Anon Archived Siemens patches one security vuln, leaves folks to block second (theregister.co.uk)
submitted ago by 2099330?
Posted by: 2099330?
Posting time: 3.3 years ago on
Last edit time: never edited.
Archived on: 11/30/2017 10:00:00 AM
Views: 9
SCP: 1
1 upvotes, 0 downvotes (100% upvoted it)
Anon Archived Siemens patches one security vuln, leaves folks to block second (theregister.co.uk)
submitted ago by 2099330?
view the rest of the comments →
[–] derram ago
https://archive.is/rnwei | :
'Siemens has plugged a man-in-the-middle vulnerability in its LOGO!8 BM FS-05 industrial automation hardware – but a second remains unpatched. '
'In the absence of a fix, Siemens provides configuration instructions which include using a VPN to protect traffic between cells in the network. '
'All versions of Logo!8 BM older than 1.18.2 are vulnerable and need a firmware update. ', "If the devices' admin web server is visible from the internet and a user is logged in, that would allow a remote attacker to hijack the admin session.", "According to Siemens' advisory, CVE-2017-12734 can be exploited by an attacker to sniff the session ID from an active user session."
This has been an automated message.