SIEMENS CERT
09/14/2021
Multiple vulnerabilities in RUGGEDCOM ROX devices have been detected, ranging from command injection to filesystem traversal. An attacker could exploit these to gain root access to the affected devices. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
09/14/2021
Siemens Simcenter STAR-CCM+ Viewer is affected by a vulnerability that could be triggered when the application reads scene (.sce) files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction …
SIEMENS CERT
09/14/2021
Multiple vulnerabilities in SINEMA Remote Connect Server could allow an unauthorized remote attacker to retrieve or manipulate sensitive information from the affected software. In addition, the attacker could also cause a Denial-of-Service condition in devices controlled by the affected software. Siemens has released an update for the SINEMA Remote Connect …
SIEMENS CERT
09/14/2021
The products listed below contain a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released an update …
SIEMENS CERT
09/14/2021
A vulnerability in several SCALANCE X devices could allow an unauthenticated attacker with network access to an affected device to perform a denial-of-service. Siemens has released an update for SCALANCE X-200IRT and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or …
SIEMENS CERT
09/14/2021
Siemens Simcenter Femap is affected by a vulnerability that could be triggered when the application reads modfem files. If a user is tricked to open a malicious file with the affected application, an attacker could leverage this vulnerability to leak information in the context of the current process. Siemens recommends …
SIEMENS CERT
09/14/2021
Teamcenter is affected by three vulnerabilities namely incorrect privilege assignment, Insecure Direct Object Reference (IDOR) and XML External Entity Injection (XXE). Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
09/14/2021
A buffer overflow vulnerability in the integrated web server of multiple APOGEE and TALON automation devices could allow a remote attacker to execute arbitrary code on the devices with root privileges. Affected devices include the APOGEE MBC/MEC/PXC P2 Ethernet devices with Power Open Processors (PPC), APOGEE PXC BACnet devices, and …