Bulletins

SIEMENS CERT
09/16/2025

SSB-065467 V1.0: Weak Authentication Vulnerability in Trainguard End-of-Train and Head-of-Train

SIEMENS CERT
09/09/2025

SSA-027652 V1.0: Privilege Escalation Vulnerability in SINAMICS Drives

Siemens SINAMICS G220, SINAMICS S210, and SINAMICS S200 contains a privilege escalation vulnerability that could allow users to escalate their privileges. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where …
SIEMENS CERT
09/09/2025

SSA-331739 V1.1 (Last Update: 2025-09-09): Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products

WIBU Systems published information about a privilege escalation vulnerability under a certain circumstances and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products. Siemens has released new versions for affected products and recommends to update to the latest versions. Siemens …
SIEMENS CERT
09/09/2025

SSA-282044 V1.1 (Last Update: 2025-09-09): DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery

The installers used to install several Siemens products are affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected installer component. This vulnerability poses a risk only during setup and installation phase of the …
SIEMENS CERT
09/09/2025

SSA-494539 V1.0: Multiple Vulnerabilities in SINEC OS

SINEC OS is affected by multiple vulnerabilities due to open UDP ports, which could allow an attacker to access non-sensitive information without authentication or potentially cause temporary denial of service. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
09/09/2025

SSA-503939 V1.2 (Last Update: 2025-09-09): Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP

Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
09/09/2025

SSA-366067 V1.6 (Last Update: 2025-09-09): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or …
SIEMENS CERT
09/09/2025

SSA-265688 V1.9 (Last Update: 2025-09-09): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.