SIEMENS CERT
03/08/2022
Security researchers published information on a vulnerability known as Crosstalk (INTEL-SA-00320). This vulnerability affects modern Intel processors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerability. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens …
SIEMENS CERT
03/08/2022
Intel has published information on vulnerabilities in Intel products in November 2020. This advisory lists the Siemens Controllers that are affected by these vulnerabilities. In this advisory we take a representative CVE from each advisory: “Intel CSME, SPS, TXE, AMT and DAL Advisory” Intel-SA-00391 is represented by CVE-2020-8744 “BIOS Advisory” …
SIEMENS CERT
03/08/2022
Mendix Forgot Password Appstore module contains two vulnerabilities that could allow unauthorized users to take over accounts. Mendix has released an update for the Mendix Forgot Password Appstore module and recommends to update to the latest version.
SIEMENS CERT
03/08/2022
A XPath Constraint vulnerability in the Mendix Studio Pro was discovered, that can affect the running applications. The vulnerability, if acted upon by a malicious user, could allow them the ability to dump and modify sensitive data. Mendix has released updates for the affected product lines, recommends to update to …
SIEMENS CERT
03/08/2022
COMOS uses Drawings SDK from Open Design Alliance that is affected by multiple vulnerabilities that could be triggered when the application reads files in DGN, DXF or DWG file formats. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability …
SIEMENS CERT
03/08/2022
Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow local or remote attackers to escalate privileges and read, write or delete critical files. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures …
SIEMENS CERT
03/08/2022
Affected SIMATIC firmware contains three vulnerabilities that could allow an unauthenticated attacker to perform a denial-of-service attack under certain conditions. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
03/08/2022
Climatix POL909 (AWM and AWB) contains an information disclosure vulnerability that could allow a man-in-the-middle attacker to read sensitive data, such as administrator credentials, or modify data in transit. Siemens has released an update for Climatix POL909 (AWM and AWB) and recommends to update to the latest version.