From: Chemical Facility Security News
This afternoon the DHS ICS-CERT updated two earlier advisories, one from Siemens and one from Schneider. Interestingly they ignore the unique Siemens ProductCERT report on GNU Bash vulnerabilities in Siemens products.
Siemens Update
This advisory was originally published back in July. Since then Siemens has provided a new update for the still vulnerable SIMATIC PCS7. The original advisory was published with only a SIMATIC WinCC update available.
Schneider Update
This advisory was originally published almost three weeks ago. Since then Schneider has made the promised service packs available to correct the vulnerabilities:
• ClearSCADA 2010 R3.2, Released October 2014, and
• SCADA Expert ClearSCADA 2014 R1.1, Released October 2014.
Siemens GNU Bash Report
Leave a Reply