SIEMENS CERT
04/14/2026
SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER are affected by an XXE injection vulnerability that could allow an attacker to access arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes …
SIEMENS CERT
04/14/2026
Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent authentication and to access connected Industrial Edge Devices through the remote connection feature. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
04/14/2026
The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released new versions for several affected products and recommends to update to the latest versions. …
SIEMENS CERT
04/14/2026
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released new versions for several affected products and recommends to update to the …
SIEMENS CERT
04/14/2026
SCALANCE devices contain multiple vulnerabilities in MSPS based product lines that could allow authenticated remote attackers to execute custom code or create a XSS situation, as well as unauthenticated remote attackers to create a denial of service condition. Siemens has released updates for several affected products and recommends to update …
SIEMENS CERT
04/14/2026
The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further …
SIEMENS CERT
04/14/2026
The RADIUS client implementation of the VxWorks platform in SIPROTEC 5 devices contains a denial of service vulnerability that could be triggered when a specially crafted packet is sent by a RADIUS server. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
04/14/2026
Siemens SINEC NMS when used with User Management Component (UMC) contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application. Siemens has released a new version for SINEC NMS and recommends …