{ "feed": { "id": "siemens-security-advisories-csaf-feed-tlp-white", "title": "Siemens Security Advisories CSAF feed (TLP:WHITE)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-feed-tlp-white.json" } ], "category": [ { "scheme": "urn:ietf:params:rolie:category:information-type", "term": "csaf" } ], "updated": "2026-04-14T00:00:00Z", "entry": [ { "id": "SSA-019200", "title": "Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11n Devices Before V6.6.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-019200.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-019200.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-019200.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-019200.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-186293", "title": "XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-186293.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-186293.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-186293.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER are affected by an XXE injection vulnerability that could allow an attacker to access arbitrary application files.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-186293.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-216014", "title": "Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-216014.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-216014.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-216014.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations.\r\n\r\nSiemens has released new versions of BIOS for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-216014.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-225816", "title": "Memory Corruption Vulnerability in RUGGEDCOM CROSSBOW Station Access Controller Before V5.8", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225816.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225816.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225816.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition.\r\n\r\nSiemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller (SAC) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-225816.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-244969", "title": "OpenSSL Vulnerability in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-244969.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-244969.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-244969.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates are not, or not yet available.\r\n\r\n[0] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-244969.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-311973", "title": "Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-311973.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-311973.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-311973.json.asc" } ], "published": "2026-02-10T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges.\r\n\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-311973.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-408105", "title": "Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "The openSSL component, versions 3.0.0 through 3.0.6, contains two buffer overflow vulnerabilities (CVE-2022-3602, CVE-2022-3786) in the X.509 certificate verification [0]. They could allow an attacker to create a denial of service condition or execute arbitrary code on a vulnerable TLS server (if the server requests client certificate authentication), or on a vulnerable TLS client.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.\r\n\r\n[0] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-408105.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-552702", "title": "Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552702.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552702.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552702.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "The products listed below do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-552702.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-599968", "title": "Denial of Service Vulnerability in Profinet Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599968.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599968.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599968.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "A vulnerability in affected devices could allow an attacker to perform a denial ofservice attack if a large amount of Profinet Discovery and Configuration Protocol (DCP) reset packets is sent to the affected devices.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-599968.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-605717", "title": "Authorization Bypass Vulnerability in SINEC NMS Before V4.0 SP3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-605717.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-605717.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-605717.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account.\r\n\r\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-605717.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-609469", "title": "Authorization Bypass Vulnerability in Industrial Edge Management", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-609469.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-609469.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-609469.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent authentication and to access connected Industrial Edge Devices through the remote connection feature.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-609469.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-628843", "title": "Out of Bound Read Vulnerability in TPM 2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-628843.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-628843.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-628843.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-628843.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-710008", "title": "Multiple Web Vulnerabilities in SCALANCE Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-710008.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-710008.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-710008.json.asc" } ], "published": "2022-08-09T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "SCALANCE devices contain multiple vulnerabilities in MSPS based product lines that could allow authenticated remote attackers to execute custom code or create a XSS situation, as well as unauthenticated remote attackers to create a denial of service condition.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-710008.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-712929", "title": "Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-712929.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-712929.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-712929.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.\r\n\r\n[0] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-712929.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-726617", "title": "Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-726617.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-726617.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-726617.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-726617.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-726834", "title": "Denial of Service Vulnerability in the RADIUS Client of SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-726834.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-726834.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-726834.json.asc" } ], "published": "2023-03-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "The RADIUS client implementation of the VxWorks platform in SIPROTEC 5 devices contains a denial of service vulnerability that could be triggered when a specially crafted packet is sent by a RADIUS server.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-726834.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-741509", "title": "Privilege Escalation Vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary Before V5.8", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-741509.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-741509.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-741509.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) contains a vulnerability that could allow an attacker to escalate their own privileges.\r\n\r\nSiemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-741509.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-801704", "title": "Authentication Bypass Vulnerability in SINEC NMS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-801704.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-801704.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-801704.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "Siemens SINEC NMS when used with User Management Component (UMC) contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application.\r\n\r\n\r\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-801704.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-827968", "title": "Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-827968.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-827968.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-827968.json.asc" } ], "published": "2026-01-13T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "Nozomi Networks has published information on vulnerabilities in [Nozomi Guardian/CMC](https://security.nozominetworks.com/). This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-827968.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-913875", "title": "Frame Aggregation and Fragmentation Vulnerabilities in 802.11", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-913875.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-913875.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-913875.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of [FragAttacks](), have been published.\r\n\r\nSuccessful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation.\r\n\r\nThe advised Siemens products are only affected by some of the published vulnerabilities.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-913875.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-981622", "title": "Improper Certificate Validation Vulnerability in Siemens Analytics Toolkit", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-981622.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-981622.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-981622.json.asc" } ], "published": "2026-04-14T00:00:00Z", "updated": "2026-04-14T00:00:00Z", "summary": { "content": "Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-981622.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-246443", "title": "Multiple Vulnerabilities in SICAM 8 Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-246443.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-246443.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-246443.json.asc" } ], "published": "2026-03-26T00:00:00Z", "updated": "2026-03-26T00:00:00Z", "summary": { "content": "Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely:\r\n\r\n- SICAM A8000 Device firmware\r\n - CPCI85 for CP-8031/CP-8050\r\n - SICORE for CP-8010/CP-8012 \r\n - RTUM85 for CP-8010/CP-8012 \r\n\r\n- SICAM EGS Device firmware\r\n - CPCI85\r\n\r\n- SICAM S8000\r\n - SICORE\r\n - RTUM85\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-246443.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-452276", "title": "Eval Injection Vulnerability in SIMATIC S7-1500", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-452276.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-452276.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-452276.json.asc" } ], "published": "2026-03-10T00:00:00Z", "updated": "2026-03-19T00:00:00Z", "summary": { "content": "SIMATIC S7-1500 devices contain a vulnerability that could allow an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in the web interface.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-452276.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-027652", "title": "Privilege Escalation Vulnerability in SINAMICS Drives", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-027652.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-027652.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-027652.json.asc" } ], "published": "2025-09-09T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Siemens SINAMICS G220, SINAMICS S210, and SINAMICS S200 contains a privilege escalation vulnerability that could allow users to escalate their privileges.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-027652.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-082556", "title": "Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-082556.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-082556.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-082556.json.asc" } ], "published": "2025-06-10T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\r\n\r\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-082556.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-126399", "title": "Improper Access Control Vulnerability in Heliox EV Chargers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-126399.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-126399.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-126399.json.asc" } ], "published": "2026-03-10T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Heliox EV Chargers listed below contain improper access control vulnerability that could allow an attacker to reach unauthorized services via the charging cable.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-126399.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-201595", "title": "Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201595.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201595.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201595.json.asc" } ], "published": "2025-08-14T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Versions V5.0 through V8 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS), as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of this vulnerability could allow privilege escalation.\r\n\r\nSiemens has released instructions how to update the CodeMeter Runtime component and recommends to apply the update on affected systems." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-201595.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-212953", "title": "Multiple Vulnerabilities in COMOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-212953.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-212953.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-212953.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. \r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-212953.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-282044", "title": "DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-282044.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-282044.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-282044.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "The installers used to install several Siemens products are affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected installer component. This vulnerability poses a risk only during setup and installation phase of the affected applications downloaded e.g. via OSD (Online Software Delivery).\r\n\r\nSiemens has released new versions for several affected products and recommends using the latest versions during setup and installation. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-282044.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-430425", "title": "Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-430425.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-430425.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-430425.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "SINEC Security Monitor before V4.9.0 contains multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEC Security Monitor and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-430425.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-485750", "title": "Multiple Vulnerabilities in SIDIS Prime Before V4.0.800", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json.asc" } ], "published": "2026-03-10T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below.\r\n\r\nSiemens has released a new version of SIDIS Prime and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-513708", "title": "Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-513708.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-513708.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-513708.json.asc" } ], "published": "2025-06-10T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\r\n\r\n[1] https://security.paloaltonetworks.com/" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-513708.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-535115", "title": "Data Validation Vulnerability in NX Before V2512", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535115.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535115.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535115.json.asc" } ], "published": "2026-02-10T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Siemens NX is affected by missing data validation vulnerability that could allow an attacker with local access on a compromised system to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution. \r\n\r\nSiemens has released a new version of NX which resolves the data tampering vulnerability." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-535115.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-710408", "title": "Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-710408.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-710408.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-710408.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Multiple Siemens products are affected by improper certificate validation in Siemens Advanced Licensing (SALT) Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-710408.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-770770", "title": "Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770770.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770770.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770770.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "[Fortinet has published](https://www.fortiguard.com/psirt) information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products.\r\n\r\nSiemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-770770.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-868571", "title": "Missing Server Certificate Validation in IAM Client", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-868571.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-868571.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-868571.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "Multiple Siemens products are affected by improper certificate validation in IAM Client. This could allow an unauthenticated remote attacker to perform man in the middle attacks.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-868571.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-903736", "title": "Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-903736.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-903736.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-903736.json.asc" } ], "published": "2026-03-10T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "The SICAM SIAPP SDK contains multiple vulnerabilities that could allow an attacker to disrupt the customer-developed SIAPP or its simulation environment. Potential impacts include denial of service within the SIAPP, corruption of SIAPP data, or exploit the simulation environment. These vulnerabilities are only exploitable if the API is used improperly or hardening measures are not applied.\r\n\r\n\r\n\r\nSiemens has released a new version for SICAM SIAPP SDK and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-903736.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-975644", "title": "Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975644.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975644.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975644.json.asc" } ], "published": "2026-03-10T00:00:00Z", "updated": "2026-03-10T00:00:00Z", "summary": { "content": "[Fortinet has published](https://www.fortiguard.com/psirt) information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products.\r\n\r\nSiemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-975644.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-089022", "title": "Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-089022.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-089022.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-089022.json.asc" } ], "published": "2026-01-28T00:00:00Z", "updated": "2026-02-24T00:00:00Z", "summary": { "content": "SINEC OS before V3.3 contains third-party components with multiple vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-089022.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-355557", "title": "Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-355557.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-355557.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-355557.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2026-02-24T00:00:00Z", "summary": { "content": "SINEC OS before V3.2 contains third-party components with multiple vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-355557.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-613116", "title": "Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-613116.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-613116.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-613116.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2026-02-24T00:00:00Z", "summary": { "content": "SINEC OS before V3.1 contains third-party components with multiple vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-613116.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-035571", "title": "Cross Site Scripting Vulnerability in Polarion Before V2506", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-035571.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-035571.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-035571.json.asc" } ], "published": "2026-02-10T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "Polarion before V2506 contains a vulnerability that could allow authenticated remote attackers to conduct cross-site scripting attacks.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-035571.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-130874", "title": "Buffer Overflow Vulnerability in SCALANCE X Switches", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-130874.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-130874.