NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. Also recognize that VPN is only as secure as the connected devices.
Siemens simatic s7 300 software#
In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security ( ), and following the recommendations in the product manuals.Īdditional information on industrial security by Siemens can be found at:įor more information on this vulnerability and associated software updates, please see Siemens security advisory SSA-306710 on their website:
Siemens simatic s7 300 update#
Siemens recommends users update to Version 3.X.16, which can be downloaded from the following link:
Siemens simatic s7 300 manual#
The CPU will remain in DEFECT mode until manual restart. The affected CPUs improperly validate S7 communication packets, which could cause a denial-of-service condition of the CPU.