SIEMENS CERT
05/13/2025
INTRALOG WMS before V5 is affected by multiple vulnerabilities in the Microsoft .NET implementation as described below. Siemens has released a new version for INTRALOG WMS and recommends to update to the latest version. Please approach your INTRALOG WMS contact to resolve the reported vulnerabilities for your solution. When contacting …
SIEMENS CERT
05/13/2025
A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system. Siemens has released new versions for several affected products and recommends to …
SIEMENS CERT
05/13/2025
Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the …
SIEMENS CERT
05/13/2025
Polarion before V2410 contains multiple vulnerabilities that could allow attackers to extract data, conduct cross-site scripting attacks or find out valid usernames. Siemens strongly recommends to update Polarion to V2410 or later versions, not only to fix the documented vulnerabilities, but also to benefit from all the other improvements and …
SIEMENS CERT
05/13/2025
OZW672 and OZW772 Web Server versions contain vulnerabilities that could allow an attacker to execute arbitrary code on the device with root privileges (in versions before V8.0) or to authenticate as Administrator user (in versions before V6.0). Siemens has released new versions for the affected products and recommends to update …
SIEMENS CERT
05/13/2025
Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link. Siemens …
SIEMENS CERT
05/13/2025
Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures …
SIEMENS CERT
05/13/2025
Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures …