Siemens Sinumerik Integrate Operate Client modify Obtain Information Vulnerability
7 Aug. 2017
Summary
Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack.
The latest updates for SINUMERIK Integrate and SINUMERIK Operate fix a vulnerability that could under certain conditions allow attackers in a privileged network position to capture and modify network traffic protected with TLS.