SIEMENS CERT
10/08/2019
In non-default configurations several industrial products are affected by a vulnerability that could allow local Microsoft Windows operating system users to escalate their privileges. Siemens provides updates for several products and a temporary fix for the remaining affected products. Siemens is working on new versions for the remaining affected products …
SIEMENS CERT
10/08/2019
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device.. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
09/10/2019
A vulnerability has been identified in SINETPLAN that could allow local users to execute arbitrary application commands without proper authentication. Siemens provides a solution that fixes the vulnerability and recommends that users apply the update.
SIEMENS CERT
09/10/2019
The latest update for SIMATIC WinCC fixes multiple vulnerabilities. The most severe could allow an attacker to execute arbitrary commands on an affected system under certain conditions. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and …
SIEMENS CERT
09/10/2019
Security researchers published information on vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
SIEMENS CERT
09/10/2019
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing …
SIEMENS CERT
09/10/2019
A vulnerability could allow an attacker to cause a Denial-of-Service condition on the UDP communication by sending a specially crafted UDP packet to the SIMATIC TDC CP51M1 module. Siemens has released an update for SIMATIC TDC CP51M1 module and recommends that customers update to the new version.
SIEMENS CERT
09/10/2019
The latest update for SINEMA Remote Connect Server fixes four vulnearbilities in the web interface. Two of the vulnerabilities are missing protection mechanisms for password guessing and for Cross Site Request Forgery attacks, the third one is a missing authentication check, and the fourth one could allow an attacker with …