SIEMENS CERT
07/08/2025
SENTRON Powermanager and Desigo CC devices are not affected by a remote code execution vulnerability in Apache Tomcat that can be triggered via a partial PUT request due to a path equivalence issue. It could allow a remote attacker to execute arbitrary code, disclose sensitive information, or inject malicious content.
SIEMENS CERT
07/08/2025
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released new versions for …
SIEMENS CERT
07/08/2025
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
SIEMENS CERT
07/08/2025
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.
SIEMENS CERT
07/08/2025
SIMATIC CP and TIM devices contain an authentication bypass vulnerability that could allow unauthenticated users to perform administrative operations under certain conditions. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not …
SIEMENS CERT
07/08/2025
An OpenSSH vulnerability, known as regreSSHion, affects multiple Siemens industrial products. This security regression vulnerability consists in a race condition which may allow an unauthenticated remote attacker to achieve remote code execution with high impact on the affected system. Siemens has released new versions for several affected products and recommends …
SIEMENS CERT
07/08/2025
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The integrated ICMP services in the underlying TCP/IP stack is vulnerable to a denial of service attack through specially crafted ICMP packets. A successful attack will impact the availability …
SIEMENS CERT
07/08/2025
Multiple vulnerabilities affect the RUGGEDCOM Operating System (ROS). Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.