SIEMENS CERT
08/13/2019
A vulnerability in the affected products could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial-of-service attack. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and recommends …
SIEMENS CERT
08/13/2019
Security researchers published information on vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
SIEMENS CERT
08/13/2019
A vulnerability in the affected devices could allow an unauthenticated attacker with network access to an affected device to perform a denial-of-service. Siemens is preparing updates and recommends specific countermeasures until patches are available.
SIEMENS CERT
08/13/2019
The latest update for SIMATIC WinCC fixes multiple vulnerabilities. The most severe could allow an attacker to execute arbitrary commands on an affected system under certain conditions. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and …
SIEMENS CERT
08/13/2019
The latest update for SCALANCE SC-600 fixes multiple vulnerabilities. The most severe could allow authenticated local users with physical access to the device to execute arbitrary commands on the device under certain conditions. Siemens has released updates for SCALANCE SC-600 devices.
SIEMENS CERT
08/13/2019
A Cross-Site Scripting (XSS) vulnerability was found in the WebSDK component of Spectrum Power™ 3, 4, 5 and 7. A software update is available to address the issue and Siemens recommends installing the patch.
SIEMENS CERT
08/13/2019
The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on …