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-130874.json.asc" } ], "published": "2012-04-05T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "The embedded web server on affected devices contains a buffer overflow vulnerability. This could allow remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-130874.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-265688", "title": "Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-265688.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-265688.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-265688.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-265688.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-445819", "title": "Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-445819.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-445819.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-445819.json.asc" } ], "published": "2026-02-10T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "Solid Edge uses PS/IGES Parasolid Translator Component that contains an out of bounds read that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for Solid Edge and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-445819.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-507364", "title": "Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-507364.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-507364.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-507364.json.asc" } ], "published": "2026-02-10T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "Versions V6.0 through V8 QU1 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS), as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of this vulnerability could lead to code execution in the context of the current process.\r\n\r\nSiemens has released instructions how to update the CodeMeter Runtime component and recommends to apply the update on affected systems." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-507364.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-599451", "title": "Multiple Vulnerabilities in SiPass integrated", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599451.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599451.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599451.json.asc" } ], "published": "2025-10-14T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "SiPass integrated contains multiple vulnerabilities that could allow an unauthenticated remote attacker to exploit user accounts, manipulate data, impersonate users, or achieve arbitrary code execution on the SiPass integrated server.\r\n\r\nSiemens has released a new version for SiPass integrated and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-599451.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-625934", "title": "Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625934.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625934.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625934.json.asc" } ], "published": "2026-02-10T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "The Webhooks implementation of Siveillance Video Management Servers contains a vulnerability that could allow an authenticated remote attacker with read-only privileges to achieve full access to Webhooks API.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-625934.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-674753", "title": "Denial-of-Service Vulnerability in ET 200 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-674753.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-674753.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-674753.json.asc" } ], "published": "2026-01-13T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "Siemens ET 200 devices contain a denial-of-service vulnerability that could be triggered by sending a valid S7 protocol Disconnect Request (COTP DR TPDU), causing the device to become unresponsive and require a power cycle to recover.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-674753.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-783261", "title": "Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-783261.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-783261.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-783261.json.asc" } ], "published": "2012-12-12T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "A vulnerability was identified in the Automation License Manager software before V5.2 that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial of service preventing legitimate users from using the system.\r\n\r\nSiemens has released a new version for Automation License Manager and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-783261.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-864900", "title": "Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-864900.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-864900.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-864900.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "[Fortinet has published](https://www.fortiguard.com/psirt) information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products.\r\n\r\nSiemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-864900.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-965753", "title": "Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-965753.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-965753.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-965753.json.asc" } ], "published": "2026-02-10T00:00:00Z", "updated": "2026-02-10T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-965753.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-001536", "title": "Authorization Bypass Vulnerability in Siemens Industrial Edge Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-001536.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-001536.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-001536.json.asc" } ], "published": "2026-01-13T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Siemens Industrial Edge Devices contain an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-001536.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-014678", "title": "Authorization Bypass Vulnerability in Industrial Edge Device Kit", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-014678.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-014678.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-014678.json.asc" } ], "published": "2026-01-13T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices (for Siemens Industrial Edge devices see Additional Information).\r\n\r\nIndustrial Edge Device Kit contains an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user.\r\n\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-014678.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-192617", "title": "Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-192617.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-192617.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-192617.json.asc" } ], "published": "2026-01-13T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "TeleControl Server Basic before V3.1.2.4 contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges.\r\n\r\nSiemens has released a new version for TeleControl Server Basic and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-192617.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-364175", "title": "Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-364175.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-364175.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-364175.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\r\n\r\n[1] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-364175.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-365200", "title": "Google Chrome Type Confusion Vulnerability in Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365200.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365200.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365200.json.asc" } ], "published": "2025-10-14T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Multiple Siemens products are affected by a type confusion vulnerability in Google Chrome prior to 138.0.7204.96. This could allow a remote attacker to perform arbitrary code execution via a crafted HTML page.\r\n\r\nSiemens has released a new version for Industrial Edge App Publisher and recommends to update to the latest version. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-365200.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-366067", "title": "Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-366067.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-366067.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-366067.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "[Fortinet has published](https://www.fortiguard.com/psirt) information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products.\r\n\r\nSiemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-366067.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-693776", "title": "Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693776.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693776.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693776.json.asc" } ], "published": "2025-06-10T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Several Industrial Communication Devices based on SINEC OS before V3.2 contain multiple vulnerabilities that could allow an attacker to circumvent authorization checks and perform actions that exceed the permissions of the \"guest\" role.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-693776.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-698820", "title": "Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-698820.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-698820.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-698820.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "[Fortinet has published](https://www.fortiguard.com/psirt) information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products.\r\n\r\nSiemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-698820.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-832273", "title": "Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-832273.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-832273.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-832273.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "[Fortinet has published](https://www.fortiguard.com/psirt) information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products.\r\n\r\nSiemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-832273.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-858251", "title": "Authentication Bypass Vulnerabilities in OPC UA", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-858251.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-858251.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-858251.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "The products listed below contain two authentication bypass vulnerabilities that could allow an attacker to gain access to the data managed by the server.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-858251.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-912274", "title": "Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-912274.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-912274.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-912274.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Devices based on RUGGEDCOM ROX before V2.17 contain multiple high severity vulnerabilities.\r\n\r\nSiemens has released a new version for RUGGEDCOM ROX II family and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-912274.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-928984", "title": "Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928984.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928984.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928984.json.asc" } ], "published": "2024-12-16T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-928984.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-978177", "title": "Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-978177.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-978177.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-978177.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2026-01-13T00:00:00Z", "summary": { "content": "Nozomi Networks has published information on vulnerabilities in [Nozomi Guardian/CMC](https://security.nozominetworks.com/). This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-978177.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-512988", "title": "File Parsing Vulnerability in Simcenter Femap Before V2512", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-512988.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-512988.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-512988.json.asc" } ], "published": "2025-12-12T00:00:00Z", "updated": "2025-12-12T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap versions before V2512 are affected by uninitialized memory vulnerability that could be triggered when the application reads files in SLDPRT format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released a new version for Simcenter Femap and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-512988.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-202008", "title": "Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-202008.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-202008.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-202008.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Ruggedcom ROX familly contain multiple vulnerabilities before V2.17.0\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-202008.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-356310", "title": "Multiple Vulnerabilities in Gridscale X Prepay", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-356310.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-356310.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-356310.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Gridscale X Prepay contains multiple vulnerabilities that could allow an attacker to enumerate valid user names and to bypass locked-out user sessions.\r\n\r\nSiemens has released a new version for Gridscale X Prepay and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-356310.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-392859", "title": "Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-392859.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-392859.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-392859.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Affected products contain a local arbitrary code execution vulnerability that could allow an attacker to perform actions against the operation system of that environment.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.\r\n\r\nSiemens has released products based on the Totally Integrated Automation Portal (TIA Portal) V20 which are not affected by CVE-2024-52051. See the chapter \"Additional Information\" below for more details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-392859.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-416652", "title": "Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-416652.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-416652.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-416652.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. \r\n\r\nSiemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-416652.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-420375", "title": "Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-420375.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-420375.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-420375.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Building X - Security Manager Edge Controller (ACC-AP) devices do not properly check the integrity of firmware updates. This could allow an attacker to upload a maliciously modified firmware onto the device.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-420375.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-471761", "title": "Multiple Vulnerabilities in SICAM T Before V3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-471761.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-471761.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-471761.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "SICAM T before V3.0 contain multiple vulnerabilities. These include critical issues such as improper parameter and input validation, various Cross-Site Scripting (XSS) vulnerabilities , and a Cross-Site Request Forgery (CSRF) vulnerability . Additional weaknesses comprise session fixation, authentication and authorization bypasses , missing HTTPS protection, and missing cookie protection flags. These issues could potentially lead to remote code execution, denial of service, unauthorized access to web-interface functionality, session hijacking, impersonation of legitimate users, or allow an attacker to perform arbitrary actions on the device on behalf of a user.\r\n\r\nSiemens has released a new version for SICAM T and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-471761.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-493396", "title": "Deserialization Vulnerability in Siemens Engineering Platforms", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-493396.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-493396.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-493396.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Affected products do not properly sanitize user-controllable input when parsing project files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-493396.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-626856", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626856.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626856.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626856.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server Before V3.2 SP4 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-626856.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-673996", "title": "Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-673996.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-673996.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-673996.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Multiple SICAM products are affected by buffer overflow vulnerability in the IEC 61850 Client libraries from Triangle MicroWorks that could allow an unauthenticated remote attacker to create a denial of service condition by sending specially crafted MMS messages.\r\n\r\nAffected SICAM and SITIPE products:\r\n\r\n- SICAM A8000 Device firmware \r\n - ET85 for CP-8000/CP-8021/CP-8022\r\n - ETI5 for CP-8031/CP-8050\r\n\r\n- SICAM EGS Device firmware \r\n - ETI5\r\n\r\n- SICAM S8000\r\n - ETI5 \r\n\r\n- SICAM SCC\r\n- SITIPE AT\r\n\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-673996.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-693808", "title": "Deserialization Vulnerability in Siemens Engineering Platforms", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693808.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693808.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693808.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Affected products do not properly restrict access permissions to a local Windows Named Pipe and do not properly sanitize user-controllable input sent to that Named Pipe. This could allow a local authenticated attacker to cause a type confusion and execute arbitrary code within the affected application and its privileges.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-693808.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-723487", "title": "RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-723487.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-723487.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-723487.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "This advisory documents the impact of CVE-2024-3596 (also dubbed \"Blastradius\"), a vulnerability in the RADIUS protocol, to SCALANCE, RUGGEDCOM and related products.\r\n\r\nThe vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., SCALANCE or RUGGEDCOM devices) and a RADIUS server (e.g., SINEC INS), to forge Access-Request packets in a way that enables them to modify the corresponding server response packet at will, e.g., turning an \"Access-Reject\" message into an \"Access-Accept\". This would cause the Network Access Server to grant the attackers access to the network with the attackers desired authorization (and without the need of knowing or guessing legitimate access credentials).\r\n\r\nFurther details incl. external references can be found in the chapter \"Additional Information\".\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions, and to configure the updated systems as recommended in the chapter \"Additional Information\".\r\nSiemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. See chapter \"Additional Information\" for details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-723487.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-734261", "title": "Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-734261.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-734261.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-734261.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Energy Services from Siemens (previously known as Managed Applications and Services), sell solutions using Elspec G5 devices that allows a person with physical access to the device to reset the Admin password by inserting a USB drive (containing a publicly documented reset string) into a USB port." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-734261.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-763474", "title": "Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-763474.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-763474.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-763474.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Ruggedcom ROS devices contain a temporary denial of service vulnerability that could allow an attacker to crash and restart the device.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-763474.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-800126", "title": "Deserialization Vulnerability in Siemens Engineering Platforms before V20", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-800126.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-800126.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-800126.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Affected products do not properly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.\r\n\r\nSiemens has released products based on the Totally Integrated Automation Portal (TIA Portal) V20 which are not affected by CVE-2024-49849. See the chapter \"Additional Information\" below for more details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-800126.