SIEMENS CERT
05/09/2023
The web server login page of affected products does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.. Siemens has released updates for several affected products and recommends to update to the latest versions. …
SIEMENS CERT
05/09/2023
A vulnerability in the affected devices could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial of service attack. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products …
SIEMENS CERT
05/09/2023
A vulnerability in affected devices could allow an attacker to perform a denial of service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures …
SIEMENS CERT
05/09/2023
Two vulnerabilities have been identified in the SIMATIC S7-400 CPU family that could allow an attacker to cause a denial of service condition. In order to exploit the vulnerabilities, an attacker must have access to the affected devices on port 102/tcp via Ethernet, PROFIBUS or Multi Point Interfaces (MPI). Siemens …
SIEMENS CERT
05/09/2023
TIA Portal contains a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution. Siemens has released an update …
SIEMENS CERT
05/09/2023
Affected SIMATIC firmware contains multiple vulnerabilities that could allow an unauthenticated attacker to perform a denial of service attack under certain conditions. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates …
SIEMENS CERT
05/09/2023
Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 …
SIEMENS CERT
05/09/2023
SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device. Siemens has released updates for several affected products and recommends to update to the latest …