• 1
  • 2
  • 3 (current)
  • 4
Dienstag, 12.08.2025
02:00
SIEMENS CERT
SSA-331739 V1.0: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products
Titel
SSA-331739 V1.0: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-331739.html
Text
WIBU Systems published information about a privilege escalation vulnerability under a certain circumstances and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products. Siemens has released new versions for affected products and recommends to update to the latest versions. Siemens ...
02:00
SIEMENS CERT
SSA-282044 V1.0: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery
Titel
SSA-282044 V1.0: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-282044.html
Text
The installers used to install several Siemens products are affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected installer component. This vulnerability poses a risk only during setup and installation phase of the ...
02:00
SIEMENS CERT
SSA-265688 V1.8 (Last Update: 2025-08-12): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP ...
Titel
SSA-265688 V1.8 (Last Update: 2025-08-12): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
Text
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
02:00
SIEMENS CERT
SSA-256353 V1.6 (Last Update: 2025-08-12): Third-Party Component Vulnerabilities in RUGGEDCOM ROS
Titel
SSA-256353 V1.6 (Last Update: 2025-08-12): Third-Party Component Vulnerabilities in RUGGEDCOM ROS
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-256353.html
Text
Multiple vulnerabilities affect various third-party components of the RUGGEDCOM Operating System (ROS). If exploited, an attacker could cause a denial-of-service, act as a man-in-the-middle or retrieval of sensitive information or gain privileged functions. Siemens has released new versions for several affected products and recommends to update to the latest versions. ...
02:00
SIEMENS CERT
SSA-769791 V1.0: Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6
Titel
SSA-769791 V1.0: Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-769791.html
Text
COMOS before V10.6 is affected by a local arbitrary code execution vulnerability in the integrated Open Design Alliance Drawings SDK. Siemens has released a new version for COMOS and recommends to update to the latest version.
02:00
SIEMENS CERT
SSA-770770 V1.6 (Last Update: 2025-08-12): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices
Titel
SSA-770770 V1.6 (Last Update: 2025-08-12): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-770770.html
Text
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.
02:00
SIEMENS CERT
SSA-186293 V1.0: XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER
Titel
SSA-186293 V1.0: XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-186293.html
Text
SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER are affected by an XXE injection vulnerability that could allow an attacker to access arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends ...
02:00
SIEMENS CERT
SSA-177847 V1.0: Improper VNC Password Check Vulnerability in SINUMERIK Controllers
Titel
SSA-177847 V1.0: Improper VNC Password Check Vulnerability in SINUMERIK Controllers
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-177847.html
Text
Siemens SINUMERIK Controllers are affected by an improper VNC password check vulnerability. Siemens has released new versions for the affected products and recommends to update to the latest versions.
02:00
SIEMENS CERT
SSA-170375 V1.1 (Last Update: 2025-08-12): Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9
Titel
SSA-170375 V1.1 (Last Update: 2025-08-12): Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-170375.html
Text
Multiple vulnerabilities affect the RUGGEDCOM Operating System (ROS). The common denominator to all vulnerabilities is the leak of confidential information. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet ...
02:00
SIEMENS CERT
SSA-097435 V1.9 (Last Update: 2025-08-12): Usernames Disclosure Vulnerability in Mendix Runtime
Titel
SSA-097435 V1.9 (Last Update: 2025-08-12): Usernames Disclosure Vulnerability in Mendix Runtime
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-097435.html
Text
Mendix Runtime contains an observable response discrepancy vulnerability when validating usernames during authentication. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames. Siemens has released new versions for the affected products and recommends to update to the latest versions.
02:00
SIEMENS CERT
SSA-094954 V1.0: Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II
Titel
SSA-094954 V1.0: Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-094954.html
Text
RUGGEDCOM ROX II devices do not properly limit access through their Built-In-Self-Test (BIST) mode. This could allow a local attacker to bypass authentication and access a root shell on the device. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
02:00
SIEMENS CERT
SSA-082556 V1.1 (Last Update: 2025-08-12): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...
Titel
SSA-082556 V1.1 (Last Update: 2025-08-12): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Text
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
02:00
SIEMENS CERT
SSA-028723 V1.0: Multiple OpenSSL Vulnerabilities in BFCClient Before V2.17
Titel
SSA-028723 V1.0: Multiple OpenSSL Vulnerabilities in BFCClient Before V2.17
