SIEMENS CERT
08/13/2024
SINEC Traffic Analyzer before V2.0 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.
SIEMENS CERT
08/13/2024
Location Intelligence before V4.4 is affected by multiple vulnerabilities that could allow an attacker in an on-path position to read and modify data passed over the connection between legitimate clients and the affected product or brute force user passwords. Siemens has released a new version for Location Intelligence family and …
SIEMENS CERT
08/02/2024
Omnivise T3000 contains multiple vulnerabilities that could allow an attacker to escalate privileges. Siemens Energy has released patches for several affected products and recommends to apply the patches. Siemens Energy is preparing further fixes for versions still under maintenance and recommends countermeasures for products where fixes are not, or not …
SIEMENS CERT
07/22/2024
Multiple SICAM products are affected by unauthorized password reset and firmware downgrade vulnerabilities that could lead to privilege escalation and potential leak of information, namely: SICAM A8000 Device firmware CPCI85 for CP-8031/CP-8050 SICAM EGS Device firmware CPCI85 SICAM 8 Software Solution SICORE Siemens has released new firmware versions for the …
SIEMENS CERT
07/22/2024
This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SCALANCE, RUGGEDCOM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., SCALANCE or RUGGEDCOM devices) and a RADIUS server (e.g., SINEC INS), to …
SIEMENS CERT
07/09/2024
Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
SIEMENS CERT
07/09/2024
Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends …
SIEMENS CERT
07/09/2024
Simcenter Femap contains multiple file parsing vulnerabilities that could be triggered when the application reads files in IGS, BDF or BMP file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to …