High-severity flaw opens Siemens Industrial Switches to attacks

Siemens has started releasing security patches to fix a high severity access control vulnerability in its industrial switches tracked as CVE-2017-12736.

The flaw was discovered by experts at Siemens and could be exploited by remote attackers to hack some of Siemens industrial communications devices.

The vulnerability affects SCALANCE X industrial Ethernet switches, and Ruggedcom switches and serial-to-ethernet devices running the Rugged Operating System (ROS).

Source: Security Affairs