SIEMENS CERT
05/11/2021
Security researchers discovered and disclosed 33 vulnerabilities in several open-source TCP/IP stacks for embedded devices, also known as “AMNESIA:33” vulnerabilities. This advisory describes the impact of two of these vulnerabilities (CVE-2020-13987, CVE-2020-17437) to Siemens products. Siemens has released updates for several affected products and recommends to update to the latest …
SIEMENS CERT
05/11/2021
A vulnerability in SIMATIC CP343-1 devices could allow an attacker to cause a Denial-of-Service condition on TCP port 102 of the affected devices by sending specially crafted packets. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
05/11/2021
A denial-of-service vulnerability in WinCC Runtime could allow an unauthenticated attacker with network access to cause a denial-of-service condition in the SNMP service by sending crafted SNMP packets to port 161/udp. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
05/11/2021
Multiple SmartVNC vulnerabilities in the affected products listed below could allow remote code execution and Denial-of-Service attacks under certain conditions. Siemens has released updates for the affected products and recommends to update to the latest version.
SIEMENS CERT
05/11/2021
SSA-478893 V1.1 (Last Update: 2021-05-11): TightVNC Vulnerabilities in Industrial Products (Revoked)
Multiple TightVNC (V1.x) vulnerabilities could allow remote code execution and Denial-of-Service attacks under certain conditions. Siemens has previously released this advisory containing a set of products that were considered to be affected. Through Siemens’ continuous investigation processes it was identified that all products previously advised are not affected by any …
SIEMENS CERT
04/14/2021
The latest updates for Mendix fix a vulnerability in Mendix Applications that could allow malicious authorized users to escalate their privileges. Mendix has released an update for Mendix and recommends to update to the latest version.
SIEMENS CERT
04/13/2021
Multiple SIMATIC Software products are affected by two vulnerabilities that could allow an attacker to manipulate project files that may lead to Remote Code Execution or Denial-of-Service attacks. Siemens has released updates to some of the affected products and recommends that customers update to the latest version. Siemens is preparing …
SIEMENS CERT
04/13/2021
Security researchers discovered and disclosed seven vulnerabilities in the open-source DNS component “dnsmasq”, also known as “DNSpooq” vulnerabilities (CVE-2020-25681 through CVE-2020-25687). Three vulnerabilities (CVE-2020-25684 through CVE-2020-25686) affect the validation of DNS responses and impact several SCALANCE and RUGGEDCOM devices as listed below. Siemens has released updates for several affected products …