May 2025
Title
SSA-446307 V1.0: Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A
Published
May 13, 2025, 2 a.m.
Summary
SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller (BMC) that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire system. Siemens is preparing fix versions and recommends ...
Title
SSA-523418 V1.0: Information Disclosure Vulnerability in Desigo CC
Published
May 13, 2025, 2 a.m.
Summary
Desigo CC deployments that use Installed Client are impacted by an information disclosure vulnerability which could result in information leak from the Desigo CC server. The other Desigo CC client options, Windows App Client and Flex Client, are not affected by this vulnerability. Siemens recommends specific countermeasures for products where ...
Title
SSA-668154 V1.0: Denial of Service Vulnerability in MS/TP Point Pickup Module
Published
May 13, 2025, 2 a.m.
Summary
MS/TP Point Pickup Module devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device’s normal operation. Siemens recommends countermeasures for products where ...
Title
SSA-928984 V1.2 (Last Update: 2025-05-13): Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)
Published
May 13, 2025, 2 a.m.
Summary
Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures ...
Title
SSA-614723 V1.0: Denial of Service Vulnerabilities in User Management Component (UMC)
Published
May 13, 2025, 2 a.m.
Summary
Siemens User Management Component (UMC) is affected by three vulnerabilities which could allow an unauthenticated remote attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific ...
Title
SSA-726617 V1.0: Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module
Published
May 13, 2025, 2 a.m.
Summary
The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released a new version for Mendix OIDC SSO and recommends to update to the latest ...
Title
SSA-718393 V1.0: Partial Denial of Service Vulnerability in APOGEE PXC and TALON TC Series (BACnet) Devices
Published
May 13, 2025, 2 a.m.
Summary
APOGEE PXC and TALON TC Series (BACnet) Devices devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the ...
Title
SSA-673996 V1.2 (Last Update: 2025-05-13): Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products
Published
May 13, 2025, 2 a.m.
Summary
Multiple SICAM products are affected by buffer overflow vulnerability in the IEC 61850 Client libraries from Triangle MicroWorks that could allow an unauthenticated remote attacker to create a denial of service condition by sending specially crafted MMS messages. Affected SICAM and SITIPE products: SICAM A8000 Device firmware ET85 for CP-8000/CP-8021/CP-8022 ...
Title
SSA-794185 V1.0: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products
Published
May 13, 2025, 2 a.m.
Summary
This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SIPROTEC, SICAM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., a SICAM device) and a RADIUS server, to forge Access-Request packets in ...
Title
SSA-901508 V1.0: Multiple Vulnerabilities in INTRALOG WMS Before V5
Published
May 13, 2025, 2 a.m.
Summary
INTRALOG WMS before V5 is affected by multiple vulnerabilities in the Microsoft .NET implementation as described below. Siemens has released a new version for INTRALOG WMS and recommends to update to the latest version. Please approach your INTRALOG WMS contact to resolve the reported vulnerabilities for your solution. When contacting ...
Title
SSA-864900 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices
Published
May 13, 2025, 2 a.m.
Summary
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
Title
SSA-373591 V1.1 (Last Update: 2025-05-13): Buffer Overflow Vulnerability in RUGGEDCOM ROS Devices
Published
May 13, 2025, 2 a.m.
Summary
The latest update for RUGGEDCOM ROS devices fixes a buffer overflow vulnerability in the third party component that could allow an attacker with network access to an affected device to cause a remote code execution condition. Siemens has released updates for the affected products and recommends to update to the ...
Title
SSA-366067 V1.3 (Last Update: 2025-05-13): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices
Published
May 13, 2025, 2 a.m.
Summary
Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or ...
Title
SSA-770770 V1.3 (Last Update: 2025-05-13): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices
Published
May 13, 2025, 2 a.m.
Summary
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.
Title
SSA-828116 V1.0: Denial of Service Vulnerability in BACnet ATEC Devices
Published
May 13, 2025, 2 a.m.
Summary
BACnet ATEC devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device’s normal operation. Siemens recommends countermeasures for products where fixes are ...
Title
SSA-819629 V1.2 (Last Update: 2025-05-13): Weak Authentication Vulnerability in Industrial Edge Device Kit
Published
May 13, 2025, 2 a.m.
Summary
Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices (for Siemens Industrial Edge devices see Additional Information). Industrial Edge Device Kit contains a weak authentication vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Industrial Edge ...
Title
Russian GRU Targeting Western Logistics Entities and Technology Companies
Published
May 12, 2025, 6:49 p.m.
Summary
Executive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting ...
Title
Mitsubishi Electric CC-Link IE TSN
Published
May 8, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY Vulnerability: Improper ...
Title
BrightSign Players
Published
May 6, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: BrightSign Equipment: Brightsign Players Vulnerabilities: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation on the device, easily guessed passwords, or for arbitrary code to be executed on ...
Title
Optigo Networks ONS NC600
Published
May 6, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Optigo Networks Equipment: ONS NC600 Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to establish an authenticated connection with the hard-coded credentials and perform OS command executions. ...
Title
Milesight UG65-868M-EA
Published
May 6, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Milesight Equipment: UG65-868M-EA Vulnerability: Improper Access Control for Volatile Memory Containing Boot Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow any user with admin privileges to inject arbitrary shell commands. 3. TECHNICAL DETAILS ...
Title
KUNBUS GmbH Revolution Pi
Published
May 1, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: KUNBUS Equipment: Revolution Pi Vulnerabilities: Missing Authentication for Critical Function, Authentication Bypass by Primary Weakness, Improper Neutralization of Server-Side Includes (SSI) Within a Web Page 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers ...
April 2025
Title
Multiple ctrlX OS vulnerabilities
Published
April 25, 2025, 2 a.m.
Summary

BOSCH-SA-640452: The base ctrlX OS apps Device Admin and Solutions contain multiple vulnerabilities. In a worst case scenario, a remote authenticated (low-privileged) attacker might be able to execute arbitrary OS commands running with higher privileges. The vulnerabilities have been uncovered and disclosed responsibly by Nozomi. We thank them for making ...

Title
Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: iSTAR Configuration Utility (ICU) Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls ...
Title
Vestel AC Charger
Published
April 24, 2025, 2 p.m.
Summary
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vestel Equipment: AC Charger Vulnerability: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could ...

Last Updates

BOSCH PSIRT
25.04.2025
SIEMENS CERT
23.05.2025
US CERT
20.05.2025
US CERT (ICS)
22.05.2025

By Source

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds