SIEMENS CERT
02/09/2021
Siemens has released version V13.1.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (PAR, BMP, TIFF, CGM, TGA, PCT, HPG, PLT, RAS, ASM, DGN, DXF, DWG). If a user is tricked to opening of a malicious …
SIEMENS CERT
02/09/2021
There exists a directory traversal vulnerability which allows arbitrary file upload to an affected system. This type of vulnerability is also known as ‘Zip-Slip’. An authenticated attacker could exploit this vulnerability to gain arbitrary code execution by uploading a new or modifying an existing file to an affected system. Siemens …
SIEMENS CERT
02/09/2021
Some versions of Mentor Nucleus ReadyStart and Nucleus NET use Initial Sequence Numbers for TCP- Sessions that are predictable. Siemens has released updates for the affected products and recommends to update to the latest version(s).
SIEMENS CERT
01/28/2021
SIMATIC HMI Panels are affected by a vulnerability that could allow a remote attacker to gain full access to the device(s), if the telnet service is enabled. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
01/19/2021
Security researchers discovered and disclosed seven vulnerabilities in the open-source DNS component “dnsmasq”, also known as “DNSpooq” vulnerabilities (CVE-2020-25681 through CVE-2020-25687). Three vulnerabilities (CVE-2020-25684 through CVE-2020-25686) affect the validation of DNS responses and impact several SCALANCE and RUGGEDCOM devices as listed below. Siemens is preparing updates and recommends countermeasures for …
SIEMENS CERT
01/15/2021
Solid Edge is affected by multiple vulnerabilities that could allow arbitrary code execution on an affected system. Siemens has released an update for Solid Edge and recommends to update to the latest version.
SIEMENS CERT
01/12/2021
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
01/12/2021
Several SCALANCE X switches contain vulnerabilities in the web server of the affected devices. An unauthenticated attacker could reboot, cause denial-of-service conditions and potentially impact the system by other means through heap and buffer overflow vulnerabilities. Siemens has released updates for several affected products and recommends to update to the …