giant has also updated its XHQ Operations Intelligence products to address information disclosure, XSS, SQL injection, and CSRF vulnerabilities, including ones that have been classified as high severity.
Siemens has also released an advisory to inform customers that some of its products are affected by one of the recently disclosed Amnesia:33 vulnerabilities affecting TCP/IP stacks. Researchers have discovered 33 security holes and they have been found to impact millions of IoT and OT devices from 150 vendors, but Siemens says its SENTRON PAC devices and SIRIUS 3RW5 communication module are only affected by one of the Amnesia:33 vulnerabilities, one that can be exploited for DoS attacks.
Learn more about vulnerabilities in industrial systems at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series
As for Schneider Electric, the company released a total of nine new advisories on Tuesday and updated several previous advisories.
A majority of the new advisories address vulnerabilities identified in Schneider’s Modicon industrial controllers. One of these flaws was discovered by researchers at industrial cybersecurity firm Claroty, which published a blog post describing its findings on Tuesday. Last month, Schneider and Claroty disclosed several encryption vulnerabilities allowing hackers to take control of some Modicon PLCs.
Schneider informed customers this week that patches and mitigations are available for high- and medium-severity information disclosure, DoS, code execution, command execution, and account credential exposure issues. It’s worth noting that DoS vulnerabilities can have a bigger impact in the case of ICS compared to IT systems, as they can lead to disruptions in production.
Related: Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks
Related: Schneider Electric Warns Customers of Drovorub Linux Malware
Related: Another Stuxnet-Style Vulnerability Found in Schneider Electric Software

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Hive Ransomware Operation Shut Down by Law Enforcement
Latest News
- Malicious NPM, PyPI Packages Stealing User Information
- VMware Confirms Exploit Code Released for Critical vRealize Logging Vulnerabilities
- 98% of Firms Have a Supply Chain Relationship That Has Been Breached: Analysis
- Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’
- Gem Security Gets $11 Million Seed Investment for Cloud Incident Response Platform
- Ransomware Leads to Nantucket Public Schools Shutdown
- Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation and Information Sharing
- Boxx Insurance Raises $14.4 Million in Series B Funding
