Menu
Siemens patches critical flaws in industrial wireless gear

Siemens patches critical flaws in industrial wireless gear

The vulnerabilities allow attackers to take control of affected Ruggedcom WIN systems

Siemens released critical security patches for the firmware in its Ruggedcom WIN products which are used as broadband wireless base stations in industrial environments.

The updates fix three vulnerabilities, two of which have the maximum severity score in the Common Vulnerability Scoring System (CVSS) and could allow attackers to perform administrative functions or to execute arbitrary code on the affected systems without authentication.

Ruggedcom WIN products are compliant with the IEEE 802.16e wireless communications standard, also known WiMAX. They can be deployed as bases stations or subscriber units and are designed to withstand operation in harsh environments.

"According to Siemens, these devices are deployed across several sectors including Chemical, Communications, Critical Manufacturing, Dams, Defense Industrial Base, Energy, Food and Agriculture, Government Facilities, Transportation Systems, and Water and Wastewater Systems," the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said in a security advisory. "Siemens estimates that these products are used worldwide."

The vulnerabilities affect the WIN51xx, WIN52xx, WIN70xx and WIN72xx product series, Siemens said in its own advisory.

In addition to installing the new firmware updates, the company recommends that users protect network access to all products except for perimeter devices.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitypatch managementsiemenspatchesAccess control and authenticationExploits / vulnerabilitiesIndustrial Control Systems Cyber Emergency Response Team

Featured

Slideshows

Ingram Micro maintains Showcase 2018 momentum in Wellington

Ingram Micro maintains Showcase 2018 momentum in Wellington

Ingram Micro maintained Showcase 2018 momentum in Wellington, hosting more than 40 vendors at TSB Arena. Under the banner of Leading the Way, the event demonstrated what’s new, what’s next and how it can be used to improve business and everyday life.

Ingram Micro maintains Showcase 2018 momentum in Wellington
Ingram Micro launches Showcase 2018 in Christchurch

Ingram Micro launches Showcase 2018 in Christchurch

Ingram Micro kickstarted Showcase 2018 in Christchurch, hosting more than 40 vendors at Horncastle Arena. Under the banner of Leading the Way, the event demonstrated what’s new, what’s next and how it can be used to improve business and everyday life.

Ingram Micro launches Showcase 2018 in Christchurch
Data breach notification laws in NZ: How can partners prepare?

Data breach notification laws in NZ: How can partners prepare?

This exclusive Reseller News Roundtable outlined the responsibilities facing security partners today, assessing risk while evaluating the role of the vendor in providing added layers of protection.

Data breach notification laws in NZ: How can partners prepare?
Show Comments