Bulletins

Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 …

A vulnerability was found in SIMATIC WinCC that could allow authenticated attackers to escape the Kiosk Mode. Siemens has released updates for the affected products and recommends to update to the latest versions.

Parasolid and Teamcenter Visualization are affected by memory corruption vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution or denial of …

SIMATIC PCS neo before V4.1 is affected by multiple vulnerabilities. Siemens has released a new version for SIMATIC PCS neo and recommends to update to the latest version.

The SCALANCE W700 devices are affected by Wi-Fi encryption bypass vulnerabilities (“Framing Frames”) that could allow an attacker to disclose sensitive information or to steal the victims session. CVE-2022-47522 is divided into 3 different scenarios which are described in the section “Additional Information”. Siemens recommends specific countermeasures for products where …

Siemens Tecnomatix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code …