February 2023
16.02.2023
US CERT (ICS)
Siemens Simcenter Femap before V2023.1
Title
Siemens Simcenter Femap before V2023.1
Published
Feb. 16, 2023, 4:45 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-047-06
Summary
16.02.2023
US CERT (ICS)
Siemens TIA Project-Server formerly known as TIA Multiuser Server
Title
Siemens TIA Project-Server formerly known as TIA Multiuser Server
Published
Feb. 16, 2023, 4:40 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-047-07
Summary
16.02.2023
US CERT (ICS)
Siemens RUGGEDCOM APE1808
Title
Siemens RUGGEDCOM APE1808
Published
Feb. 16, 2023, 4:35 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-047-08
Summary
16.02.2023
US CERT (ICS)
Siemens SIMATIC Industrial Products
Title
<a href="/news-events/ics-advisories/icsa-23-047-09" hreflang="en">Siemens SIMATIC Industrial Products</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-09
Summary
16.02.2023
US CERT (ICS)
Siemens Solid Edge
Title
<a href="/news-events/ics-advisories/icsa-23-047-01" hreflang="en">Siemens Solid Edge</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-01
Summary
16.02.2023
US CERT (ICS)
Siemens JT Open, JT Utilities, and Parasolid
Title
<a href="/news-events/ics-advisories/icsa-23-047-12" hreflang="en">Siemens JT Open, JT Utilities, and Parasolid</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-12
Summary
16.02.2023
US CERT (ICS)
Siemens Simcenter Femap before V2023.1
Title
<a href="/news-events/ics-advisories/icsa-23-047-06" hreflang="en">Siemens Simcenter Femap before V2023.1</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-06
Summary
16.02.2023
US CERT (ICS)
Siemens SiPass integrated AC5102 / ACC-G2 and ACC-AP
Title
<a href="/news-events/ics-advisories/icsa-23-047-05" hreflang="en">Siemens SiPass integrated AC5102 / ACC-G2 and ACC-AP</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-05
Summary
16.02.2023
US CERT (ICS)
Siemens Brownfield Connectivity Gateway
Title
<a href="/news-events/ics-advisories/icsa-23-047-04" hreflang="en">Siemens Brownfield Connectivity Gateway</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-04
Summary
16.02.2023
US CERT (ICS)
Siemens Mendix
Title
<a href="/news-events/ics-advisories/icsa-23-047-11" hreflang="en">Siemens Mendix</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-11
Summary
16.02.2023
US CERT (ICS)
Siemens RUGGEDCOM APE1808
Title
<a href="/news-events/ics-advisories/icsa-23-047-08" hreflang="en">Siemens RUGGEDCOM APE1808</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-08
Summary
16.02.2023
US CERT (ICS)
Siemens SCALANCE X200 IRT
Title
<a href="/news-events/ics-advisories/icsa-23-047-02" hreflang="en">Siemens SCALANCE X200 IRT</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-02
Summary
16.02.2023
US CERT (ICS)
Sub-IoT DASH 7 Alliance Protocol stack implementation
Title
<a href="/news-events/ics-advisories/icsa-23-047-13" hreflang="en">Sub-IoT DASH 7 Alliance Protocol stack implementation</a>
Published
Feb. 16, 2023, 1 p.m.
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-23-047-13
Summary
15.02.2023
US CERT (ICS)
Weintek EasyBuilder Pro cMT Series
Title
Weintek EasyBuilder Pro cMT Series
Published
Feb. 15, 2023, 4 a.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-045-01
Summary
14.02.2023
SIEMENS CERT
SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid
Title
SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf
Summary
JT Open Toolkit, JT Utilities and Parasolid are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary ...
14.02.2023
SIEMENS CERT
SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation
Title
SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf
Summary
Siemens Tecnomatix Plant Simulation has released an update, 2201 Update 6, that fixes multiple vulnerabilities that could be triggered when the application reads SPP files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary ...
14.02.2023
SIEMENS CERT
SSA-744259 V1.0: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1
Title
SSA-744259 V1.0: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf
Summary
Siemens has released a new version for Brownfield Connectivity - Gateway that contains fixes for multiple vulnerabilities in the underlying Golang implementation. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Gateway and recommends to update to the ...
14.02.2023
SIEMENS CERT
SSA-693110 V1.0: Buffer Overflow Vulnerability in COMOS
Title
SSA-693110 V1.0: Buffer Overflow Vulnerability in COMOS
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-693110.pdf
Summary
COMOS is affected by memory corruption vulnerability in the cache validation service that could allow an attacker to execute arbitrary code or cause denial of service condition. Siemens has released updates for the affected products and recommends to update to the latest versions.
14.02.2023
SIEMENS CERT
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Title
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf
Summary
Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.
14.02.2023
SIEMENS CERT
SSA-686975 V1.0: IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs
Title
SSA-686975 V1.0: IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-686975.pdf
Summary
Intel has published information on vulnerabilities in Intel products in November 2022. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update (“2022.3 IPU – BIOS Advisory” Intel-SA-00688). Siemens is preparing updates and recommends specific countermeasures for products ...
14.02.2023
SIEMENS CERT
SSA-712929 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Prod...
Title
SSA-712929 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
Summary
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest ...
14.02.2023
SIEMENS CERT
SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15
Title
SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf
Summary
Siemens has released a new version for Brownfield Connectivity - Client that contains fixes for multiple vulnerabilities in the underlying OpenSSL library. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Client and recommends to update to the ...
14.02.2023
SIEMENS CERT
SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
Title
SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf
Summary
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...
14.02.2023
SIEMENS CERT
SSA-658793 V1.0: Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP
Title
SSA-658793 V1.0: Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-658793.pdf
Summary
SiPass integrated ACC (Advanced Central Controller) devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges. Siemens has released updates for the affected products and recommends to update to the ...
14.02.2023
SIEMENS CERT
SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...
Title
SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf
Summary

Last Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
23.10.2024
US CERT
08.10.2024
US CERT (ICS)
07.11.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds