SIEMENS CERT
02/09/2021
Several SCALANCE X switches contain a vulnerability that could allow an attacker to perform administrative actions if the victim is tricked into clicking on a website controlled by the attacker. The attack only works if the victim has an authenticated session on the administrative interface of the switch. Siemens has …
SIEMENS CERT
02/09/2021
Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further updates and …
SIEMENS CERT
01/28/2021
SIMATIC HMI Panels are affected by a vulnerability that could allow a remote attacker to gain full access to the device(s), if the telnet service is enabled. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
01/19/2021
Security researchers discovered and disclosed seven vulnerabilities in the open-source DNS component “dnsmasq”, also known as “DNSpooq” vulnerabilities (CVE-2020-25681 through CVE-2020-25687). Three vulnerabilities (CVE-2020-25684 through CVE-2020-25686) affect the validation of DNS responses and impact several SCALANCE and RUGGEDCOM devices as listed below. Siemens is preparing updates and recommends countermeasures for …
SIEMENS CERT
01/15/2021
Solid Edge is affected by multiple vulnerabilities that could allow arbitrary code execution on an affected system. Siemens has released an update for Solid Edge and recommends to update to the latest version.
SIEMENS CERT
01/12/2021
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
01/12/2021
Several SCALANCE X switches contain vulnerabilities in the web server of the affected devices. An unauthenticated attacker could reboot, cause denial-of-service conditions and potentially impact the system by other means through heap and buffer overflow vulnerabilities. Siemens has released updates for several affected products and recommends to update to the …
SIEMENS CERT
01/12/2021
Scalance X devices might not generate a unique random key after factory reset, and use a private key shipped with the firmware Siemens has released updates for some devices, is working on updates for the remaining affected products and recommends specific countermeasures until fixes are available.