SIEMENS CERT
05/14/2024
SIMATIC CN 4100 is vulnerable to use of hard coded credentials including root user and contains an unrestricted USB port that could be misused for insecure boot. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version.
SIEMENS CERT
05/14/2024
Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC before 23.4.1. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds …
SIEMENS CERT
05/14/2024
Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC before V22.6.3 and 23.1.0. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and …
SIEMENS CERT
05/14/2024
SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device. Siemens has released new versions for several affected products and recommends to update to the …
SIEMENS CERT
05/14/2024
Solid Edge is affected by an out of bounds read vulnerability that could be triggered when the application reads files that contains XT parts. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in …
SIEMENS CERT
05/14/2024
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). These GNU/Linux vulnerabilities have been externally identified. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not …
SIEMENS CERT
05/14/2024
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing …