SIEMENS CERT
02/08/2022
Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a denial of service attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further updates …
SIEMENS CERT
02/08/2022
Multiple vulnerabilities were identified in the web components of COMOS that could allow an attacker to conduct code injections, store data in undesired locations, execute arbitrary SQL statements, and run cross-site request forgery attacks. Siemens has released updates for several affected products and recommends to update to the latest versions. …
SIEMENS CERT
02/08/2022
A vulnerability has been identified in the underlying TCP/IP stack of LOGO! CMR and SIMATIC RTU 3000 devices. It could allow an attacker with network access to the LAN interface of an affected device to hijack an ongoing connection or spoof a new one. The WAN interface, however, is not …
SIEMENS CERT
02/08/2022
Siemens has released updates for Solid Edge and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as PDF, DXF or PAR) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary …
SIEMENS CERT
02/08/2022
Vulnerabilities in the third-party component strongSwan could allow an attacker to cause a denial of service (DoS) condition in affected devices by exploiting integer overflow bugs. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific …
SIEMENS CERT
02/08/2022
Siemens Simcenter Femap is affected by multiple vulnerabilities that could be triggered when the application reads files in .NEU format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform remote code execution in …
SIEMENS CERT
02/08/2022
An open redirect vulnerability in SINEMA Remote Connect Server could allow an attacker to steal logon credentials with a specially crafted malicious link. Siemens has released software update for the SINEMA Remote Connect Server and recommends to update to the latest version.
SIEMENS CERT
02/08/2022
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to …