Siemens Patches Flaws in Building Automation Controllers

One problem found by Siemens in these products is that the authentication mechanism can be bypassed and an attacker can download sensitive information from a device. However, the vendor has pointed out that the attacker requires network access to the web server, which is accessible on TCP ports 80 and 443, in order to exploit the flaw.

Read full news article on SecurityWeek