SIEMENS CERT
01/10/2023
SCALANCE devices contain multiple vulnerabilities in MSPS based product lines that could allow authenticated remote attackers to execute custom code or create a XSS situation, as well as unauthenticated remote attackers to create a denial of service condition. Siemens has released updates for several affected products and recommends to update …
SIEMENS CERT
01/10/2023
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products …
SIEMENS CERT
01/10/2023
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest …
SIEMENS CERT
01/10/2023
JT Open Toolkit, JT Utilities and Solid Edge are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to …
SIEMENS CERT
01/10/2023
Solid Edge is affected by memory corruption vulnerability that could be triggered when the application read files in different file formats such as PAR, ASM, DFT. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code …
SIEMENS CERT
12/21/2022
A vulnerability in the third party component SISCO MMS-EASE could allow attackers to cause a denial of service condition with SIPROTEC 5 devices. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
12/13/2022
Several SCALANCE X switches contain a vulnerability that could allow an attacker to perform administrative actions if the victim is tricked into clicking on a website controlled by the attacker. The attack only works if the victim has an authenticated session on the administrative interface of the switch. Siemens has …
SIEMENS CERT
12/13/2022
A privilege management vulnerability in the APOGEE PXC and TALON TC series of products could allow low privilege authenticated attackers to gain high privilege access. Siemens has released updates for the affected products and recommends to update to the latest versions.