SIEMENS CERT
02/17/2022
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to …
SIEMENS CERT
02/08/2022
A vulnerability has been identified in the OPC UA server of several industrial products. The vulnerability could cause a denial of service condition on the service or the device. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates …
SIEMENS CERT
02/08/2022
All versions of the SIMATIC CP 443-1 OPC UA contain multiple vulnerabilities in the underlying third party component NTP. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
02/08/2022
The products listed below contain a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released an update …
SIEMENS CERT
02/08/2022
A vulnerability in several SCALANCE X devices could allow an unauthenticated attacker with network access to an affected device to perform a denial-of-service. Siemens has released an update for SCALANCE X-200IRT and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or …
SIEMENS CERT
02/08/2022
SSA-914168 V1.0: Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products
Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow attackers to retrieve and brute force password hashes and access other systems. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products …
SIEMENS CERT
02/08/2022
An open redirect vulnerability in SINEMA Remote Connect Server could allow an attacker to steal logon credentials with a specially crafted malicious link. Siemens has released software update for the SINEMA Remote Connect Server and recommends to update to the latest version.
SIEMENS CERT
02/08/2022
Siemens Simcenter Femap is affected by multiple vulnerabilities that could be triggered when the application reads files in .NEU format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform remote code execution in …