Bulletins

The latest updates for SINEMA Remote Connect Client and Server fix multiple vulnerabilities. One of these vulnerabilities could allow an attacker to circumvent the authorization of the system for certain functionalities and to execute privileged functions. Siemens has released firmware updates for SINEMA Remote Connect Client and Server.

Intel has published information on vulnerabilities in Intel products in November 2019. In this advisory Siemens only explicitly mentions the vulnerabilities from the “Intel® CPU Security Advisory” and one vulnerability from “Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory” and lists the Siemens IPC …

Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …

The latest update for affected products fix local privilege escalation vulnerabilities that could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges. Siemens has released updates for some of the affected products, and is working on further updates. For the remaining affected products, Siemens …

Siemens has released version V13.1.0 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (JT, XML, CG4, CGM, PDF, RGB, SGI, TGA, PAR, ASM, PCX). If a user is tricked to opening of a malicious file with …

Some versions of Mentor Nucleus ReadyStart and Nucleus NET use Initial Sequence Numbers for TCP- Sessions that are predictable. Siemens has released updates for the affected products and recommends to update to the latest version(s).

The latest update for ROX II contains multiple fixes for IPsec related vulnerabilities in Libreswan and NSS. Siemens has released updates for the affected products and recommends to update to the latest versions.