SIEMENS CERT
02/09/2021
A vulnerability in the affected products could allow an unauthorized attacker with network access to perform a denial-of-service attack resulting in loss of real-time synchronization. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures …
SIEMENS CERT
02/09/2021
The latest update for TIA Administrator, installed together with TIA Portal and PCS neo, fixes a privilege escalation vulnerability that could allow local users to escalate privileges and execute code as local SYSTEM user. Siemens has released an update for TIA Portal and recommends that customers update to the latest …
SIEMENS CERT
02/09/2021
The latest update for ROX II contains multiple fixes for IPsec related vulnerabilities in Libreswan and NSS. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
02/09/2021
Some versions of Mentor Nucleus ReadyStart and Nucleus NET use Initial Sequence Numbers for TCP- Sessions that are predictable. Siemens has released updates for the affected products and recommends to update to the latest version(s).
SIEMENS CERT
02/09/2021
There exists a directory traversal vulnerability which allows arbitrary file upload to an affected system. This type of vulnerability is also known as ‘Zip-Slip’. An authenticated attacker could exploit this vulnerability to gain arbitrary code execution by uploading a new or modifying an existing file to an affected system. Siemens …
SIEMENS CERT
02/09/2021
A vertical privilege escalation vulnerability exists in DIGSI 4. Siemens has released an update for DIGSI 4 and recommends to update to the latest version.
SIEMENS CERT
02/09/2021
Siemens has released version V13.1.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (PAR, BMP, TIFF, CGM, TGA, PCT, HPG, PLT, RAS, ASM, DGN, DXF, DWG). If a user is tricked to opening of a malicious …
SIEMENS CERT
02/09/2021
Siemens has released version V13.1.0 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (JT, XML, CG4, CGM, PDF, RGB, SGI, TGA, PAR, ASM, PCX). If a user is tricked to opening of a malicious file with …