SIEMENS CERT
08/10/2021
Siemens has released version V13.2.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (CGM, DGN, DXF, and DWG). If a user is tricked to open a malicious file with the affected products, this could lead the …
SIEMENS CERT
08/10/2021
One of the DNS-related vulnerabilities that were reported as “Name:Wreck” may affect the following Siemens Energy products: Industrial Gas Turbines SGT-100, SGT-200, SGT-300 and SGT-400 with Allen Bradley control systems Aeroderivative Gas Turbines SGT-A20, SGT-A35 and SGT-A65 with FT125 control systems
SIEMENS CERT
08/10/2021
The latest update for SINEC NMS fixes a vulnerability that could allow an authenticated remote attacker to execute arbitrary code on the system, with system privileges, under certain conditions. Siemens has released an update for SINEC NMS and recommends to update to the latest version.
SIEMENS CERT
08/10/2021
Siemens has released a new version for Solid Edge that fixes three vulnerabilities - an XML external entity (XXE) injection, and two file parsing issues which could be triggered when the application reads OBJ files. If a user is tricked to opening a malicious file using the affected application this …
SIEMENS CERT
08/10/2021
SIMATIC S7-1200 PLC, version V4.5.0 fails to authenticate against configured passwords when the affected device was provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V17 or later versions to bypass authentication and download arbitrary programs to the PLC. Siemens has released an update for SIMATIC …
SIEMENS CERT
08/10/2021
The latest updates for the below mentioned products fix a vulnerability that allows an unauthenticated attacker to read PLC variables from affected devices without proper authentication under certain circumstances. Siemens has released updates for some of the affected products, is working on updates for the remaining affected products and recommends …
SIEMENS CERT
08/10/2021
Siemens has released version V13.2.0.2 for JT2Go and Teamcenter Visualization to fix three vulnerabilities that could be triggered while parsing DGN or PAR files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potential arbitrary code execution. …
SIEMENS CERT
08/10/2021
SINAMICS medium voltage products, with Sm@rtServer enabled on SIMATIC comfort HMI Panels, are affected by multiple vulnerabilities that could allow an attacker, under certain conditions, to gain full remote access to the HMI. Note that by default Sm@rtServer is disabled, but it can be enabled by the system integrator on …