ICS-CERT Warns of Security Flaws in Siemens FactoryLink

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

The U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued an advisory [PDF file] warning of two vulnerabilities in the Siemens FactoryLink industrial control system software.

"Buffer overflow and data corruption vulnerabilities, discovered by researcher Kuang-Chun Hung of Taiwan’s Information and Communication Security Technology Center, affect ActiveX components in Siemens Tecnomatix FactoryLink versions V8.0.2.54, V7.5.217 (V7.5 SP2), and V6.6.1 (V6.6 SP1)," Infosecurity reports.

"Siemens has released a patch to its customers to address these vulnerabilities," the article states.

Go to "Flaws in Siemens FactoryLink could be exploited remotely" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.