Experts discovered tens of flaws in Siemens SPPA-T3000 control systems that could be exploited to attack fossil and renewable power plants. Siemens said that it is not aware of attacks in the wild that exploited one of these flaws. Customers should implement a series of mitigations described in the customer information portal. Most of the vulnerabilities were reported by researchers at Kaspersky and Positive Technologies in October 2018 and December 2018, other issues were discovered by an expert from Turkish firm Biznet Biliim.”]
Source: https://securityaffairs.co/wordpress/95092/ics-scada/siemens-sppa-t3000-flaws.html