SIEMENS CERT
02/17/2022
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent. Siemens has released updates for several affected products and recommends to update to the latest versions. …
SIEMENS CERT
02/17/2022
Siemens Simcenter Femap versions before V2022.1.1 are affected by vulnerabilities that could be triggered when the application reads files in .NEU or .BDF format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform …
SIEMENS CERT
02/08/2022
Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 …
SIEMENS CERT
02/08/2022
SICAM TOOLBOX II contains a vulnerability that could allow an attacker access through a circumventable access control. Siemens is preparing updates and recommends countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
02/08/2022
A Cross-Site Scripting (XSS) vulnerability is found in the integrated web application “Online Help” of Spectrum Power 4. Siemens has released an update for the Spectrum Power 4 and recommends to update to the latest version.
SIEMENS CERT
02/08/2022
Affected SIMATIC firmware contains three vulnerabilities that could allow an unauthenticated attacker to perform a denial-of-service attack under certain conditions. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
02/08/2022
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to …
SIEMENS CERT
02/08/2022
Siemens has released updates for Solid Edge and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as PDF, DXF or PAR) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary …