Siemens and ICS-CERT published advisories this week to warn organizations of potentially serious vulnerabilities affecting some of the German technology conglomerate’s building controller and smart grid devices.
Users of the OZW672 and OZW772 products, designed for remote plant control and monitoring, have been informed of medium and high severity flaws allowing attackers to access or alter historical measurement data stored on the device, and read or manipulate data in TLS sessions via man-in-the-middle (MitM) attacks.
