01 March 2018

Siemens industrial solutions are affected by vulnerabilities in Intel ME, SPS and TXE technologies

Siemens has published an advisory on vulnerabilities in its industrial solutions that use Management Engine (ME), Server Platform Services (SPS) and Trusted Execution Engine (TXE) technologies by Intel.

Vulnerabilities in Intel technologies affect 28 Siemens products, including SIMATIC industrial PCs, the SINUMERIK CNC solution and the SIMOTION system.

Siemens has released updates to close each of these vulnerabilities.

Since an attacker requires network access and, for most of the vulnerabilities, local access to exploit the vulnerabilities, Siemens recommends operating vulnerable devices within trusted networks only.

Earlier, Kaspersky Lab ICS СERT experts expressed the opinion that vulnerabilities in Intel products could affect industrial equipment, including Siemens products.

Source: Siemens