Rewterz Threat Advisory – CVE-2019-13939 – ICS: Siemens Mentor Nucleus Networking Module
November 15, 2019Rewterz Threat Alert – TA2101 Plays Government Imposter to Distribute Ransomware
November 15, 2019Rewterz Threat Advisory – CVE-2019-13939 – ICS: Siemens Mentor Nucleus Networking Module
November 15, 2019Rewterz Threat Alert – TA2101 Plays Government Imposter to Distribute Ransomware
November 15, 2019Severity
Medium
Analysis Summary
An attacker with physical access to the UART interface could access additional diagnostic functionality. Successful exploitation could compromise confidentiality, integrity, and availability of the affected system.
Impact
Exposed Dangerous Method or Function
Affected Vendors
Siemens
Affected Products
S7-1200: all versions
Remediation
Siemens recommends following workarounds and mitigations that users of the S7-122 CPU can apply to reduce the risk:
Ensure physical access protection.
Apply Defense-in-Depth.