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-028723.html
Text
Siemens BFCClient contains multiple vulnerabilities in the integrated OpenSSL component that could allow an attacker to read memory contents, to change the application behaviour or to create a denial of service condition. Siemens has released a new version for BFCClient and recommends to update to the latest version.
02:00
SIEMENS CERT
SSA-894058 V1.0: Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5
Titel
SSA-894058 V1.0: Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-894058.html
Text
Affected SIPROTEC 5 devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to ...
02:00
SIEMENS CERT
SSA-687955 V1.1 (Last Update: 2025-08-12): Accessible Development Shell via Physical Interface in SIPROTEC 5
Titel
SSA-687955 V1.1 (Last Update: 2025-08-12): Accessible Development Shell via Physical Interface in SIPROTEC 5
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-687955.html
Text
Affected SIPROTEC 5 devices contain a development shell which is accessible via a physical interface which is not properly restricted. This could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device. Siemens has released new versions for several affected products and ...
02:00
SIEMENS CERT
SSA-674084 V1.0: File Parsing Vulnerabilities in Simcenter Femap Before V2506
Titel
SSA-674084 V1.0: File Parsing Vulnerabilities in Simcenter Femap Before V2506
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-674084.html
Text
Simcenter Femap contains a file parsing vulnerability that could be triggered when the application reads files in STP or BMP file format. If a user is tricked to open a malicious file with the affected application, this could lead the application to crash or potentially lead to arbitrary code execution. ...
02:00
SIEMENS CERT
SSA-665108 V1.0: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II
Titel
SSA-665108 V1.0: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-665108.html
Text
RUGGEDCOM ROX II devices does not properly enforce limitations on type and size of files that can be uploaded through their web interface. This could allow an attacker with a legitimate, highly privileged account on the web interface to upload arbitrary files onto the filesystem of the devices. Siemens is ...
02:00
SIEMENS CERT
SSA-613116 V1.0: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1
Titel
SSA-613116 V1.0: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-613116.html
Text
SINEC OS before V3.1 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.
02:00
SIEMENS CERT
SSA-864900 V1.2 (Last Update: 2025-08-12): Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices
Titel
SSA-864900 V1.2 (Last Update: 2025-08-12): Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-864900.html
Text
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
02:00
SIEMENS CERT
SSA-767615 V1.4 (Last Update: 2025-08-12): Information Disclosure Vulnerability in SIPROTEC 5 Devices
Titel
SSA-767615 V1.4 (Last Update: 2025-08-12): Information Disclosure Vulnerability in SIPROTEC 5 Devices
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-767615.html
Text
An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for the affected products and recommends to update to the latest versions.
02:00
SIEMENS CERT
SSA-908185 V1.2 (Last Update: 2025-08-12): Mirror Port Isolation Vulnerability in RUGGEDCOM ROS Devices
Titel
SSA-908185 V1.2 (Last Update: 2025-08-12): Mirror Port Isolation Vulnerability in RUGGEDCOM ROS Devices
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-908185.html
Text
A vulnerability was identified in RUGGEDCOM ROS devices with mirror port enabled, that could allow an attacker to inject information into the network via the mirror port. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products ...
02:00
SIEMENS CERT
SSA-914892 V1.1 (Last Update: 2025-08-12): Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime
Titel
SSA-914892 V1.1 (Last Update: 2025-08-12): Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-914892.html
Text
The basic authentication mechanism of Mendix Runtime contains a race condition vulnerability which could allow unauthenticated remote attackers to circumvent default account lockout measures. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are ...
02:00
SIEMENS CERT
SSA-978177 V1.0: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices
Titel
SSA-978177 V1.0: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-978177.html
Text
Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
02:00
SIEMENS CERT
SSA-994087 V1.0: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7
Titel
SSA-994087 V1.0: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-994087.html
Text
RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller (SAC) and recommends to update to the ...
02:00
SIEMENS CERT
SSA-707630 V1.0: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager Before V3.3
Titel
SSA-707630 V1.0: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager Before V3.3
Veröffentlicht
12. August 2025 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-707630.html
Text
Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.
  • 1
  • 2
  • 3 (current)
  • 4

Letzte Updates

BOSCH PSIRT
14.08.2025
SIEMENS CERT
26.08.2025
US CERT
25.08.2025
US CERT (ICS)
28.08.2025

Nach Quelle

Archiv

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds