SIEMENS CERT
05/13/2025
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens has released a new version of Palo Alto Networks Virtual NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to …
SIEMENS CERT
05/13/2025
Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user’s session even after logout. Siemens has released new versions for the affected products and recommends to update to …
SIEMENS CERT
05/13/2025
SCALANCE LPE9403 is affected by multiple vulnerabilities which lead to a compromise in availability, integrity and confidentiality. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
05/13/2025
SSA-301229 V1.0: Client-Side Enforcement of Server-Side Security Vulnerabilities in RUGGEDCOM ROX II
The web interface of RUGGEDCOM ROX II devices contain multiple Client-Side Enforcement of Server-Side Security vulnerabilities that could allow an attacker with a legitimate, highly privileged account on the web interface to get privileged code execution in the underlying OS of the affected products. Siemens has released new versions for …
SIEMENS CERT
05/13/2025
MS/TP Point Pickup Module devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device’s normal operation. Siemens recommends countermeasures for products where …
SIEMENS CERT
05/13/2025
Multiple SICAM products are affected by buffer overflow vulnerability in the IEC 61850 Client libraries from Triangle MicroWorks that could allow an unauthenticated remote attacker to create a denial of service condition by sending specially crafted MMS messages. Affected SICAM and SITIPE products: SICAM A8000 Device firmware ET85 for CP-8000/CP-8021/CP-8022 …
SIEMENS CERT
05/13/2025
An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products …
SIEMENS CERT
05/13/2025
APOGEE PXC and TALON TC Series (BACnet) Devices devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the …