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-882673", "title": "Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-882673.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-882673.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-882673.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "SINEC Security Monitor before V4.10.0 contains multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEC Security Monitor and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-882673.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-915282", "title": "Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-915282.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-915282.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-915282.json.asc" } ], "published": "2025-12-09T00:00:00Z", "updated": "2025-12-09T00:00:00Z", "summary": { "content": "Multiple Industrial products are affected by a vulnerability in the Interniche IP-Stack. The affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-915282.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-190588", "title": "Cross-Site Scripting Vulnerability in Mendix Rich Text Widget", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-190588.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-190588.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-190588.json.asc" } ], "published": "2025-11-17T00:00:00Z", "updated": "2025-11-17T00:00:00Z", "summary": { "content": "Mendix RichText editor contain a cross-site scripting vulnerability.\r\n\r\nSiemens has released a new version for Mendix RichText and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-190588.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-241605", "title": "Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-241605.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-241605.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-241605.json.asc" } ], "published": "2025-11-17T00:00:00Z", "updated": "2025-11-17T00:00:00Z", "summary": { "content": "PS/IGES Parasolid Translator Component contains an out of bounds read that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for PS/IGES Parasolid Translator Component and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-241605.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-194557", "title": "Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-194557.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-194557.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-194557.json.asc" } ], "published": "2025-01-14T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Affected SIPROTEC 5 devices do not properly limit the access of the web server to the filesystem. This could allow an authenticated remote attacker to read arbitrary files or the entire filesystem of the device.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-194557.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-201498", "title": "Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201498.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201498.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201498.json.asc" } ], "published": "2025-11-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "The web server of SICAM P850 and SICAM P855 devices, versions before V3.11, contains a Cross Site Request Forgery (CSRF) vulnerability and is missing cookie protection flags. This could allow an attacker to perform arbitrary actions on the device on behalf of a legitimate user, or impersonate that user.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-201498.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-225578", "title": "Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225578.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225578.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225578.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "SICAM GridEdge contains an improper access control vulnerability. This could allow persons with local access to the host system to inject an SSH key.\r\n\r\nSiemens has released a new version for SICAM GridEdge (Classic) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-225578.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-267056", "title": "Multiple Vulnerabilities in LOGO! 8 BM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-267056.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-267056.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-267056.json.asc" } ], "published": "2025-11-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "LOGO! 8 BM (incl. SIPLUS variants) contains multiple vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state, or change the behavior of the device.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-267056.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-301229", "title": "Client-Side Enforcement of Server-Side Security Vulnerabilities in RUGGEDCOM ROX II", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-301229.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-301229.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-301229.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "The web interface of RUGGEDCOM ROX II devices contain multiple Client-Side Enforcement of Server-Side Security vulnerabilities that could allow an attacker with a legitimate, highly privileged account on the web interface to get privileged code execution in the underlying OS of the affected products.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-301229.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-322980", "title": "Denial of Service Vulnerability in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-322980.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-322980.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-322980.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device. \r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-322980.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-339694", "title": "Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-339694.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-339694.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-339694.json.asc" } ], "published": "2025-11-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Spectrum Power 4 before v4.70 SP12 Security Patch 2 contains multiple vulnerabilities that could allow an attacker to remotely execute code as application administrator or locally execute code as operating system administrator.\r\n\r\nSiemens has released a new version for Spectrum Power 4 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-339694.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-365596", "title": "DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365596.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365596.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365596.json.asc" } ], "published": "2025-11-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-365596.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-514895", "title": "Multiple Vulnerabilities in Altair Grid Engine V2025.1.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-514895.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-514895.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-514895.json.asc" } ], "published": "2025-11-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Altair Grid Engine contain multiple vulnerabilities that could allow an attacker to escalate privileges and execute arbitrary code with superuser permissions.\r\nSiemens has released a new version for Altair Grid Engine and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-514895.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-522291", "title": "Improper Certificate Validation Vulnerability in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-522291.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-522291.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-522291.json.asc" } ], "published": "2025-11-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Solid Edge is affected by improper certificate validation while connecting to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks.\r\n\r\nSiemens has released a new version for Solid Edge SE2025 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-522291.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-552874", "title": "Denial of Service Vulnerability in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552874.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552874.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552874.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Devices of the SIPROTEC 5 family contain a vulnerability related to secure client-initiated renegotiation. This could allow an unauthenticated attacker to cause a denial of service condition for the duration of the attack.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-552874.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-631336", "title": "Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-631336.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-631336.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-631336.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Multiple vulnerabilities were identified in the web server of the SICAM GridEdge application which includes missing authentication for critical API functions, absent cross-origin resource sharing restrictions and access to credentials.\r\n\r\nSiemens has released a new version for SICAM GridEdge (Classic) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-631336.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-682326", "title": "Multiple Vulnerabilities in COMOS before V10.4.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-682326.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-682326.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-682326.json.asc" } ], "published": "2025-11-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. \r\n\r\nSiemens has released a new version for COMOS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-682326.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-687955", "title": "Accessible Development Shell via Physical Interface in SIPROTEC 5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-687955.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-687955.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-687955.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "Affected SIPROTEC 5 devices contain a development shell which is accessible via a physical interface which is not properly restricted. This could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-687955.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-711309", "title": "Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-711309.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-711309.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-711309.json.asc" } ], "published": "2023-09-12T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-711309.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-750499", "title": "Weak Encryption Vulnerability in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-750499.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-750499.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-750499.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "The SIPROTEC 5 devices are supporting weak encryption. This could allow an unauthorized attacker in a man-in-the-middle position to read any data passed over the connection between legitimate clients and the affected device.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-750499.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-794185", "title": "RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794185.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794185.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794185.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-11-11T00:00:00Z", "summary": { "content": "This advisory documents the impact of CVE-2024-3596 (also dubbed \"Blastradius\"), a vulnerability in the RADIUS protocol, to SIPROTEC, SICAM and related products.\r\n\r\nThe vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., a SICAM device) and a RADIUS server, to forge Access-Request packets in a way that enables them to modify the corresponding server response packet at will, e.g., turning an \"Access-Reject\" message into an \"Access-Accept\". This would cause the Network Access Server to grant the attackers access to the network with the attackers desired authorization (and without the need of knowing or guessing legitimate access credentials).\r\n\r\nFurther details incl. external references can be found in the chapter \"Additional Information\".\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions, and to configure the updated systems as recommended in the chapter \"Additional Information\".\r\nSiemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. See chapter \"Additional Information\" for details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-794185.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-039007", "title": "Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-039007.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-039007.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-039007.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-039007.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-054046", "title": "Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-054046.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-054046.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-054046.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-054046.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-062309", "title": "Information Disclosure Vulnerability in TeleControl Server Basic V3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-062309.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-062309.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-062309.json.asc" } ], "published": "2025-10-14T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "TeleControl Server Basic V3.1 contains an information disclosure vulnerability that could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service.\r\n\r\nSiemens has released a new version for TeleControl Server Basic V3.1 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-062309.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-083019", "title": "Multiple Vulnerabilities in RUGGEDCOM ROS Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-083019.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-083019.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-083019.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affect the RUGGEDCOM Operating System (ROS). \r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-083019.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-240718", "title": "Insecure Storage of HTTPS CA Certificate in SIMATIC S7-1200 CPU V2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-240718.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-240718.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-240718.json.asc" } ], "published": "2012-09-13T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "SIMATIC S7-1200 CPU V2 devices contain an insufficiently protected private key used for the Certificate Authority (CA) for HTTPS connections. Possession of this key could allow remote attackers to spoof the device's web server by creating a forged web server certificate.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available.\r\nRefer to the chapter Additional Information for more details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-240718.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-279823", "title": "Cross-Site Scripting Vulnerability in SIMATIC S7-1200 CPU V2/V3 Before V3.0.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-279823.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-279823.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-279823.json.asc" } ], "published": "2012-10-08T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "The web server on SIMATIC S7-1200 CPU V2/V3 Before V3.0.2 contains a cross-site scripting (XSS) vulnerability that could allow remote attackers to inject arbitrary web script or HTML via a crafted URI.\r\n\r\nSiemens has released a new version for SIMATIC S7-1200 CPU V3 family (incl. SIPLUS variants) and recommends to update to the latest version. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-279823.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-318832", "title": "SQL Injection Vulnerability in SINEC NMS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-318832.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-318832.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-318832.json.asc" } ], "published": "2025-10-14T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "SINEC NMS is affected by SQL injection vulnerability that could allow an authenticated low privileged attacker to exploit by inserting malicious data and achieve privilege escalation.\r\n\r\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-318832.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-367714", "title": "Improper Integrity Check of Firmware Updates in SiPass integrated AC5102 / ACC-G2 and ACC-AP", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-367714.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-367714.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-367714.json.asc" } ], "published": "2025-05-23T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "SiPass integrated ACC (Advanced Central Controller) devices do not properly check the integrity of firmware updates. This could allow an attacker to upload a maliciously modified firmware onto the device.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-367714.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-373591", "title": "Buffer Overflow Vulnerability in RUGGEDCOM ROS Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-373591.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-373591.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-373591.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "The latest update for RUGGEDCOM ROS devices fixes a buffer overflow vulnerability in the third party component that could allow an attacker with network access to an affected device to cause a remote code execution condition.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-373591.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-486936", "title": "Authentication Vulnerability in SIMATIC ET 200SP Communication Processors", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-486936.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-486936.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-486936.json.asc" } ], "published": "2025-10-14T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "SIMATIC ET 200SP communication processors (CP 1542SP-1, CP 1542SP-1 IRC and CP 1543SP-1, incl. SIPLUS variants) contain an authentication vulnerability that could allow an unauthenticated remote attacker to access the configuration data.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-486936.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-541582", "title": "Multiple File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541582.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541582.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541582.json.asc" } ], "published": "2025-10-14T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code.\r\n\r\n\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-541582.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-614723", "title": "Denial of Service Vulnerabilities in User Management Component (UMC)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-614723.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-614723.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-614723.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "Siemens User Management Component (UMC) is affected by three vulnerabilities which could allow an unauthenticated remote attacker to cause a denial of service condition.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-614723.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-625789", "title": "Multiple Vulnerabilities in SIMATIC S7-1200 CPU V1/V2 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625789.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625789.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625789.json.asc" } ], "published": "2011-06-10T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "SIMATIC S7-1200 CPU V1/V2 controllers contain two vulnerabilities that could allow an unauthenticated remote attacker\r\n\r\n* to trigger functions by record and playback of legitimate network communication, or\r\n* to place the controller in stop/defect state by causing a communications error.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-625789.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-722410", "title": "Multiple Vulnerabilities in User Management Component (UMC)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-722410.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-722410.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-722410.json.asc" } ], "published": "2025-09-09T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "Siemens' User Management Component (UMC) is affected by multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition.\r\n\r\nSiemens has released a new version for User Management Component (UMC) and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-722410.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-876787", "title": "Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-876787.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-876787.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-876787.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2025-10-14T00:00:00Z", "summary": { "content": "Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-876787.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-331739", "title": "Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-331739.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-331739.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-331739.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "WIBU Systems published information about a privilege escalation vulnerability under a certain circumstances and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products.\r\n\r\nSiemens has released new versions for affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-331739.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-494539", "title": "Multiple Vulnerabilities in SINEC OS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-494539.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-494539.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-494539.json.asc" } ], "published": "2025-09-09T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "SINEC OS is affected by multiple vulnerabilities due to open UDP ports, which could allow an attacker to access non-sensitive information without authentication or potentially cause temporary denial of service.