Bulletins

Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.

SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.

Multiple out-of-bounds vulnerabilities in third-party components are affecting SITOP UPS1600 before V2.5.4. Attackers could exploit these vulnerabilities and cause limited impact in the affected systems. Siemens has released new versions for the affected products and recommends to update to the latest versions.

TIA Administrator creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process. Siemens has released a new version for TIA Administrator and recommends to update to the latest version.

Siemens has released new versions for the affected products and recommends to update to the latest versions.

SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family is affected by multiple vulnerabilities. CVE-2023-44318 and CVE-2023-44321 were previously published as part of SSA-699386. Siemens recommends countermeasures for products where fixes are not, or not yet available.

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). These GNU/Linux vulnerabilities have been externally identified. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not …