The NCCIC has released an advisory on an improper privilege management vulnerability in Siemens ROX II. All versions prior to v2.12.1 are affected. Successful exploitation of these vulnerabilities could allow valid users to escalate their privileges and execute arbitrary commands. Siemens recommends users update to the new version (v2.12.1) as soon as possible. To reduce risk, Siemens recommends that administrators restrict network access to prevent potential attackers from accessing Port 22/TCP, if possible. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
You are here
Related Resources
Dec 12, 2024 in Cybersecurity, in Federal & State Resources, in Security Preparedness
Dec 12, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Dec 12, 2024 in Cybersecurity, in OT-ICS Security, in Federal & State Resources