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-494539.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-503939", "title": "Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-503939.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-503939.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-503939.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-503939.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-534283", "title": "Insecure File Share Vulnerability in SIMATIC Virtualization as a Service (SIVaaS)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-534283.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-534283.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-534283.json.asc" } ], "published": "2025-09-09T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "SIMATIC Virtualization as a Service (SIVaaS) is affected by a vulnerability which exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization.\r\n\r\nSiemens recommends to contact technical support to fix the vulnerability." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-534283.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-563922", "title": "Local Privilege Escalation Vulnerability in SIMOTION Tools", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-563922.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-563922.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-563922.json.asc" } ], "published": "2025-09-09T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "Several tools for the SIMOTION system are affected by a local privilege escalation vulnerability. This could allow an attacker to execute arbitrary code with SYSTEM privileges when a legitimate user installs an application that uses the affected setup component. This vulnerability poses a risk only during setup and installation phase of the affected tools.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-563922.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-640476", "title": "Denial of Service Vulnerability in Industrial Edge Management", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640476.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640476.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640476.json.asc" } ], "published": "2025-09-09T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "Industrial Edge Management is affected by a vulnerability that could allow a remote attacker to cause a denial of service condition.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-640476.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-691715", "title": "Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-691715.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-691715.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-691715.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "A vulnerability was identified in OPC Foundation Local Discovery Server which also affects Siemens products that could allow an attacker to escalate privileges under certain circumstances.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-691715.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-916339", "title": "Information Disclosure Vulnerability in Apogee PXC and Talon TC Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-916339.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-916339.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-916339.json.asc" } ], "published": "2025-09-09T00:00:00Z", "updated": "2025-09-09T00:00:00Z", "summary": { "content": "Apogee PXC and Talon TC contain a vulnerability that could allow an attacker to download the device encrypted database file.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-916339.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-707630", "title": "Multiple Vulnerabilities in SIMATIC RTLS Locating Manager Before V3.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-707630.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-707630.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-707630.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-26T00:00:00Z", "summary": { "content": "Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-707630.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-395458", "title": "Account Hijacking Vulnerability in Mendix SAML Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-395458.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-395458.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-395458.json.asc" } ], "published": "2025-08-14T00:00:00Z", "updated": "2025-08-14T00:00:00Z", "summary": { "content": "Mendix SAML module contains a vulnerability that could allow unauthenticated remote attackers to hijack an account in specific SSO configurations.\r\n\r\nMendix has provided fix releases for the Mendix SAML module and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-395458.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-028723", "title": "Multiple OpenSSL Vulnerabilities in BFCClient Before V2.17", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-028723.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-028723.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-028723.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-13T00:00:00Z", "summary": { "content": "Siemens BFCClient contains multiple vulnerabilities in the integrated OpenSSL component that could allow an attacker to read memory contents, to change the application behaviour or to create a denial of service condition.\r\n\r\nSiemens has released a new version for BFCClient and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-028723.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-094954", "title": "Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-094954.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-094954.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-094954.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "RUGGEDCOM ROX II devices do not properly limit access through their Built-In-Self-Test (BIST) mode. This could allow a local attacker to bypass authentication and access a root shell on the device.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-094954.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-097435", "title": "Usernames Disclosure Vulnerability in Mendix Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-097435.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-097435.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-097435.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "Mendix Runtime contains an observable response discrepancy vulnerability when validating usernames during authentication. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-097435.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-170375", "title": "Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-170375.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-170375.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-170375.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affect the RUGGEDCOM Operating System (ROS). The common denominator to all vulnerabilities is the leak of confidential information.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-170375.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-177847", "title": "Improper VNC Password Check Vulnerability in SINUMERIK Controllers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-177847.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-177847.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-177847.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "Siemens SINUMERIK Controllers are affected by an improper VNC password check vulnerability. \r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-177847.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-256353", "title": "Third-Party Component Vulnerabilities in RUGGEDCOM ROS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-256353.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-256353.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-256353.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affect various third-party components of the RUGGEDCOM Operating System (ROS). If exploited, an attacker could cause a denial-of-service, act as a man-in-the-middle or retrieval of sensitive information or gain privileged functions.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-256353.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-353002", "title": "Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-353002.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-353002.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-353002.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family is affected by multiple vulnerabilities.\r\nCVE-2023-44318 and CVE-2023-44321 were previously published as part of SSA-699386.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-353002.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-382999", "title": "Multiple Vulnerabilities in Opcenter Quality Before V2506", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382999.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382999.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382999.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "The Opcenter Quality is affected by multiple vulnerabilities in the SmartClient modules Opcenter QL Home (SC), SOA Audit and SOA Cockpit.\r\n\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-382999.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-398330", "title": "Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP >= V3.1.0 and < V3.1.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version >= V3.1.0 and < V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\r\n\r\nThese GNU/Linux vulnerabilities have been externally identified. \r\nSiemens has released new versions for the affected products and recommends to update to the latest versions.\r\n\r\nNote: This SSA advises vulnerabilities for firmware version V3.1 only; for versions < V3.1 refer to Siemens Security Bulletin SSB-439005 ()." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-398330.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-400089", "title": "Denial of Service Vulnerability in SIPROTEC 4 and SIPROTEC 4 Compact", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-400089.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-400089.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-400089.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "SIPROTEC 4 and SIPROTEC 4 Compact devices contain a vulnerability that could allow an unauthenticated remote attacker to cause a denial of service condition.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-400089.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-446307", "title": "Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446307.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446307.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446307.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller (BMC) that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire system.\r\n\r\nSiemens has released a new version for SIMATIC IPC RS-828A - BMC firmware and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-446307.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-460466", "title": "Denial of Service Vulnerability in TIA Project-Server and TIA Portal", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-460466.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-460466.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-460466.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "A vulnerability in TIA Project Server and TIA Portal could allow an attacker to cause a denial of service condition.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-460466.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-493787", "title": "Arbitrary Code Execution Vulnerability in SIMATIC RTLS Locating Manager Before V3.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-493787.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-493787.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-493787.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "SIMATIC RTLS Locating Manager Before V3.2 contains an improper input validation vulnerability that could allow an authenticated remote attacker to execute arbitrary code with high privileges.\r\n\r\nSiemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-493787.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-517338", "title": "Multiple Vulnerabilities in SINEC Traffic Analyzer Before V3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-517338.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-517338.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-517338.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "SINEC Traffic Analyzer before V3.0 is affected by multiple vulnerabilities.\r\n\r\n\r\nSiemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-517338.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-529291", "title": "Information Disclosure Vulnerabilities in SICAM Q100/Q200", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-529291.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-529291.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-529291.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "SICAM Q100 and Q200 devices are affected by two information disclosure vulnerabilities that could allow an authenticated local attacker to extract the SMTP account password and use the configured SMTP service for arbitrary purposes.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-529291.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-665108", "title": "Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-665108.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-665108.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-665108.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "RUGGEDCOM ROX II devices does not properly enforce limitations on type and size of files that can be uploaded through their web interface. This could allow an attacker with a legitimate, highly privileged account on the web interface to upload arbitrary files onto the filesystem of the devices.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-665108.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-674084", "title": "File Parsing Vulnerabilities in Simcenter Femap Before V2506", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-674084.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-674084.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-674084.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "Simcenter Femap contains a file parsing vulnerability that could be triggered when the application reads files in STP or BMP file format. If a user is tricked to open a malicious file with the affected application, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-674084.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-764417", "title": "Weak Encryption Vulnerability in RUGGEDCOM ROS Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-764417.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-764417.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-764417.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "The SSH server on RUGGEDCOM ROS devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-764417.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-767615", "title": "Information Disclosure Vulnerability in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-767615.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-767615.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-767615.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-767615.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-769791", "title": "Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-769791.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-769791.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-769791.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "COMOS before V10.6 is affected by a local arbitrary code execution vulnerability in the integrated Open Design Alliance Drawings SDK.\r\n\r\nSiemens has released a new version for COMOS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-769791.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-770902", "title": "Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770902.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770902.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770902.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "A denial of service vulnerability could allow an unauthorized attacker to cause total loss of availability in the web server of the affected devices.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-770902.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-787941", "title": "Denial of Service Vulnerability in RUGGEDCOM ROS devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787941.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787941.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787941.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "RUGGEDCOM ROS-based devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop, with none completed, the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-787941.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-840800", "title": "Code Injection Vulnerability in RUGGEDCOM ROS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-840800.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-840800.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-840800.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "RUGGEDCOM ROS-based devices are vulnerable to a web-based code injection attack. To execute this attack, it\r\nis necessary to access the system via the Command Line Interface (CLI).\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-840800.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-856721", "title": "Vulnerability in RUGGEDCOM Discovery Protocol (RCDP) of Industrial Communication Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-856721.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-856721.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-856721.json.asc" } ], "published": "2017-09-28T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "The RUGGEDCOM RCDP protocol is not properly configured after commissioning of RUGGEDCOM ROS based devices and some SCALANCE X switch models and could allow unauthenticated remote users to perform administrative operations. An attacker must be in the same adjacent network and the RCDP daemon must be enabled in order to exploit the vulnerability.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-856721.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-894058", "title": "Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-894058.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-894058.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-894058.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "Affected SIPROTEC 5 devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack and the protection function is not affected of this vulnerability.\r\n\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-894058.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-908185", "title": "Mirror Port Isolation Vulnerability in RUGGEDCOM ROS Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-908185.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-908185.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-908185.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "A vulnerability was identified in RUGGEDCOM ROS devices with mirror port enabled, that could allow an attacker to inject information into the network via the mirror port.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-908185.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-914892", "title": "Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914892.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914892.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914892.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "The basic authentication mechanism of Mendix Runtime contains a race condition vulnerability which could allow unauthenticated remote attackers to circumvent default account lockout measures.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-914892.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-994087", "title": "Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-994087.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-994087.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-994087.json.asc" } ], "published": "2025-08-12T00:00:00Z", "updated": "2025-08-12T00:00:00Z", "summary": { "content": "RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition.\r\n\r\nSiemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller (SAC) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-994087.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-725549", "title": "Denial of Service of ICMP in Industrial Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-725549.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-725549.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-725549.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-07-21T00:00:00Z", "summary": { "content": "A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions.\r\n\r\nThe integrated ICMP services in the underlying TCP/IP stack is vulnerable to a denial of service attack through specially crafted ICMP packets. A successful attack will impact the availability of ICMP services on affected products for a limited time before it restores itself after the attack ceases.\r\nOther communication services are not affected by this vulnerability.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-725549.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-183963", "title": "Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-183963.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-183963.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-183963.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-07-18T00:00:00Z", "summary": { "content": "During establishment of a https connection to the TLS server of a managed device, SICAM TOOLBOX II improperly validates that device's certificate.\r\nThis could allow an attacker to execute an on-path network (MitM) attack.\r\n\r\nSiemens has released a new version for SICAM TOOLBOX II and recommends to update to the latest version.\r\n\r\nThe chapter \"Additional Information\" provides additional guidance how to prevent on-path network attacks." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-183963.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-078892", "title": "Multiple Vulnerabilities in SINEC NMS Before V4.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-078892.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-078892.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-078892.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "Siemens SINEC NMS before V4.0 is affected by multiple vulnerabilities which could allow an attacker to elevate privilege and exceute arbitrary code.