SIEMENS CERT
07/12/2022
A vulnerability has been identified in the OPC Foundation Local Discovery Server (LDS) [0] of several industrial products. The vulnerability could cause a denial of service condition on the service or the device. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens …
SIEMENS CERT
07/12/2022
Several SCALANCE X switches contain multiple vulnerabilities. An unauthenticated attacker could reboot, cause denial-of-service conditions and potentially impact the system by other means through heap and buffer overflow vulnerabilities. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates …
SIEMENS CERT
07/12/2022
Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 …
SIEMENS CERT
07/12/2022
Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
07/12/2022
Vulnerability in the underlying third party component OPC UA ANSIC Stack (also called Legacy C-Stack) affects several industrial products. The vulnerability could cause a crash of the component that includes the vulnerable part of the stack. Siemens has released updates for several affected products and recommends to update to the …
SIEMENS CERT
07/12/2022
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to …
SIEMENS CERT
07/12/2022
Simcenter Femap and Parasolid are affected by an out of bounds read vulnerability that could be triggered when the application reads files in NEU format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution …
SIEMENS CERT
07/12/2022
An improper access control vulnerability in Mendix applications was discovered. In case of access to an active user session, the vulnerability could allow to change that user’s password bypassing password validations within a Mendix application. Siemens has released updates for the affected products and recommends to update to the latest …