SIEMENS CERT
01/10/2023
Affected SIMATIC firmware contains multiple vulnerabilities that could allow an unauthenticated attacker to perform a denial-of-service attack under certain conditions. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates are not, …
SIEMENS CERT
01/10/2023
SIMATIC S7 CPU families are affected by a vulnerability that could allow remote attackers to perform a denial of service attack by sending a specially crafted HTTP request to the web server of an affected device. Siemens has released updates for several affected products and recommends to update to the …
SIEMENS CERT
01/10/2023
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further …
SIEMENS CERT
01/10/2023
Siemens has released a new version for Automation License Manager that fixes multiple vulnerabilities which, when combined, could allow an attacker to modify and rename license files, extract licenses and overwrite arbitrary files on the target system potentially leading to privilege escalation and remote code execution. Siemens has released an …
SIEMENS CERT
01/10/2023
The web server login page of affected products does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.. Siemens has released updates for several affected products and recommends to update to the latest versions. …
SIEMENS CERT
01/10/2023
Solid Edge is affected by memory corruption vulnerability that could be triggered when the application read files in different file formats such as PAR, ASM, DFT. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code …
SIEMENS CERT
01/10/2023
JT Open Toolkit, JT Utilities and Solid Edge are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to …
SIEMENS CERT
01/10/2023
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest …