Siemens SIPROTEC 5 Using DIGSI5 Protocol
Summary
Siemens SIPROTEC 5 devices are vulnerable to arbitrary file uploads via the DIGSI 5 protocol, allowing authenticated attackers to upload malicious configuration files and potentially cause a denial of service. Siemens has released updated versions with an allow-list feature to mitigate this risk.
IFF Assessment
This vulnerability allows for arbitrary file uploads, which can lead to a denial of service, posing a direct threat to operational technology systems.
Defender Context
This vulnerability in Siemens SIPROTEC 5 systems highlights the ongoing risks within industrial control systems (ICS) and operational technology (OT). Defenders should prioritize patching these devices or implementing the recommended countermeasures to prevent potential denial-of-service attacks that could disrupt critical infrastructure operations.