SIEMENS CERT
07/12/2022
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest …
SIEMENS CERT
07/12/2022
In conjunction with the installation of the affected products listed in the table below, a vulnerability in TIA Administrator occurs that could allow an unauthenticated attacker to perform a denial of service attack. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
07/12/2022
Intel has published information on vulnerabilities in Intel products in November 2020. This advisory lists the Siemens IPC related products, that are affected by these vulnerabilities. In this advisory we take a representative CVE from each advisory: “Intel CSME, SPS, TXE, AMT and DAL Advisory” Intel-SA-00391 is represented by CVE-2020-8745 …
SIEMENS CERT
07/12/2022
The latest update of Mendix Excel Importer module fixes an XML Entity Expansion Injection vulnerability. Mendix has released an update for the Mendix Excel Importer module and recommends to update to the latest version.
SIEMENS CERT
07/12/2022
RUGGEDCOM ROX devices are affected by a command injection vulnerability that could allow an attacker with administrative privileges to gain root access. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
07/12/2022
SIMATIC eaSie PCS 7 Skill Package contains multiple vulnerabilities that could allow an attacker to send arbitrary messages to the underlying message passing framework of the affected system or crash the attached application. Siemens has released an update for the SIMATIC eaSie Core Package and recommends to update to the …
SIEMENS CERT
07/12/2022
A vulnerability was identified in several SCALANCE X switches that could allow an attacker to feed information into a network via the mirror port with the monitor barrier feature enabled. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
07/12/2022
The below referenced devices contain multiple vulnerabilities that could be exploited when the SINEMA Remote Connect Server (SRCS) VPN feature is used. The feature is not activated by default. The most severe could allow an attacker to execute arbitrary code with elevated privileges under certain circumstances. Siemens has released an …