SIEMENS CERT
02/08/2022
Vulnerabilities in the third-party component strongSwan could allow an attacker to cause a denial of service (DoS) condition in affected devices by exploiting integer overflow bugs. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific …
SIEMENS CERT
02/08/2022
Siemens has released updates for Solid Edge and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as PDF, DXF or PAR) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary …
SIEMENS CERT
02/08/2022
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to …
SIEMENS CERT
02/08/2022
SICAM TOOLBOX II contains a vulnerability that could allow an attacker access through a circumventable access control. Siemens is preparing updates and recommends countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
02/08/2022
A Cross-Site Scripting (XSS) vulnerability is found in the integrated web application “Online Help” of Spectrum Power 4. Siemens has released an update for the Spectrum Power 4 and recommends to update to the latest version.
SIEMENS CERT
02/08/2022
Affected SIMATIC firmware contains three vulnerabilities that could allow an unauthenticated attacker to perform a denial-of-service attack under certain conditions. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
02/08/2022
Multiple vulnerabilities were identified in the web components of COMOS that could allow an attacker to conduct code injections, store data in undesired locations, execute arbitrary SQL statements, and run cross-site request forgery attacks. Siemens has released updates for several affected products and recommends to update to the latest versions. …
SIEMENS CERT
02/08/2022
Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a denial of service attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further updates …