SIEMENS CERT
10/14/2025
SIMATIC S7-1200 CPU V1/V2 controllers contain two vulnerabilities that could allow an unauthenticated remote attacker to trigger functions by record and playback of legitimate network communication, or to place the controller in stop/defect state by causing a communications error. Siemens has released new versions for the affected products and recommends …
SIEMENS CERT
10/14/2025
Siemens User Management Component (UMC) is affected by three vulnerabilities which could allow an unauthenticated remote attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific …
SIEMENS CERT
10/14/2025
The latest update for RUGGEDCOM ROS devices fixes a buffer overflow vulnerability in the third party component that could allow an attacker with network access to an affected device to cause a remote code execution condition. Siemens has released updates for the affected products and recommends to update to the …
SIEMENS CERT
10/14/2025
SiPass integrated before V3.0 contains multiple vulnerabilities that could allow an unauthenticated remote attacker to exploit user accounts, manipulate data, impersonate users, or achieve arbitrary code execution on the SiPass integrated server. Siemens has released a new version for SiPass integrated and recommends to update to the latest version.
SIEMENS CERT
10/14/2025
Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
10/14/2025
Affected products do not properly restrict access permissions to a local Windows Named Pipe and do not properly sanitize user-controllable input sent to that Named Pipe. This could allow a local authenticated attacker to cause a type confusion and execute arbitrary code within the affected application and its privileges. Siemens …
SIEMENS CERT
10/14/2025
SiPass integrated ACC (Advanced Central Controller) devices do not properly check the integrity of firmware updates. This could allow an attacker to upload a maliciously modified firmware onto the device. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
10/14/2025
Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the …