Bulletins

SIEMENS CERT
02/10/2026

SSB-491780 V1.0: Missing anti-tamper protection in SIPORT Desktop Client Application

SIEMENS CERT
02/10/2026

SSA-535115 V1.0: Data Validation Vulnerability in NX Before V2512

Siemens NX is affected by missing data validation vulnerability that could allow an attacker with local access on a compromised system to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution. Siemens has released a new version of NX which resolves the …
SIEMENS CERT
02/10/2026

SSA-513708 V1.3 (Last Update: 2026-02-10): Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices

Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds …
SIEMENS CERT
02/10/2026

SSA-265688 V2.1 (Last Update: 2026-02-10): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
02/10/2026

SSA-445819 V1.0: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge

Solid Edge uses PS/IGES Parasolid Translator Component that contains an out of bounds read that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash …
SIEMENS CERT
02/10/2026

SSA-311973 V1.0: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC)

Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
02/10/2026

SSA-625934 V1.0: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers

The Webhooks implementation of Siveillance Video Management Servers contains a vulnerability that could allow an authenticated remote attacker with read-only privileges to achieve full access to Webhooks API. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
02/10/2026

SSA-216014 V1.3 (Last Update: 2026-02-10): Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs

Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations. Siemens has released new versions of BIOS for several affected products and recommends to update to the latest versions. Siemens …