CyberNews Briefs

Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks

Siemens has disclosed critical bugs that affect its LOGO! programmable logic controllers. The vulnerabilities can be exploited remotely and used to launch denial-of-service attacks. Siemens stated that the flaws impact all versions of the devices, which can be compromised when an attacker modifies the device’s configuration. LOGO! devices are designed for basic control tasks, however, SIPLUS versions designed for more extreme conditions are also impacted by the vulnerabilities.

Siemens, a German industrial giant, has not released patches for the vulnerabilities. Instead, they told customers they can reduce exploitation risks by applying defense-in-depth measures. The vulnerabilities can be exploited without user interaction by an unauthenticated attacker who has network access. Earlier this week, Siemens and CISA both released advisories on the critical vulnerabilities.

Read More: Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.