SIEMENS CERT
09/11/2018
SIMATIC S7-400 CPUs are affected by a security vulnerability which could lead to a Denial-of-Service condition of the PLC if specially crafted packets are received and processed. The affected SIMATIC S7-400 CPU hardware versions are in the product cancellation phase or already phased-out. Siemens recommends customers either upgrading to a …
SIEMENS CERT
08/17/2018
Security researchers published information on vulnerabilities known as Spectre, Meltdown, Spectre-NG, Lazy FP State Restore, Spectre V1.1, and L1 Terminal Fault/Foreshadow. These vulnerabilities affect many modern processors from different vendors to a varying degree. Siemens is analyzing the impact of these vulnerabilities and of the mitigations released on its own …
SIEMENS CERT
08/07/2018
Security researchers published information on vulnerabilities known as Spectre and Meltdown. These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Industrial Products include affected processors and are affected by the vulnerabilities.
SIEMENS CERT
08/07/2018
A vulnerability in OpenSSL affects several Siemens industrial products. Siemens has released updates for some affected products and is working on updates for others.
SIEMENS CERT
08/07/2018
The latest updates for SIMATIC STEP 7 (TIA Portal) and SIMATIC WinCC (TIA Portal) fix two vulnerabilities. These two vulnerabilities could either allow an attacker with local file write access to manipulate files and cause a Denial-of-service-condition, or execute code both on the manipulated installation and on devices that are …
SIEMENS CERT
08/07/2018
The latest updates for Automation License Manager fix two vulnerabilities. One of them could allow an attacker to execute arbitrary code on the target device, the other one could allow an attacker to abuse the target system for basic network scanning.
SIEMENS CERT
07/11/2018
The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by security vulnerabilities which could allow an attacker to conduct a Denial-of-Service attack over the network. Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes …
SIEMENS CERT
07/03/2018
SICLOCK TC devices are affected by multiple vulnerabilities that could allow an attacker to cause Denial-of-Service conditions, bypass the authentication, and modify the firmware of the device or the administrative client. SICLOCK TC devices are in a phase out process. Siemens recommends mitigations to reduce the risk.