SIEMENS CERT
11/11/2025
Altair Grid Engine contain multiple vulnerabilities that could allow an attacker to escalate privileges and execute arbitrary code with superuser permissions. Siemens has released a new version for Altair Grid Engine and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
LOGO! 8 BM (incl. SIPLUS variants) contains multiple vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state, or change the behavior of the device. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or …
SIEMENS CERT
10/14/2025
Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
10/14/2025
TeleControl Server Basic V3.1 contains an information disclosure vulnerability that could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service. Siemens has released a new version for TeleControl Server Basic V3.1 and recommends to update to …
SIEMENS CERT
10/14/2025
Multiple vulnerabilities affect the RUGGEDCOM Operating System (ROS). Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
10/14/2025
Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the …
SIEMENS CERT
10/14/2025
SIMATIC S7-1200 CPU V2 devices contain an insufficiently protected private key used for the Certificate Authority (CA) for HTTPS connections. Possession of this key could allow remote attackers to spoof the device’s web server by creating a forged web server certificate. Siemens recommends specific countermeasures for products where fixes are …
SIEMENS CERT
10/14/2025
The web server on SIMATIC S7-1200 CPU V2/V3 Before V3.0.2 contains a cross-site scripting (XSS) vulnerability that could allow remote attackers to inject arbitrary web script or HTML via a crafted URI. Siemens has released a new version for SIMATIC S7-1200 CPU V3 family (incl. SIPLUS variants) and recommends to …