SIEMENS CERT
07/12/2022
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest …
SIEMENS CERT
07/12/2022
SIMATIC eaSie PCS 7 Skill Package contains multiple vulnerabilities that could allow an attacker to send arbitrary messages to the underlying message passing framework of the affected system or crash the attached application. Siemens has released an update for the SIMATIC eaSie Core Package and recommends to update to the …
SIEMENS CERT
07/12/2022
A vulnerability was identified in several SCALANCE X switches that could allow an attacker to feed information into a network via the mirror port with the monitor barrier feature enabled. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
07/12/2022
The below referenced devices contain multiple vulnerabilities that could be exploited when the SINEMA Remote Connect Server (SRCS) VPN feature is used. The feature is not activated by default. The most severe could allow an attacker to execute arbitrary code with elevated privileges under certain circumstances. Siemens has released an …
SIEMENS CERT
07/12/2022
An expression injection vulnerability was discovered in the Workflow processing of Mendix Runtime, that can affect the running applications. The vulnerability could allow a malicious user to leak sensitive information if the Workflow visual language of Mendix is used. Mendix has released updates for the affected product lines, recommends to …
SIEMENS CERT
07/12/2022
A vulnerability was identified in the CPC80 firmware of SICAM A8000 devices. It could allow an unauthenticated remote attacker to cause a permanent denial of service condition. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
07/12/2022
Siemens Simcenter Femap versions before V2022.2 are affected by an out of bounds write vulnerability that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote …
SIEMENS CERT
07/12/2022
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further …