Bulletins

The NC plug-in card in SINUMERIK MC contains a privilege escalation vulnerability that could allow local attackers to escalate their privileges to root. This allows full access to the device, including read and modifying G code. Siemens has released updates for the affected products and recommends to update to the …

Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 …

Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

Siemens has released updates for Solid Edge and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as PDF, DXF or PAR) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary …

71 vulnerabilities in third-party components as Node.js, cURL, SQLite, CivetWeb and DNS(ISC BIND) could allow an attacker to interfere with the affected product in various ways. Siemens has released an update for SINEC INS and recommends to update to the latest versions.

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to …

There is an insecure cryptographic vulnerability for the affected RUGGEDCOM devices. If an attacker were to exploit this, they could gain privileged functions. See auto-generated summary suggestion from build