Siemens has announced patches for flaws in its industrial control systems discovered by independent researchers nearly a month ago, but the US government has warned that there are still reported problems with the systems.
The German engineering conglomerate was heavily criticised for its lax response after researchers at NSS Labs found the flaws in its Simatic S7-1200 micro programmable logic controller.
Siemens was accused of trying to duck the problems despite being effectively given thousands of pounds worth of free research.
However, Siemens said in a statement on its site that the company had released a firmware update for two vulnerabilities, one of which, known as a replay attack, could allow hackers to take control of the system, while the other could allow for denial-of-service (DoS) attacks.
"The latest firmware update for the S7-1200 will offer corrective action for enhancing protection against replay attacks as well as increased stability when facing the above-mentioned DoS scenario. The firmware update will be available in June," noted Siemens.
"The S7-300 and S7-400 controllers are not affected by the DoS scenario, so there is no need for any firmware update with these controllers."
The US ICS-CERT issued an update confirming the security advisory, but warned that it patches only "a portion" of the reported vulnerabilities.
"ICS-CERT has confirmed the effectiveness of this patch and continues to work with Siemens and [NSS researcher] Dillon Beresford on the other reported problems," the security organisation said.
AlphaBay users had flocked to Hansa after it was closed down - not realising it had already been taken over by Dutch police
Microsoft closes in on $100bn annual revenues with sales weighing-in at $23.3bn
Moves to take down cyber-squatted domains reveals Fancy Bear hacking network, claims Microsoft
Intel claims 'world first' in artificial intelligence that can be plugged-in almost anywhere