\r\n\r\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-078892.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-091753", "title": "Multiple Vulnerabilities in Solid Edge Before SE2025 Update 5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-091753.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-091753.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-091753.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as PAR or CFG format. This could allow an attacker to crash the application or execute arbitrary code.\r\n\r\nSiemens has released a new version for Solid Edge SE2025 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-091753.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-327438", "title": "Multiple Vulnerabilities in SCALANCE LPE9403", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-327438.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-327438.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-327438.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "SCALANCE LPE9403 is affected by multiple vulnerabilities which lead to a compromise in availability, integrity and confidentiality.\r\n\r\nSiemens has released a new version for SCALANCE LPE9403 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-327438.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-446545", "title": "Impact of RegreSSHion (CVE-2024-6387) in Siemens Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446545.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446545.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446545.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "An OpenSSH vulnerability, known as regreSSHion, affects multiple Siemens industrial products. This security regression vulnerability consists in a race condition which may allow an unauthenticated remote attacker to achieve remote code execution with high impact on the affected system.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-446545.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-573669", "title": "Multiple Vulnerabilities in TIA Administrator Before V3.0.6", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-573669.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-573669.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-573669.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "Siemens TIA Administrator before V3.0.6 contains multiple vulnerabilities which could allow an attacker to escalate privilege or exceute arbitrary code during installations.\r\n\r\nSiemens has released a new version for TIA Administrator and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-573669.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-593272", "title": "SegmentSmack in Interniche IP-Stack based Industrial Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-593272.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-593272.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-593272.json.asc" } ], "published": "2020-04-14T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions.\r\n\r\nThe underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-593272.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-626991", "title": "Denial of Service Vulnerability in SIMATIC CN 4100 before V4.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626991.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626991.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626991.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "A vulnerability in SIMATIC CN 4100 could allow an attacker to cause a denial of service condition.\r\n\r\nSiemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-626991.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-627195", "title": "Zip Path Traversal Vulnerability in Mendix Studio Pro's Module Installation Process", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-627195.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-627195.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-627195.json.asc" } ], "published": "2025-06-12T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "Mendix Studio Pro contains a vulnerability in the module installation process, that could allow an attacker to write or modify arbitrary files in directories outside a developer\u2019s project directory.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-627195.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-634640", "title": "Weak Authentication Vulnerability in Siemens Industrial Edge Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-634640.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-634640.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-634640.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "Siemens Industrial Edge Devices contain a weak authentication vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-634640.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-763427", "title": "Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-763427.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-763427.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-763427.json.asc" } ], "published": "2015-11-27T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "SIMATIC CP and TIM devices contain an authentication bypass vulnerability that could allow unauthenticated users to perform administrative operations under certain conditions.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-763427.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-904646", "title": "Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-904646.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-904646.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-904646.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "A sensitive data exposure vulnerability in SIPROTEC 5 can allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access.\r\n\r\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-904646.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-938066", "title": "Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-938066.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-938066.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-938066.json.asc" } ], "published": "2025-07-08T00:00:00Z", "updated": "2025-07-08T00:00:00Z", "summary": { "content": "SENTRON Powermanager and Desigo CC devices are not affected by a remote code execution vulnerability in Apache Tomcat that can be triggered via a partial PUT request due to a path equivalence issue. It could allow a remote attacker to execute arbitrary code, disclose sensitive information, or inject malicious content." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-938066.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-426509", "title": "Multiple Local Code Execution Vulnerabilities in Questa and ModelSim", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-426509.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-426509.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-426509.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2025-06-17T00:00:00Z", "summary": { "content": "Questa and ModelSim (incl. OEM Editions) are affected by multiple vulnerabilities that could allow a local attacker to inject arbitrary code and escalate privileges.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-426509.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-345750", "title": "Default Credentials in Energy Services Using Elspec G5DFR", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-345750.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-345750.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-345750.json.asc" } ], "published": "2025-06-10T00:00:00Z", "updated": "2025-06-16T00:00:00Z", "summary": { "content": "Energy Services from Siemens (previously known as Managed Applications and Services), sell solutions using Elspec G5 Digital Fault Recorder which contains default credentials with admin privileges. A client configuration with remote access could allow an attacker to gain remote control of the G5DFR component and tamper outputs from the device." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-345750.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-162506", "title": "DHCP Client Vulnerability in SIMOTICS CONNECT 400, Desigo PXC/PXM, APOGEE MEC/MBC/PXC, APOGEE PXC Series, and TALON TC Series", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162506.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162506.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162506.json.asc" } ], "published": "2020-04-14T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "SIMOTICS CONNECT 400, Desigo (Power PC-based), APOGEE MEC/MBC/PXC and TALON TC products are affected by a DHCP Client vulnerability as initially reported in [SSA-434032](https://cert-portal.siemens.com/productcert/html/ssa-434032.html) for the Mentor Nucleus Networking Module.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-162506.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-340240", "title": "Denial of Service Vulnerability in SIRIUS 3RV2921-5M", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-340240.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-340240.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-340240.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "A vulnerability in SIRIUS 3RV2921-5M could allow an attacker to cause a denial of service condition.\r\n\r\nSiemens has released a new version for SIRIUS 3RV2921-5M and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-340240.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-354569", "title": "Multiple Vulnerabilities in Palo Alto Networks PAN-OS on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-354569.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-354569.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-354569.json.asc" } ], "published": "2024-11-22T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.\r\n\r\n[1] https://security.paloaltonetworks.com/" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-354569.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-486186", "title": "Out of Bounds Read Vulnerability in Tecnomatix Plant Simulation Before 2404", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-486186.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-486186.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-486186.json.asc" } ], "published": "2025-06-10T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation contains a out-of-bound read vulnerability that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-486186.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-497656", "title": "Multiple NTP Vulnerabilities in TIM 4R-IE Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-497656.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-497656.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-497656.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "TIM 4R-IE devices contain multiple vulnerabilities in the integrated NTP component as listed below.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-497656.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-620799", "title": "Denial of Service Vulnerability During BLE Pairing in SENTRON Powercenter 1000/1100", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620799.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620799.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620799.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "SENTRON Powercenter devices are *not* affected by a denial of service vulnerability that can be triggered during BLE (Bluetooth Low Energy) pairing.\r\n\r\nNote: Unlike stated in the initial version of this security advisory from 2024-12-10, detailed analysis has shown that SENTRON Powercenter devices are not affected by this vulnerability." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-620799.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-633269", "title": "Incorrect Authorization Check Vulnerability in Industrial Communication Devices based on SINEC OS before V3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-633269.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-633269.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-633269.json.asc" } ], "published": "2025-06-10T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "Several Industrial Communication Devices based on SINEC OS before V3.1 contain an incorrect authorization check vulnerability that could allow an attacker to perform actions that exceed the permissions of the \"guest\" role.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-633269.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-656895", "title": "Open Redirect Vulnerability in Teamcenter", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-656895.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-656895.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-656895.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "The SSO login service in Teamcenter contains an open redirect vulnerability that could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-656895.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-874353", "title": "Entity Enumeration Vulnerability in Mendix Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-874353.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-874353.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-874353.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-06-10T00:00:00Z", "summary": { "content": "Mendix Runtime allows for entity enumeration due to distinguishable responses in certain client actions. This could allow an unauthenticated remote attacker to list all valid entities and attribute names of a Mendix Runtime-based application.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-874353.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-041082", "title": "Out of Bounds Read Vulnerability in SiPass Integrated Before V2.95.3.18", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-041082.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-041082.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-041082.json.asc" } ], "published": "2025-05-23T00:00:00Z", "updated": "2025-05-23T00:00:00Z", "summary": { "content": "SiPass integrated versions before V2.95.3.18 contain an out of bounds read vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition.\r\n\r\nSiemens has released a new version for SiPass integrated and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-041082.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-552330", "title": "System Configuration Password Reset in Siveillance Video V2024 R1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552330.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552330.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-552330.json.asc" } ], "published": "2025-05-14T00:00:00Z", "updated": "2025-05-14T00:00:00Z", "summary": { "content": "The installer of Siveillance Video V2024 R1 resets the system configuration password when updating from older versions of Siveillance Video. This could inadvertently remove the password protection from system configuration files, also affecting backup data sets that were created after the update to V2024 R1.\r\n\r\nSiemens recommends to change the system configuration password settings for systems that were updated from any older version to V2024 R1." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-552330.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-556937", "title": "Multiple Vulnerabilities in VersiCharge AC Series EV Chargers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-556937.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-556937.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-556937.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-14T00:00:00Z", "summary": { "content": "VersiCharge AC Series EV Chargers contain two vulnerabilities that could allow an attacker to gain control of the chargers through default Modbus port or execute arbitrary code by manipulating the M0 firmware. \r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-556937.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-047424", "title": "Code Execution and SQL Injection Vulnerabilities in OZW Web Servers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-047424.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-047424.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-047424.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "OZW672 and OZW772 Web Server versions contain vulnerabilities that could allow an attacker to execute arbitrary code on the device with root privileges (in versions before V8.0) or to authenticate as Administrator user (in versions before V6.0).\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-047424.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-103653", "title": "Denial-of-Service Vulnerability in Automation License Manager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-103653.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-103653.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-103653.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port\r\n4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-103653.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-162255", "title": "Multiple Vulnerabilities in Polarion Before V2410", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162255.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162255.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162255.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "Polarion before V2410 contains multiple vulnerabilities that could allow attackers to extract data, conduct cross-site scripting attacks or find out valid usernames.\r\n\r\nSiemens strongly recommends to update Polarion to V2410 or later versions, not only to fix the documented vulnerabilities, but also to benefit from all the other improvements and fixes. For Polarion V2404 patch releases can be applied." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-162255.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-222768", "title": "Multiple Vulnerabilities in SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222768.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222768.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222768.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems only provide weak password obfuscation. An attacker with access to the PROFINET or serial interface of the device could eavesdrop or read the stored password from the device and de-obfuscate it.\r\nThe safety passwords work as protection against unauthorized operation (i.e., protection against inadvertent operating errors) but not as protection against malicious access attempts.\r\n\r\n\r\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-222768.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-339086", "title": "Insufficient Session Expiration Vulnerability in SIMATIC PCS neo", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-339086.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-339086.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-339086.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-339086.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-455250", "title": "Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-455250.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-455250.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-455250.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens has released a new version of Palo Alto Networks Virtual NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\r\n\r\n[1] https://security.paloaltonetworks.com/" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-455250.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-523418", "title": "Information Disclosure Vulnerability in Desigo CC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-523418.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-523418.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-523418.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "Desigo CC deployments that use Installed Client are impacted by an information disclosure vulnerability which could result in information leak from the Desigo CC server. The other Desigo CC client options, Windows App Client and Flex Client, are not affected by this vulnerability.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-523418.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-542540", "title": "Out of Bounds Read Vulnerability in Teamcenter Visualization", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-542540.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-542540.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-542540.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization contains a out-of-bound read vulnerability that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-542540.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-668154", "title": "Denial of Service Vulnerability in MS/TP Point Pickup Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-668154.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-668154.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-668154.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "MS/TP Point Pickup Module devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device's normal operation.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-668154.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-718393", "title": "Partial Denial of Service Vulnerability in APOGEE PXC and TALON TC Series (BACnet) Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-718393.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-718393.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-718393.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "APOGEE PXC and TALON TC Series (BACnet) Devices devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the targeted device, and potentially reduce the availability of BACnet network. A power cycle is required to restore the device's normal operation.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-718393.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-819629", "title": "Weak Authentication Vulnerability in Industrial Edge Device Kit", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-819629.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-819629.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-819629.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices (for Siemens Industrial Edge devices see Additional Information).\r\n\r\nIndustrial Edge Device Kit contains a weak authentication vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user.\r\n\r\nIndustrial Edge Device Builders integrate Industrial Edge Device Kit into their offerings within the open Industrial Edge ecosystem. See further details about affected Industrial Edge Devices in the Additional Information section.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-819629.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-828116", "title": "Denial of Service Vulnerability in BACnet ATEC Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-828116.