SIEMENS CERT
12/13/2022
The FTP server of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable …
SIEMENS CERT
12/13/2022
A vulnerability has been identified in the OPC Foundation Local Discovery Server (LDS) [0] of several industrial products. The vulnerability could cause a denial of service condition on the service or the device. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens …
SIEMENS CERT
12/13/2022
Multiple vulnerabilities affecting various third-party components of the SCALANCE SC-600 family could allow an attacker to cause a denial of service condition, corrupt memory or potentially execute custom code. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
12/13/2022
Siemens Teamcenter Visualization and JT2Go are affected by multiple out of bounds write vulnerabilities in the APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens …
SIEMENS CERT
12/13/2022
SCALANCE X-200RNA switch devices before V3.2.7 contain multiple vulnerabilities that could allow an attacker to cause a denial of service condition, to extract sensitive information or to hijack existing sessions. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
12/13/2022
Intel has published information on vulnerabilities in Intel products in November 2020. This advisory lists the Siemens IPC related products, that are affected by these vulnerabilities. In this advisory we take a representative CVE from each advisory: “Intel CSME, SPS, TXE, AMT and DAL Advisory” Intel-SA-00391 is represented by CVE-2020-8745 …
SIEMENS CERT
12/13/2022
Several SCALANCE X switches contain a vulnerability that could allow an attacker to perform administrative actions if the victim is tricked into clicking on a website controlled by the attacker. The attack only works if the victim has an authenticated session on the administrative interface of the switch. Siemens has …
SIEMENS CERT
12/13/2022
Simcenter STAR-CCM+ contains a privilege escalation vulnerability which could allow a local attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.