SIEMENS CERT
05/10/2022
The open source software OpenV2G contains a buffer overflow vulnerability that could allow an attacker to trigger a memory corruption. Siemens has released an update for the OpenV2G and recommends to update to the latest version.
SIEMENS CERT
05/10/2022
Teamcenter is affected by XML External Entity Injection (XXE, CVE-2022-29801) and a stack based buffer overflow vulnerability (CVE-2022-24290). XXE impacts only Teamcenter versions before V13.1. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures …
SIEMENS CERT
05/10/2022
The products listed below contain a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released an update …
SIEMENS CERT
05/10/2022
The latest updates for TIA Portal fix a vulnerability that could allow a local attacker to execute arbitrary code with SYSTEM privileges. Update: The previously provided fixes only correctly set the permissions on English Windows versions. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, …
SIEMENS CERT
04/27/2022
A vulnerability in Spring Framework was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2022-22965 and is also known as “Spring4Shell” or “SpringShell”. Siemens is currently investigating to determine which products are affected and is continuously updating this advisory as …
SIEMENS CERT
04/19/2022
A vulnerability in Spring Framework was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2022-22965 and is also known as “Spring4Shell” or “SpringShell”. Siemens is currently investigating to determine which products are affected and is continuously updating this advisory as …
SIEMENS CERT
04/12/2022
A Denial-of-Service vulnerability has been identified in SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional and SIMATIC NET PC-Software. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are …