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-828116.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-828116.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "BACnet ATEC devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device's normal operation.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-828116.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-901508", "title": "Multiple Vulnerabilities in INTRALOG WMS Before V5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-901508.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-901508.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-901508.json.asc" } ], "published": "2025-05-13T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "INTRALOG WMS before V5 is affected by multiple vulnerabilities in the Microsoft .NET implementation as described below.\r\n\r\nSiemens has released a new version for INTRALOG WMS and recommends to update to the latest version.\r\nPlease approach your INTRALOG WMS contact to resolve the reported vulnerabilities for your solution. When contacting your Siemens representative, kindly reference the Siemens Security Advisory ID (SSA-901508)." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-901508.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-935500", "title": "Denial of Service Vulnerability in FTP Server of Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-935500.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-935500.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-935500.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2025-05-13T00:00:00Z", "summary": { "content": "A denial of service vulnerability has been identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-313313: .\r\n\r\nThe products listed below use affected versions of the Nucleus software and inherently contain the vulnerability.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-935500.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-443402", "title": "Multiple SQL Injection Vulnerabilities in TeleControl Server Basic before V3.1.2.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-443402.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-443402.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-443402.json.asc" } ], "published": "2025-04-16T00:00:00Z", "updated": "2025-04-16T00:00:00Z", "summary": { "content": "TeleControl Server Basic before V3.1.2.2 contains multiple SQL Injection vulnerabilities that could allow an attacker to read and write to the application's DB, cause denial of service and execute code in an OS shell with limited \"NT AUTHORITY\\NetworkService\" permissions.\r\n\r\nSiemens has conducted a root-cause analysis for potential SQL injection vulnerabilities and has identified the locations in the code base where the underlying legacy design pattern has been used in. TeleControl Server Basic V3.1.2.2 has fixed all occurrences in the affected product.\r\n\r\nSiemens has released a new version for TeleControl Server Basic and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-443402.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-395348", "title": "Improper Handling of Length Parameter Inconsistency Vulnerability in TeleControl Server Basic before V3.1.2.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-395348.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-395348.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-395348.json.asc" } ], "published": "2025-04-16T00:00:00Z", "updated": "2025-04-16T00:00:00Z", "summary": { "content": "TeleControl Server Basic before V3.1.2.2 contains a Improper Handling of Length Parameter Inconsistency Vulnerability that could allow an attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a denial of service condition.\r\n\r\nSiemens has released a new version for TeleControl Server Basic and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-395348.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-187636", "title": "Multiple Vulnerabilities in SENTRON 7KT PAC1260 Data Manager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-187636.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-187636.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-187636.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "SENTRON 7KT PAC1260 Data Manager is affected by multiple vulnerabilities as listed below.\r\n\r\nSoftware fixes can no longer be provided for The SENTRON 7KT PAC1260 Data Manager. This advisory documents the known open vulnerabilities. To fix the vulnerabilities, Siemens recommends to replace the device by the new SENTRON 7KT PAC1261 Data Manager and update it to the latest available firmware version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-187636.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-195895", "title": "User Enumeration Vulnerability in the Webserver of SIMATIC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-195895.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-195895.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-195895.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "The webserver of several SIMATIC products is affected by a user enumeration vulnerability that could allow an unauthenticated remote attacker to identify valid usernames.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-195895.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-277137", "title": "Multiple Vulnerabilities in SIDIS Prime Before V4.0.700", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-277137.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-277137.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-277137.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "SIDIS Prime before V4.0.700 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, Boost C++ Libraries and several Microsoft components as described below.\r\n\r\nSiemens has released a new version of SIDIS Prime and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-277137.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-306654", "title": "Insyde BIOS Vulnerabilities in Siemens Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-306654.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-306654.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-306654.json.asc" } ], "published": "2022-02-22T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "Insyde has published information on vulnerabilities in Insyde BIOS in [February 2022](https://www.insyde.com/security-pledge). This advisory lists the Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-306654.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-369369", "title": "Weak Registry Permission Vulnerability in SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-369369.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-369369.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-369369.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor contain a weak registry permission vulnerability that could allow an authenticated attacker to perform privilege escalation or bypass security measures.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-369369.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-525431", "title": "Privilege Escalation Vulnerabilities in Siemens License Server Before V4.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-525431.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-525431.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-525431.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "Siemens License Server before V4.3 contains various vulnerabilities that could allow a low-privileged local user to escalate privileges or perform arbitrary code execution.\r\n\r\nSiemens has released a new version for Siemens License Server (SLS) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-525431.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-672923", "title": "Out of Bounds Write Vulnerability in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-672923.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-672923.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-672923.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "Solid Edge is affected by an out of bounds write vulnerability that could be triggered when the application is parsing X_T data or a specially crafted file in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-672923.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-686975", "title": "IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-686975.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-686975.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-686975.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "Intel has published information on vulnerabilities in Intel products in November 2022. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update (\"2022.3 IPU \u2013 BIOS Advisory\" [Intel-SA-00688](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html)).\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-686975.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-817234", "title": "Multiple Kubernetes Ingress NGINX Controller Vulnerabilities in Insights Hub Private Cloud", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-817234.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-817234.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-817234.json.asc" } ], "published": "2025-04-08T00:00:00Z", "updated": "2025-04-08T00:00:00Z", "summary": { "content": "Insights Hub Private Cloud is affected by multiple vulnerabilities in Ingress NGINX Controller for Kubernetes. These vulnerabilities could lead to arbitrary code execution in the context of the `ingress-nginx controller`, or disclosure of `Secrets` accessible to the controller, or denial of service condition.\r\n\r\nSiemens has released a new version for Insights Hub Private Cloud and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-817234.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-920092", "title": "Memory Corruption Vulnerability in Simcenter Femap", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-920092.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-920092.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-920092.json.asc" } ], "published": "2025-03-13T00:00:00Z", "updated": "2025-03-13T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap is affected by memory corruption vulnerability that could be triggered when the application reads files in .NEU format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-920092.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-050438", "title": "Multiple File Parsing Vulnerabilities in Teamcenter Visualization and Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-050438.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-050438.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-050438.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and Tecnomatrix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-050438.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-073066", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Server Before V3.2 SP3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-073066.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-073066.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-073066.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server before V3.2 SP3 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-073066.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-075201", "title": "Multiple Vulnerabilities in SCALANCE LPE9403 Before V4.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-075201.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-075201.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-075201.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "SCALANCE LPE9403 is affected by multiple vulnerabilities that could allow an attacker to impact its confidentiality, integrity and availability.\r\n\r\nSiemens has released a new version for SCALANCE LPE9403 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-075201.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-248289", "title": "Denial of Service Vulnerabilities in the IPv6 Stack of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-248289.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-248289.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-248289.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "The IPv6 stack of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains two vulnerabilities when processing IPv6 headers which could allow an attacker to cause a denial of service condition.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-248289.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-280834", "title": "Improper OpenVPN Credential Validation Vulnerability in SCALANCE M-800 and SC-600 Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280834.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280834.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280834.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "SCALANCE M-800 and SC-600 families are affected by improper input validation in the OpenVPN authentication. \r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-280834.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-434032", "title": "Input Validation Vulnerability in the DHCP Client of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434032.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434032.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434032.json.asc" } ], "published": "2019-11-12T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "The DHCP implementation of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability that could allow an attacker to change the IP address of an affected device to an invalid value.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-434032.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-507653", "title": "Improper Access Control Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-507653.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-507653.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-507653.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation do not properly limit the access of the simulation model to the filesystem. This could allow an unauthorized attacker to read or delete arbitrary files or the entire filesystem of the device.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-507653.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-515903", "title": "Multiple Vulnerabilities in SiPass integrated AC5102 / ACC-G2 and ACC-AP", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-515903.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-515903.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-515903.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "SiPass integrated ACC (Advanced Central Controller) devices contain multiple vulnerabilities that could allow attackers to execute commands on the devices with root privileges and access sensitive data.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-515903.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-615740", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Client Before V3.2 SP3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-615740.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-615740.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-615740.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Client before V3.2 SP3 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Client and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-615740.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-620288", "title": "Multiple Vulnerabilities (NUCLEUS:13) in Capital Embedded AR Classic", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620288.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620288.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620288.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "Multiple vulnerabilities (also known as \"NUCLEUS:13\") have be identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-044112: .\r\n\r\nCapital Embedded AR Classic uses an affected version of the Nucleus software and inherently contains several of these vulnerabilities.\r\n\r\nSiemens has released a new version for Capital Embedded AR Classic R20-11 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-620288.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-787280", "title": "Unlocked Bootloader Vulnerability in SINAMICS S200", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787280.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787280.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787280.json.asc" } ], "published": "2025-03-11T00:00:00Z", "updated": "2025-03-11T00:00:00Z", "summary": { "content": "A specific range of produced SINAMICS S200 devices contains an unlocked bootloader vulnerability that could allow an attacker to download untrusted firmware that could damage or compromise the device.\r\n\r\nFor delivered products listed below Siemens recommends countermeasures." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-787280.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-992434", "title": "Directory Traversal Vulnerability in Third-Party Component in SiPass integrated", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-992434.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-992434.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-992434.json.asc" } ], "published": "2025-02-17T00:00:00Z", "updated": "2025-02-17T00:00:00Z", "summary": { "content": "SiPass integrated is affected by a directory traversal vulnerability in the third-party component DotNetZip. The vulnerability could allow an attacker to execute arbitrary code on the application server, if a specially crafted backup set is used for a restore.\r\n\r\nSiemens has released a new version for SiPass integrated and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-992434.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-246355", "title": "Multiple Vulnerabilities in Tableau Server Component of Opcenter Intelligence", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-246355.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-246355.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-246355.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-14T00:00:00Z", "summary": { "content": "The Tableau Server component in Opcenter Intelligence contains multiple vulnerabilities as described below.\r\n\r\nSiemens has released a new version for Opcenter Intelligence and recommends to update to the latest version and to install the latest available version of Tableau Server as described in ." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-246355.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-111547", "title": "Cleartext Storage of Sensitive Information Vulnerability in SIPROTEC 5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-111547.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-111547.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-111547.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "Affected SIPROTEC 5 devices do not encrypt certain data within the on-board flash storage on their PCB. This could allow an attacker with physical access to read the sensitive information from the filesystem of the device.\r\n\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-111547.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-196737", "title": "Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-224824", "title": "Denial of Service Vulnerabilities in SIMATIC S7-1200 CPU Family Before V4.7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-224824.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-224824.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-224824.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "SIMATIC S7-1200 CPU family before V4.7 is affected by two denial of service vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-224824.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-342348", "title": "Insufficient Session Expiration Vulnerability in Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-342348.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-342348.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-342348.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-342348.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-349422", "title": "Denial of Service Vulnerability in Industrial Real-Time (IRT) Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-349422.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-349422.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-349422.json.asc" } ], "published": "2019-10-08T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "A vulnerability in the affected products could allow an unauthorized attacker with network access to perform a denial-of-service attack resulting in loss of real-time synchronization.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-349422.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-615116", "title": "Multiple Vulnerabilities in Apogee PXC and Talon TC Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-615116.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-615116.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-615116.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "Apogee PXC and Talon TC contain a vulnerability that could allow an attacker to perform a denial of service using a out-of-bounds read forcing the device to enter a cold state and a vulnerability that would allow an attacker to decrypt the passwords of the device.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-615116.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-637914", "title": "Local Code Execution Vulnerability in Questa and ModelSim Before V2025.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-637914.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-637914.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-637914.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "Questa and ModelSim (incl. OEM Editions) are affected by a vulnerability that could allow a local attacker to inject arbitrary code and escalate privileges.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-637914.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-647005", "title": "Memory Corruption Vulnerability in OpenV2G", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647005.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647005.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647005.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "The open source software OpenV2G contains a buffer overflow vulnerability that could allow an attacker to trigger a memory corruption. \n\nSiemens has released an update for the OpenV2G and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-647005.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-697140", "title": "Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-697140.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-697140.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-697140.