Bulletins

SIEMENS CERT
03/10/2026

SSB-751527 V1.0: Misconfiguration in Mendix Applications

SIEMENS CERT
03/10/2026

SSA-082556 V1.4 (Last Update: 2026-03-10): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
03/10/2026

SSA-485750 V1.0: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800

SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version.
SIEMENS CERT
03/10/2026

SSA-975644 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.
SIEMENS CERT
03/10/2026

SSA-903736 V1.0: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7

The SICAM SIAPP SDK contains multiple vulnerabilities that could allow an attacker to disrupt the customer-developed SIAPP or its simulation environment. Potential impacts include denial of service within the SIAPP, corruption of SIAPP data, or exploit the simulation environment. These vulnerabilities are only exploitable if the API is used improperly …
SIEMENS CERT
03/10/2026

SSA-027652 V1.1 (Last Update: 2026-03-10): Privilege Escalation Vulnerability in SINAMICS Drives

Siemens SINAMICS G220, SINAMICS S210, and SINAMICS S200 contains a privilege escalation vulnerability that could allow users to escalate their privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
03/10/2026

SSA-710408 V1.1 (Last Update: 2026-03-10): Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit

Multiple Siemens products are affected by improper certificate validation in Siemens Advanced Licensing (SALT) Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for …
SIEMENS CERT
03/10/2026

SSA-282044 V1.7 (Last Update: 2026-03-10): DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery

The installers used to install several Siemens products are affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected installer component. This vulnerability poses a risk only during setup and installation phase of the …