SIEMENS CERT
11/11/2025
The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
11/11/2025
The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. Siemens has released new versions for several affected products and …
SIEMENS CERT
11/11/2025
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
Solid Edge is affected by improper certificate validation while connecting to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released a new version for Solid Edge SE2025 and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device. Siemens has released new versions for the affected products and recommends to update to the …
SIEMENS CERT
11/11/2025
Altair Grid Engine contain multiple vulnerabilities that could allow an attacker to escalate privileges and execute arbitrary code with superuser permissions. Siemens has released a new version for Altair Grid Engine and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
Affected SIPROTEC 5 devices do not properly limit the access of the web server to the filesystem. This could allow an authenticated remote attacker to read arbitrary files or the entire filesystem of the device. Siemens has released new versions for the affected products and recommends to update to the …
SIEMENS CERT
11/11/2025
LOGO! 8 BM (incl. SIPLUS variants) contains multiple vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state, or change the behavior of the device. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or …