SIEMENS CERT
11/10/2020
CISA and WIBU Systems disclosed six vulnerabilities in different versions of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens and Siemens Energy products for license management. The vulnerabilities are described in the section “Vulnerability Classification” below and got assigned the CVE IDs CVE-2020-14509, CVE-2020-14513, CVE-2020-14515, …
SIEMENS CERT
11/10/2020
The latest update for the below listed products fixes two security vulnerabilities that could allow an attacker to cause a partial Denial-of-Service on the UMC component of the affected devices under certain circumstances, and one vulnerability that could allow an attacker to locally escalate privileges from a user with administrative …
SIEMENS CERT
11/10/2020
Siemens SCALANCE W1750D is a brandlabled device. Aruba has released a related security advisory (ARUBA-PSA-2016-004) [0] disclosing vulnerabilities in its Aruba Instant product line. The advisory contains multiple related vulnerabilities that are summarized in CVE-2016-2031. This advisory is a reminder to customers that the PAPI protocol is not a secure …
SIEMENS CERT
10/13/2020
A vulnerability has been identified in SIMATIC S7-300 and S7-400 CPU families and derived products, which could result in credential disclosure. Siemens recommends countermeasures as there are currently no fixes available.
SIEMENS CERT
10/13/2020
The latest hotfix for Desigo Insight fixes three vulnerabilities that have been identified in the web server, including SQL injection (CVE-2020-15792), clickjacking (CVE-2020-15793), and full path disclosure (CVE-2020-15794). Siemens recommends updating to the latest version of Desigo Insight and to apply the hotfix.
SIEMENS CERT
10/13/2020
SIPORT MP version 3.2.1 fixes an authentication bypass vulnerability which could enable an attacker to impersonate other users of the system and perform administrative actions. Siemens recommends to apply the update.
SIEMENS CERT
10/13/2020
Intel has published information on vulnerabilities in Intel products in November 2019. In this advisory Siemens only explicitly mentions the vulnerabilities from the “Intel® CPU Security Advisory” and one vulnerability from “Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory” and lists the Siemens IPC …