SIEMENS CERT
09/14/2021
SSA-936080 V1.2 (Last Update: 2021-09-14): Multiple Vulnerabilities in Third-Party Component libcurl
SIMATIC CM 1542-1, SCALANCE SC600 family and SIMATIC CP 343-1 Advanced devices are vulnerable to a vulnerability in the third party component libcurl that could allow an attacker to cause a Denial-of-Service condition on the affected devices. Siemens has released updates for several affected products and recommends to update to …
SIEMENS CERT
09/14/2021
Multiple SmartVNC vulnerabilities in the affected products listed below could allow remote code execution and Denial-of-Service attacks under certain conditions. Siemens has released updates for the affected products and recommends to update to the latest version.
SIEMENS CERT
09/14/2021
Devices of the LOGO! CMR family and the SIMATIC RTU 3000 family are affected by several vulnerabilities in the third party component Mbed TLS. They could allow an attacker with access to any of the interfaces of an affected device to impact the availability or to communicate with invalid certificates. …
SIEMENS CERT
09/14/2021
The latest update for Industrial Edge fixes a vulnerability that could allow an unauthenticated attacker to change the password of any user in the system. With this an attacker could impersonate any valid user on an affected system. Siemens has released updates for the affected products and recommends to update …
SIEMENS CERT
08/19/2021
The latest update for SINEMA Remote Connect Client fixes a vulnerability that could allow a local attacker to escalate privileges or even allow remote code execution under certain circumstances. Siemens has released a firmware update for SINEMA Remote Connect Client and proposes mitigations if an update is not possible.
SIEMENS CERT
08/10/2021
A vulnerability in S7-300 might allow an attacker to cause a Denial-of-Service condition on port 102 of the affected devices by sending specially crafted packets. Siemens is preparing updates and recommends specific countermeasures until fixes are available.
SIEMENS CERT
08/10/2021
A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system. Siemens has released an update for the Automation License Manager 6 and …
SIEMENS CERT
08/10/2021
Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 …