SIEMENS CERT
04/14/2026
The RADIUS client implementation of the VxWorks platform in SIPROTEC 5 devices contains a denial of service vulnerability that could be triggered when a specially crafted packet is sent by a RADIUS server. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
04/14/2026
RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) and recommends to update to the latest version.
SIEMENS CERT
04/14/2026
Siemens SINEC NMS when used with User Management Component (UMC) contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application. Siemens has released a new version for SINEC NMS and recommends …
SIEMENS CERT
04/14/2026
Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
04/14/2026
Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
04/14/2026
Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published. Successful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation. The …
SIEMENS CERT
04/14/2026
The products listed below do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates …
SIEMENS CERT
04/14/2026
The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released new versions for several affected products and recommends to update to the latest versions. …