Bulletins

Security researchers published information on vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.

The latest update for SIMATIC WinCC fixes multiple vulnerabilities. The most severe could allow an attacker to execute arbitrary commands on an affected system under certain conditions. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and …

A vulnerability has been identified in the OPC UA server of several industrial products. The vulnerability could cause a Denial-of-Service condition on the service or the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and …

A vulnerability in the affected devices could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial-of-service attack. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and recommends …

A vulnerability was identified in several SCALANCE X switches that could allow an attacker to feed information into a network via the mirror port with the monitor barrier feature enabled. The monitor barrier implementation in various SCALANCE products does allow traffic to be directed back into the mirroring network. This …

The latest update for the Siveillance VMS line fixes three security vulnerabilities that can cause remote privilege escalation. Siemens has released updates for the affected products and recommends to update affected devices as soon as possible.