SIEMENS CERT
06/10/2025
Several Industrial Communication Devices based on SINEC OS before V3.1 contain an incorrect authorization check vulnerability that could allow an attacker to perform actions that exceed the permissions of the “guest” role. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
06/10/2025
This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SCALANCE, RUGGEDCOM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., SCALANCE or RUGGEDCOM devices) and a RADIUS server (e.g., SINEC INS), to …
SIEMENS CERT
06/10/2025
Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
SIEMENS CERT
06/10/2025
A vulnerability in SIRIUS 3RV2921-5M could allow an attacker to cause a denial of service condition. Siemens has released a new version for SIRIUS 3RV2921-5M and recommends to update to the latest version.
SIEMENS CERT
06/10/2025
The web interface of RUGGEDCOM ROX II devices contain multiple Client-Side Enforcement of Server-Side Security vulnerabilities that could allow an attacker with a legitimate, highly privileged account on the web interface to get privileged code execution in the underlying OS of the affected products. Siemens has released new versions for …
SIEMENS CERT
06/10/2025
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
06/10/2025
Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations. Siemens has released new versions of BIOS for several affected products and recommends to update to the latest versions. Siemens …
SIEMENS CERT
06/10/2025
Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the …