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "The products listed below contain a denial of service vulnerability in the TCP event interface that could allow an unauthenticated remote attacker to render the device unusable.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-697140.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-769027", "title": "Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-769027.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-769027.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-769027.json.asc" } ], "published": "2025-02-11T00:00:00Z", "updated": "2025-02-11T00:00:00Z", "summary": { "content": "SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-769027.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-404759", "title": "Information Disclosure Vulnerability in Siveillance Video Camera Drivers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-404759.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-404759.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-404759.json.asc" } ], "published": "2025-01-14T00:00:00Z", "updated": "2025-01-15T00:00:00Z", "summary": { "content": "Several camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions.\r\n\r\nSiemens has released an update of the Device Pack and recommends to apply this update to all deployments of Siveillance Video. In general, Siemens recommends installing the latest Device Pack which contains the most up-to-date device drivers." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-404759.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-314390", "title": "LDAP Injection Vulnerability in Mendix LDAP Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-314390.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-314390.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-314390.json.asc" } ], "published": "2025-01-14T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "The Mendix LDAP module is affected by an LDAP injection vulnerability that could allow an unauthenticated remote attacker to bypass username verification.\r\n\r\nSiemens has released a new version for Mendix LDAP and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-314390.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-413565", "title": "Multiple Vulnerabilities in SCALANCE Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-413565.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-413565.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-413565.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "Multiple SCALANCE devices are affected by several vulnerabilities that could allow an attacker to inject code, retrieve data as debug information as well as user CLI passwords or set the CLI to an irresponsive state.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-413565.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-416411", "title": "Cross-Site Scripting Vulnerability in Industrial Edge Management", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-416411.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-416411.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-416411.json.asc" } ], "published": "2025-01-14T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "Industrial Edge Management is affected by a reflected cross-site scripting (XSS) vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-416411.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-446448", "title": "Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446448.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446448.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-446448.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-446448.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-482757", "title": "Missing Immutable Root of Trust in S7-1500 CPU devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-482757.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-482757.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-482757.json.asc" } ], "published": "2023-01-10T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.\r\n\r\nAs exploiting this vulnerability requires physical tampering with the product, Siemens recommends to assess the risk of physical access to the device in the target deployment and to implement measures to make sure that only trusted personnel have access to the physical hardware.\r\n\r\nThe vulnerability is related to the hardware of the product. Siemens has released new hardware versions for several CPU types of the S7-1500 product family in which this vulnerability is fixed and is working on new hardware versions for remaining PLC types to address this vulnerability completely. See the chapter \"Additional Information\" below for more details.\r\n\r\nFor more information please also refer to the related product support article: ." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-482757.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-629254", "title": "Remote Code Execution Vulnerability in SIMATIC SCADA and PCS 7 systems", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629254.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629254.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629254.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "The products listed below contain a remote code execution vulnerability that could allow an authenticated remote attacker to execute arbitrary code with high privileges.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-629254.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-690517", "title": "Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11ax Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-690517.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-690517.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-690517.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SCALANCE W-700 IEEE 802.11ax family and recommends to update to the latest version. Siemens recommends countermeasures for vulnerabilities where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-690517.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-717113", "title": "Cross-Site Request Forgery (CSRF) Vulnerability in SIMATIC S7-1200 CPUs before V4.7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-717113.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-717113.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-717113.json.asc" } ], "published": "2025-01-14T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "The web interface of SIMATIC S7-1200 CPUs before V4.7 is affected by a cross-site request forgery (CSRF) vulnerability.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-717113.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-730482", "title": "Denial of Service Vulnerability in SIMATIC WinCC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-730482.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-730482.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-730482.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "A vulnerability in the login dialog box of SIMATIC WinCC could allow a local attacker to cause a denial of service condition in the runtime of the SCADA system.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-730482.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-773256", "title": "Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-773256.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-773256.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-773256.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "A Socket.IO vulnerability affects multiple Siemens industrial products. This vulnerability consists of a specially crafted Socket.IO packet that triggers an uncaught exception on the Socket.IO server killing the Node.js process allowing a remote attacker to cause Denial-of-Service condition in the affected products.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-773256.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-871035", "title": "Session-Memory Deserialization Vulnerability in Siemens Engineering Platforms Before V19", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871035.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871035.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871035.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "Affected products do not properly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-871035.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-999588", "title": "Multiple Vulnerabilities in User Management Component (UMC) Before V2.11.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-999588.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-999588.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-999588.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2025-01-14T00:00:00Z", "summary": { "content": "Siemens User Management Component (UMC) before V2.11.2 is affected by multiple vulnerabilities where the most severe could lead to a restart of the UMC server.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-999588.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-979056", "title": "Out of Bounds Write Vulnerability in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-979056.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-979056.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-979056.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2024-12-12T00:00:00Z", "summary": { "content": "Parasolid is affected by an out of bounds write vulnerability that could be triggered when the application is parsing X_T data or a specially crafted file in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-979056.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-042050", "title": "Know-How Protection Mechanism Failure in TIA Portal", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-042050.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-042050.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-042050.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "The know-how protection feature in Totally Integrated Automation Portal (TIA Portal) does not properly update the encryption of existing program blocks when a project file is updated. This could allow attackers with access to the project file to recover previous - yet unprotected - versions of the project without the knowledge of the know-how protection password.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-042050.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-128393", "title": "Firmware Decryption Vulnerability in SICAM A8000 CP-8031 and CP-8050", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-128393.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-128393.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-128393.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "The SICAM A8000 CP-8031 and CP-8050 devices are affected by a vulnerability that could allow an attacker with physical access to the device to decrypt the firmware.\r\n\r\nSiemens has released new firmware and hardware versions for the affected products and recommends to update to the latest versions.\r\nBoth the firmware and the hardware update are required to fix the vulnerability. For details see the section \"Additional Information\"." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-128393.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-264814", "title": "Timing Based Side Channel Vulnerability in the OpenSSL RSA Decryption in SIMATIC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-264814.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-264814.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-264814.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Several SIMATIC products are affected by a timing based side channel vulnerability in the OpenSSL RSA Decryption (CVE-2023-4304), as disclosed on 2023-02-07 at .\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-264814.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-264815", "title": "Type Confusion Vulnerability in OpenSSL X.400 Address Processing in SIMATIC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-264815.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-264815.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-264815.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Several SIMATIC products are affected by a type confusion vulnerability relating to OpenSSL X.400 address processing (CVE-2023-0286), as disclosed disclosed on 2023-02-07 at .\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-264815.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-384652", "title": "Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-384652.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-384652.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-384652.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "The CLI feature in the web interface of RUGGEDCOM ROX II devices is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to perform administrative actions if an authenticated user is tricked into accessing a malicious link.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-384652.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-583523", "title": "Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-583523.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-583523.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-583523.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-583523.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-645131", "title": "Multiple WRL File Parsing Vulnerabilities in Teamcenter Visualization", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-645131.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-645131.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-645131.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-645131.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-701627", "title": "XXE Injection Vulnerabilities in COMOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-701627.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-701627.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-701627.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "COMOS is affected by XXE injection vulnerabilities that could allow an attacker to extract arbitrary application files.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-701627.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-730188", "title": "Multiple File Parsing Vulnerabilities in Solid Edge V2024", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-730188.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-730188.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-730188.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Siemens Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious PAR or ASM files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for Solid Edge SE2024 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-730188.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-822518", "title": "Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\r\n\r\n[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-881356", "title": "Multiple Memory Corruption Vulnerabilities in Simcenter Femap", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-881356.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-881356.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-881356.json.asc" } ], "published": "2024-12-10T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Simcenter Femap contains multiple memory corruption vulnerabilities that could be triggered when the application reads files in BDF file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for Simcenter Femap V2406 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-881356.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-962515", "title": "Out of Bounds Read Vulnerability in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-962515.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-962515.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-962515.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Several industrial products contain an out of bounds read vulnerability that could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel, leading to denial of service condition. \r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-962515.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-981975", "title": "Information Disclosure Vulnerability in Intel-CPUs (CVE-2022-40982) Impacting SIMATIC IPCs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-981975.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-981975.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-981975.json.asc" } ], "published": "2023-09-12T00:00:00Z", "updated": "2024-12-10T00:00:00Z", "summary": { "content": "Several Intel-CPU based SIMATIC IPCs are affected by an information exposure vulnerability (CVE-2022-40982) in the CPU that could allow an authenticated local user to potentially read other users' data [1].\r\n\r\nThe issue is also known as \"Gather Data Sampling\" (GDS) or Downfall Attacks. For details refer to the chapter \"Additional Information\".\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.\r\n\r\n[1] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-981975.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-824503", "title": "Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation Before V2302.0018 and V2404.0007", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824503.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824503.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824503.json.asc" } ], "published": "2024-11-18T00:00:00Z", "updated": "2024-11-18T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-824503.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-472448", "title": "Security Bypass Vulnerability in the SQL Client-Server Communication in Siveillance Video", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472448.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472448.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472448.json.asc" } ], "published": "2024-11-13T00:00:00Z", "updated": "2024-11-13T00:00:00Z", "summary": { "content": "Siveillance Video is affected by a security bypass vulnerability in the Microsoft .NET implementation of SQL Client as described in CVE-2024-0056.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-472448.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-000297", "title": "Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.6", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-000297.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-000297.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-000297.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition.\r\n\r\nSiemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller (SAC) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-000297.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-064257", "title": "Privilege Escalation Vulnerability in SIPORT Before V3.4.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-064257.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-064257.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-064257.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "SIPORT before V3.4.0 contains a privilege escalation vulnerability which could allow a local attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges.\r\n\r\nSiemens has released a new version for SIPORT and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-064257.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-230445", "title": "Stored XSS Vulnerability in OZW Web Servers Before V5.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-230445.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-230445.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-230445.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "OZW672 and OZW772 Web Server versions before V5.2 contain a stored cross-site scripting (XSS) vulnerability that could allow an authenticated remote attacker to inject arbitrary JavaScript code that is later executed by another authenticated victim user with potential higher privileges than the attacker.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-230445.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-331112", "title": "Multiple Vulnerabilities in SINEC NMS Before V3.0 SP1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-331112.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-331112.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-331112.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "SINEC NMS before V3.0 SP1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-331112.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-351178", "title": "Multiple Vulnerabilities in Solid Edge Before SE2024 Update 9", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-351178.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-351178.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-351178.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as PAR or PSM format, and by a DLL hijacking vulnerability. This could allow an attacker to crash the application or execute arbitrary code.\r\n\r\nSiemens has released a new version for Solid Edge SE2024 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-351178.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-354112", "title": "Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-354112.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-354112.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-354112.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-354112.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-454789", "title": "Deserialization Vulnerability in TeleControl Server Basic V3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-454789.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-454789.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-454789.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "TeleControl Server Basic V3.1 contains a deserialization vulnerability that could allow an unauthenticated attacker to execute arbitrary code on the device.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-454789.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-616032", "title": "Local Privilege Escalation Vulnerability in Spectrum Power 7 Before V24Q3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-616032.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-616032.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-616032.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "Spectrum Power 7 before V24Q3 contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.\r\n\r\nSiemens has released a new version for Spectrum Power 7 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-616032.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-654798", "title": "Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-654798.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-654798.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-654798.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "SIMATIC CP 1543-1 devices contain an Incorrect Authorization vulnerability that could allow an unauthenticated attacker to gain access to the filesystem.