SIEMENS CERT
06/14/2022
SSA-549234 V1.2 (Last Update: 2022-06-14): Denial-of-Service Vulnerability in SIMATIC NET CP Modules
A denial of service vulnerability was identified in different types of Communication Processors. An attacker could exploit this vulnerability causing the device to become un-operational until the device is restarted. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
06/14/2022
Vulnerabilities in the third-party component strongSwan could allow an attacker to cause a denial of service (DoS) condition in affected devices by exploiting integer overflow bugs. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures …
SIEMENS CERT
06/14/2022
A cleartext vulnerability was found in the SIMATIC communication processors CP 1543-1 and CP 1545-1 that could allow an attacker to read sensitive information. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
06/14/2022
SINEMA Remote Connect Server is affected by multiple vulnerabilities, including A cross-site scripting vulnerability in an error message pop up window (CVE-2022-29034) Several authentication bypass, privilege escalation and integrity check vulnerabilities (CVE-2022-32251 through -32261) A command injection vulnerability in the file upload service (CVE-2022-32262) A chosen-plaintext attack against HTTP over …
SIEMENS CERT
06/14/2022
The products listed below contain a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released an update …
SIEMENS CERT
06/14/2022
SCALANCE XM-400 and XR-500 devices contain a vulnerability in the OSPF protocol implementation that could allow an unauthenticated remote attacker to cause interruptions in the network. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
06/14/2022
Multiple vulnerabilities in the APOGEE PXC and TALON TC series of products could allow unauthenticated attackers to download sensitive information through the integrated webserver. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or …
SIEMENS CERT
06/14/2022
Siemens has released updates for Teamcenter that fixes a security vulnerability related to unsecure storage of user credentials. This vulnerability affects Java EE Server Manager HTML Adaptor. This service is not installed by default and currently also obsoleted. Siemens has released updates for the affected products and recommends to update …