February 2023
Title
Siemens Simcenter Femap before V2023.1
Published
Feb. 16, 2023, 4:45 p.m.
Summary
Title
Siemens TIA Project-Server formerly known as TIA Multiuser Server
Published
Feb. 16, 2023, 4:40 p.m.
Summary
Title
Siemens RUGGEDCOM APE1808
Published
Feb. 16, 2023, 4:35 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-09" hreflang="en">Siemens SIMATIC Industrial Products</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-01" hreflang="en">Siemens Solid Edge</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-12" hreflang="en">Siemens JT Open, JT Utilities, and Parasolid</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-06" hreflang="en">Siemens Simcenter Femap before V2023.1</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-05" hreflang="en">Siemens SiPass integrated AC5102 / ACC-G2 and ACC-AP</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-04" hreflang="en">Siemens Brownfield Connectivity Gateway</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-11" hreflang="en">Siemens Mendix</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-08" hreflang="en">Siemens RUGGEDCOM APE1808</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-02" hreflang="en">Siemens SCALANCE X200 IRT</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
<a href="/news-events/ics-advisories/icsa-23-047-13" hreflang="en">Sub-IoT DASH 7 Alliance Protocol stack implementation</a>
Published
Feb. 16, 2023, 1 p.m.
Summary
Title
Weintek EasyBuilder Pro cMT Series
Published
Feb. 15, 2023, 4 a.m.
Summary
Title
SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid
Published
Feb. 14, 2023, 1 a.m.
Summary
JT Open Toolkit, JT Utilities and Parasolid are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary ...
Title
SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation
Published
Feb. 14, 2023, 1 a.m.
Summary
Siemens Tecnomatix Plant Simulation has released an update, 2201 Update 6, that fixes multiple vulnerabilities that could be triggered when the application reads SPP files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary ...
Title
SSA-744259 V1.0: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1
Published
Feb. 14, 2023, 1 a.m.
Summary
Siemens has released a new version for Brownfield Connectivity - Gateway that contains fixes for multiple vulnerabilities in the underlying Golang implementation. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Gateway and recommends to update to the ...
Title
SSA-693110 V1.0: Buffer Overflow Vulnerability in COMOS
Published
Feb. 14, 2023, 1 a.m.
Summary
COMOS is affected by memory corruption vulnerability in the cache validation service that could allow an attacker to execute arbitrary code or cause denial of service condition. Siemens has released updates for the affected products and recommends to update to the latest versions.
Title
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Published
Feb. 14, 2023, 1 a.m.
Summary
Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.
Title
SSA-686975 V1.0: IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs
Published
Feb. 14, 2023, 1 a.m.
Summary
Intel has published information on vulnerabilities in Intel products in November 2022. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update (“2022.3 IPU – BIOS Advisory” Intel-SA-00688). Siemens is preparing updates and recommends specific countermeasures for products ...
Title
SSA-712929 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products
Published
Feb. 14, 2023, 1 a.m.
Summary
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest ...
Title
SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15
Published
Feb. 14, 2023, 1 a.m.
Summary
Siemens has released a new version for Brownfield Connectivity - Client that contains fixes for multiple vulnerabilities in the underlying OpenSSL library. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Client and recommends to update to the ...
Title
SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
Published
Feb. 14, 2023, 1 a.m.
Summary
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...
Title
SSA-658793 V1.0: Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP
Published
Feb. 14, 2023, 1 a.m.
Summary
SiPass integrated ACC (Advanced Central Controller) devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges. Siemens has released updates for the affected products and recommends to update to the ...
Title
SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
Published
Feb. 14, 2023, 1 a.m.
Summary

Last Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
23.10.2024
US CERT
08.10.2024
US CERT (ICS)
07.11.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds