SIEMENS CERT
07/11/2023
A vulnerability was found in SIMATIC WinCC that could allow authenticated attackers to escape the Kiosk Mode. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
07/11/2023
SIMATIC CN 4100 is vulnerable to improper access control and insecure default configurations that could allow an attacker to gain privilege escalation, and bypass network isolation. Siemens has released an update for SIMATIC CN 4100 and recommends to update to the latest version.
SIEMENS CERT
07/11/2023
Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
07/11/2023
Devices based on RUGGEDCOM ROX before V2.16 contain multiple high severity vulnerabilities, including the third-party vulnerabilities: CVE-2022-24903, CVE-2022-2068, CVE-2021-22946, CVE-2022-22576, CVE-2022-27781, CVE-2022-27782, CVE-2022-32207, CVE-2022-1292. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
07/11/2023
SIMATIC STEP 7 and PCS 7 contain a database management system that could allow remote users to use embedded functions of the database (local or in a network share) that have impact on the server. An attacker with network access to the server network could leverage these embedded functions to …
SIEMENS CERT
07/11/2023
SSA-930100 V1.1 (Last Update: 2023-07-11): Privilege Escalation Vulnerability in Simcenter STAR-CCM+
Simcenter STAR-CCM+ contains a privilege escalation vulnerability which could allow a local attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges. Siemens has released an update for Simcenter STAR-CCM+ and recommends to update to the latest version.
SIEMENS CERT
07/11/2023
SiPass integrated versions before V2.90.3.8 contain a stack overflow vulnerability that could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition. Siemens has released an update for SiPass integrated and recommends to update to the latest version.
SIEMENS CERT
07/11/2023
Multiple vulnerabilities have been identified in the Linux Kernel of the SIMATIC S7-1500 TM MFP V1.0. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.