SIEMENS CERT
12/12/2023
Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot …
SIEMENS CERT
12/12/2023
A vulnerability has been identified in the SIMATIC S7-1500 CPU family and related products that could allow an attacker to cause a denial of service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp. Siemens has released updates for several …
SIEMENS CERT
12/12/2023
The boot loader within RUGGEDCOM ROS contains two vulnerabilities in the loading process of the operating system kernel. The more severe of these vulnerabilities could allow an attacker with local access to the device to execute arbitrary code on an affected device. Siemens recommends specific countermeasures to mitigate this issue.
SIEMENS CERT
12/12/2023
A vulnerability in the affected products could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial-of-service attack. Siemens has released a new version for SINAMICS S210 (6SL5…) and recommends to update to the latest version. Siemens is preparing further fix versions …
SIEMENS CERT
12/12/2023
SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family before V4.5 is affected by multiple vulnerabilities. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
12/12/2023
The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. Siemens has released updates for several affected products and recommends …
SIEMENS CERT
12/12/2023
A Denial-of-Service vulnerability has been identified in LOGO! 8 BM. This vulnerability could allow an attacker to crash a device, if a user is tricked into loading a malicious project file onto an affected device. The vulnerability is related to the hardware of the product. Siemens has released new hardware …
SIEMENS CERT
12/12/2023
Several SIMATIC products are affected by a type confusion vulnerability relating to OpenSSL X.400 address processing (CVE-2023-0286), as disclosed disclosed on 2023-02-07 at https://www.openssl.org/news/secadv/20230207.txt. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for …