May 2025
Title
SSA-668154 V1.0: Denial of Service Vulnerability in MS/TP Point Pickup Module
Published
May 13, 2025, 2 a.m.
Summary
MS/TP Point Pickup Module devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device’s normal operation. Siemens recommends countermeasures for products where ...
Title
SSA-928984 V1.2 (Last Update: 2025-05-13): Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)
Published
May 13, 2025, 2 a.m.
Summary
Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures ...
Title
SSA-614723 V1.0: Denial of Service Vulnerabilities in User Management Component (UMC)
Published
May 13, 2025, 2 a.m.
Summary
Siemens User Management Component (UMC) is affected by three vulnerabilities which could allow an unauthenticated remote attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific ...
Title
SSA-726617 V1.0: Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module
Published
May 13, 2025, 2 a.m.
Summary
The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released a new version for Mendix OIDC SSO and recommends to update to the latest ...
Title
SSA-718393 V1.0: Partial Denial of Service Vulnerability in APOGEE PXC and TALON TC Series (BACnet) Devices
Published
May 13, 2025, 2 a.m.
Summary
APOGEE PXC and TALON TC Series (BACnet) Devices devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the ...
Title
SSA-673996 V1.2 (Last Update: 2025-05-13): Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products
Published
May 13, 2025, 2 a.m.
Summary
Multiple SICAM products are affected by buffer overflow vulnerability in the IEC 61850 Client libraries from Triangle MicroWorks that could allow an unauthenticated remote attacker to create a denial of service condition by sending specially crafted MMS messages. Affected SICAM and SITIPE products: SICAM A8000 Device firmware ET85 for CP-8000/CP-8021/CP-8022 ...
Title
SSA-794185 V1.0: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products
Published
May 13, 2025, 2 a.m.
Summary
This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SIPROTEC, SICAM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., a SICAM device) and a RADIUS server, to forge Access-Request packets in ...
Title
SSA-864900 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices
Published
May 13, 2025, 2 a.m.
Summary
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
Title
SSA-373591 V1.1 (Last Update: 2025-05-13): Buffer Overflow Vulnerability in RUGGEDCOM ROS Devices
Published
May 13, 2025, 2 a.m.
Summary
The latest update for RUGGEDCOM ROS devices fixes a buffer overflow vulnerability in the third party component that could allow an attacker with network access to an affected device to cause a remote code execution condition. Siemens has released updates for the affected products and recommends to update to the ...
Title
SSA-366067 V1.3 (Last Update: 2025-05-13): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices
Published
May 13, 2025, 2 a.m.
Summary
Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or ...
Title
SSA-901508 V1.0: Multiple Vulnerabilities in INTRALOG WMS Before V5
Published
May 13, 2025, 2 a.m.
Summary
INTRALOG WMS before V5 is affected by multiple vulnerabilities in the Microsoft .NET implementation as described below. Siemens has released a new version for INTRALOG WMS and recommends to update to the latest version. Please approach your INTRALOG WMS contact to resolve the reported vulnerabilities for your solution. When contacting ...
Title
Russian GRU Targeting Western Logistics Entities and Technology Companies
Published
May 12, 2025, 6:49 p.m.
Summary
Executive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting ...
Title
Mitsubishi Electric CC-Link IE TSN
Published
May 8, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY Vulnerability: Improper ...
Title
BrightSign Players
Published
May 6, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: BrightSign Equipment: Brightsign Players Vulnerabilities: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation on the device, easily guessed passwords, or for arbitrary code to be executed on ...
Title
Optigo Networks ONS NC600
Published
May 6, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Optigo Networks Equipment: ONS NC600 Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to establish an authenticated connection with the hard-coded credentials and perform OS command executions. ...
Title
Milesight UG65-868M-EA
Published
May 6, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Milesight Equipment: UG65-868M-EA Vulnerability: Improper Access Control for Volatile Memory Containing Boot Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow any user with admin privileges to inject arbitrary shell commands. 3. TECHNICAL DETAILS ...
Title
KUNBUS GmbH Revolution Pi
Published
May 1, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: KUNBUS Equipment: Revolution Pi Vulnerabilities: Missing Authentication for Critical Function, Authentication Bypass by Primary Weakness, Improper Neutralization of Server-Side Includes (SSI) Within a Web Page 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers ...
April 2025
Title
Multiple ctrlX OS vulnerabilities
Published
April 25, 2025, 2 a.m.
Summary

BOSCH-SA-640452: The base ctrlX OS apps Device Admin and Solutions contain multiple vulnerabilities. In a worst case scenario, a remote authenticated (low-privileged) attacker might be able to execute arbitrary OS commands running with higher privileges. The vulnerabilities have been uncovered and disclosed responsibly by Nozomi. We thank them for making ...

Title
Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: iSTAR Configuration Utility (ICU) Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls ...
Title
Vestel AC Charger
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vestel Equipment: AC Charger Vulnerability: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could ...
Title
ALBEDO Telecom Net.Time - PTP/NTP Clock
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: ALBEDO Telecom Equipment: Net.Time - PTP/NTP clock Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to ...
Title
Nice Linear eMerge E3
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Nice Equipment: Linear eMerge E3 Vulnerability: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary OS commands. ...
Title
Johnson Controls ICU
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: ICU Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports the following ...
Title
Planet Technology Network Products
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Planet Technology Equipment: Planet Technology Network Products Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Use of Hard-coded Credentials, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of ...
Title
Siemens TeleControl Server Basic
Published
April 22, 2025, 2 p.m.
Summary
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...

Last Updates

BOSCH PSIRT
25.04.2025
SIEMENS CERT
14.05.2025
US CERT
20.05.2025
US CERT (ICS)
20.05.2025

By Source

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds