SIEMENS CERT
12/14/2021
WIBU Systems published information about a denial-of-service vulnerability and an associated fix release version of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management. The vulnerability is described in the section “Vulnerability Classification” below and got assigned the CVE ID CVE-2021-41057. Successful …
SIEMENS CERT
12/14/2021
POWER METER SICAM Q100 contains a vulnerability that could allow an attacker to remotely execute code. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
12/14/2021
JT Open Toolkit (JTTK) before V11.1.1.0 contains multiple vulnerabilities that could be triggered when it reads a maliciously crafted JT file. These vulnerabilities also affects JT Utilities before V13.1.1.0. If a user is tricked to open a malicious JT file with any of the affected products, this could lead the …
SIEMENS CERT
12/13/2021
SSA-661247 V1.0: Apache Log4j Vulnerability (CVE-2021-44228, Log4Shell) - Impact to Siemens Products
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. Siemens is currently investigating to determine which products are …
SIEMENS CERT
11/09/2021
Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache. Mendix has released updates for the affected product lines, …
SIEMENS CERT
11/09/2021
SENTRON powermanager V3 is affected by a vulnerability that could allow a local attacker to inject arbitrary code and escalate privileges. Siemens has released a security patch for SENTRON powermanager V3.6 HF1 and recommends to update to the latest version and apply this patch.
SIEMENS CERT
11/09/2021
WIBU Systems published information about a denial-of-service vulnerability and an associated fix release version of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management. The vulnerability is described in the section “