SIEMENS CERT
07/13/2021
The latest update for SINUMERIK Integrate Operate Client fixes a vulnerability that could allow an attacker to spoof any SSL server certificate and conduct man-in-the-middle attacks. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available
SIEMENS CERT
07/13/2021
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a a maliciously crafted renegotiation message is sent. Siemens is preparing updates and recommends countermeasures for products where updates are not, or not …
SIEMENS CERT
07/13/2021
Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published. Successful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation. The …
SIEMENS CERT
07/13/2021
There are multiple vulnerabilities in an underlying Link Layer Discovery Protocol (LLDP) third party library. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
SIEMENS CERT
07/13/2021
The latest update for the below listed products fixes two security vulnerabilities that could allow an attacker to cause a partial Denial-of-Service on the UMC component of the affected devices under certain circumstances, and one vulnerability that could allow an attacker to locally escalate privileges from a user with administrative …
SIEMENS CERT
07/13/2021
A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. The Siemens products which are affected are listed below. For more information please see https://www.saddns.net/. Siemens has released updates for several affected products and …
SIEMENS CERT
06/08/2021
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
06/08/2021
Siemens Simcenter Femap is affected by two vulnerabilities that could be triggered when the application reads modfem files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the …