\r\n\r\nSiemens has released a new version for SIMATIC CP 1543-1 V4.0 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-654798.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-883918", "title": "Information Disclosure Vulnerability in SIMATIC WinCC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-883918.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-883918.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-883918.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "Multiple versions of SIMATIC WinCC and SIMATIC PCS 7 do not properly handle certain requests to their web application (WinCC WebNavigator, PCS 7 Web Server, and PCS 7 Web Diagnostics Server), which may lead to the leak of privileged information. This could allow an unauthenticated remote attacker to retrieve information such as users and passwords.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-883918.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-915275", "title": "Multiple Vulnerabilities in SINEC INS Before V1.0 SP2 Update 3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-915275.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-915275.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-915275.json.asc" } ], "published": "2024-11-12T00:00:00Z", "updated": "2024-11-12T00:00:00Z", "summary": { "content": "SINEC INS before V1.0 SP2 Update 3 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEC INS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-915275.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-333468", "title": "Multiple Vulnerabilities in InterMesh Subscriber Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-333468.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-333468.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-333468.json.asc" } ], "published": "2024-10-23T00:00:00Z", "updated": "2024-10-23T00:00:00Z", "summary": { "content": "InterMesh Subscriber devices contain multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code with root privileges.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-333468.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-438590", "title": "Buffer Overflow Vulnerability in Siveillance Video Camera Drivers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-438590.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-438590.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-438590.json.asc" } ], "published": "2024-10-10T00:00:00Z", "updated": "2024-10-10T00:00:00Z", "summary": { "content": "Several camera device drivers in the Siveillance Video Device Pack contain a buffer overflow vulnerability that could be exploited under strict conditions. This could allow an attacker to execute code with the permissions of the Recording Server user.\r\n\r\nSiemens has released an update of the Device Pack recommends to apply this update to all deployments of Siveillance Video. In general, Siemens recommends installing the latest Device Pack which contains the most up-to-date device drivers." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-438590.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-148641", "title": "XPath Constraint Vulnerability in Mendix Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-148641.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-148641.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-148641.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "A XPath Constraint vulnerability in the Mendix Runtime was discovered, that can affect the running applications. The vulnerability could allow a malicious user to deduce contents of inaccessible attributes and modify sensitive data. \r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-148641.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-254396", "title": "Vulnerability in Nozomi Guardian/CMC Before 24.3.1 on RUGGEDCOM APE1808 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-254396.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-254396.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-254396.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "Nozomi Networks has published information on vulnerabilities in [Nozomi Guardian/CMC before 24.2.0](https://security.nozominetworks.com/). This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-254396.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-321292", "title": "Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-321292.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-321292.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-321292.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "A vulnerability has been identified in the OPC Foundation Local Discovery Server (LDS) [0] of several industrial products. The vulnerability could cause a denial of service condition on the service or the device.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.\r\n\r\n[0] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-321292.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-368868", "title": "Multiple Vulnerabilities in WibuKey for Windows", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-368868.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-368868.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-368868.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "Several Siemens products (optionally) offer the use of WibuKey Dongles [1] for licensing.\r\nAccording to a recent publication by WIBU Systems (WIBU-94453 at [2]), the Windows device driver for these Dongles contains vulnerabilities as listed below.\r\n\r\n* [1] \r\n* [2] \r\n\r\nWIBU Systems has released a new version for WibuKey for Windows. Siemens recommends to update this device driver on affected Windows client installations, where WibuKey Dongles are used. See also the chapter \"Additional Information\" for more details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-368868.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-540493", "title": "Kiosk Mode Escape Vulnerability in HiMed Cockpit Devices Before V11.6.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-540493.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-540493.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-540493.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "HiMed Cockpit devices before V11.6.2 contain a Kiosk Mode Escape vulnerability that could allow an attacker to escape the restricted environment and gain access to the underlying operating system.\r\n\r\nSiemens has released a new version for the HiMed Cockpit devices and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-540493.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-626178", "title": "Stack-Based Buffer Overflow Vulnerability in JT2Go Before V2406.0003", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626178.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626178.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626178.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "Siemens JT2Go is affected by a stack-based buffer overflow vulnerability that could be triggered when the application reads files in PDF format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for JT2Go and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-626178.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-783481", "title": "Denial-of-Service Vulnerability in LOGO! 8 BM", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-783481.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-783481.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-783481.json.asc" } ], "published": "2021-03-09T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "A Denial-of-Service vulnerability has been identified in LOGO! 8 BM. This vulnerability could allow an attacker to crash a device, if a user is tricked into loading a malicious project file onto an affected device.\r\n\r\nThe vulnerability is related to the hardware of the product. Siemens has released new hardware versions with the LOGO! V8.4 BM and the SIPLUS LOGO! V8.4 BM product families for all affected devices in which this vulnerability is fixed. See the chapter \"Additional Information\" below for more details.\r\n\r\nFor more information please also refer to the related product support article: ." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-783481.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-844582", "title": "Electromagnetic Fault Injection in LOGO! V8.3 BM Devices Results in Broken LOGO! V8.3 Product CA", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-844582.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-844582.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-844582.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "LOGO! V8.3 BM (incl. SIPLUS variants) devices contain a vulnerability that could allow an electromagnetic fault injection. This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the LOGO! V8.3 Product CA.\r\n\r\nThe vulnerability is related to the specific hardware architecture of the LOGO! V8.3 BM. Siemens has released new hardware versions with the LOGO! V8.4 BM and the SIPLUS LOGO! V8.4 BM product families for all affected devices in which the vulnerability is fixed and the Product CA private key is rotated. See the chapter \"Additional Information\" below for more details.\r\n\r\nFor more information please also refer to the related product support article: ." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-844582.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-850560", "title": "Use of 4-Digit PIN in SENTRON PAC3200 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-850560.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-850560.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-850560.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "SENTRON PAC3200 only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by monitoring the Modbus cleartext communication.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-850560.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-852501", "title": "Multiple Memory Corruption Vulnerabilities in Simcenter Nastran Before 2406.5000", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-852501.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-852501.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-852501.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "Simcenter Nastran contains multiple memory corruption vulnerabilities that could be triggered when the application reads files in BDF file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for Simcenter Nastran 2406 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-852501.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-921449", "title": "Plaintext Storage of a Password Vulnerability in LOGO! V8.3 BM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-921449.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-921449.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-921449.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "LOGO! V8.3 BM (incl. SIPLUS variants) devices contain a plaintext storage of a password vulnerability. This could allow an attacker with phyiscal access to an affected device to extract user-set passwords from an embedded storage IC.\r\n\r\nSiemens has released new hardware versions with the LOGO! V8.4 BM and the SIPLUS LOGO! V8.4 BM product families for all affected devices in which the vulnerability is fixed. See the chapter \"Additional Information\" below for more details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-921449.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-955858", "title": "Multiple Vulnerabilities in LOGO! 8 BM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-955858.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-955858.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-955858.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "LOGO! 8 BM (incl. SIPLUS variants) contains multiple web-related vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state or retrieve parts of the memory. \r\n\r\nThe vulnerabilities are related to the hardware of the product. Siemens has released new hardware versions with the LOGO! V8.4 BM and the SIPLUS LOGO! V8.4 BM product families for all affected devices in which several of those vulnerabilities are fixed. See the chapter \"Additional Information\" below for more details.\r\n\r\nFor more information please also refer to the related product support article: ." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-955858.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-959281", "title": "XML File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-959281.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-959281.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-959281.json.asc" } ], "published": "2024-10-08T00:00:00Z", "updated": "2024-10-08T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by stack buffer overflow and null pointer dereference vulnerabilities that could be triggered while parsing XML file. If a user is tricked to open a malicious XML file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-959281.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-088132", "title": "Denial of Service Vulnerability in the OPC UA Server Implementations of Several Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-088132.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-088132.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-088132.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Unified Automation .NET based OPC UA Server SDK before 3.2.2 used in several industrial products are affected by a similar vulnerability as documented in CVE-2023-27321 for the OPC Foundation UA .NET Standard implementation. A successful attack may lead to high load situation and memory exhaustion, and may block the OPC UA server.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-088132.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-097786", "title": "Insertion of Sensitive Information into Log File Vulnerability in SINUMERIK systems", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-097786.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-097786.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-097786.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "SINUMERIK systems, that have been provisioned with Create MyConfig (CMC), are affected by a Insertion of Sensitive Information into Log File vulnerability. When using a CMC package on a NCU or on an IPC the password used in the CMC package or typed in manually during package execution is traced on the machine to the file ```uptrace.out```. This could allow a local authenticated user with low privileges to read that password and use it to impersonate a user with higher privileges.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-097786.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-280603", "title": "Denial of Service Vulnerability in SINUMERIK ONE and SINUMERIK MC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280603.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280603.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280603.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "A vulnerability has been identified in the integrated S7-1500 CPU of SINUMERIK ONE and SINUMERIK MC products that could allow an attacker to cause a denial of service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp.\r\n\r\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.\r\n\r\nNote: The affected integrated S7-1500 CPUs and related products are advised in [1].\r\n\r\n[1] [https://cert-portal.siemens.com/productcert/html/ssa-592380.html](https://cert-portal.siemens.com/productcert/html/ssa-592380.html)" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-280603.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-293562", "title": "Denial of Service Vulnerabilities in PROFINET DCP Implementation of Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-293562.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-293562.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-293562.json.asc" } ], "published": "2017-05-08T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Several industrial devices are affected by two vulnerabilities that could allow an attacker to cause a denial of service condition via PROFINET DCP network packets under certain circumstances. The precondition for this scenario is a direct layer 2 access to the affected products. PROFIBUS interfaces are not affected.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-293562.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-342438", "title": "Privilege Escalation Vulnerability in SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-342438.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-342438.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-342438.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "SINUMERIK ONE, SINUMERIK 840D sl and SINUMERIK 828D are affected by a privilege escalation vulnerability that could allow an authenticated local attacker to escalate their privileges in the underlying system.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-342438.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-359713", "title": "Authorization Bypass Vulnerability in Industrial Edge Management", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-359713.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-359713.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-359713.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Industrial Edge Management contains an Authorization Bypass vulnerability that could allow an unauthenticated remote attacker to impersonate other devices onboarded to the system.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-359713.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-417159", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Client Before V3.2 SP2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-417159.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-417159.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-417159.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Client before V3.2 SP2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Client and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-417159.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-423808", "title": "Multiple NULL Pointer Dereference Vulnerabilities in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-423808.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-423808.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-423808.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Multiple NULL pointer dereference vulnerabilities in the affected products could allow an attacker with network access to the webserver, to perform a denial of service attack.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-423808.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-427715", "title": "Stack-Based Buffer Overflow Vulnerability in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-427715.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-427715.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-427715.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation is affected by a stack-based buffer overflow vulnerability that could be triggered when the application reads files in SPP file format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. \r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-427715.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-566905", "title": "Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-566905.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-566905.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-566905.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Multiple vulnerabilities in the affected products could allow an unauthorized attacker with network access to the webserver of an affected products to perform a denial of service attack.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-566905.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-721642", "title": "Injection Vulnerability in SCALANCE W700 802.11 AX Family Before V2.4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-721642.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-721642.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-721642.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Siemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-721642.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-753746", "title": "Denial of Service Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-753746.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-753746.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-753746.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "Two null point dereference vulnerabilities affect multiple SIMATIC software products. These could allow an attacker to cause a persistent denial of service condition in the RPC Server of these products.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-753746.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-765405", "title": "Multiple Vulnerabilities in SIMATIC RFID Readers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-765405.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-765405.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-765405.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "SIMATIC RFID Readers contain multiple vulnerabilities that could allow an attacker to cause Denial-of-Service, exploit hidden functionality and information exposure.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-765405.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-792319", "title": "Missing Read Out Protection in SENTRON 7KM PAC3x20 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-792319.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-792319.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-792319.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "The read out protection of the internal flash of affected devices was not properly set at the end of the manufacturing process.\r\n\r\nAn attacker with physical access to the device could read out the data.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-792319.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-869574", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Server Before V3.2 SP2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-869574.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-869574.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-869574.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server before V3.2 SP2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Client and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-869574.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-969738", "title": "Denial of Service Vulnerability in SIMATIC S7-200 SMART Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-969738.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-969738.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-969738.json.asc" } ], "published": "2024-09-10T00:00:00Z", "updated": "2024-09-10T00:00:00Z", "summary": { "content": "A vulnerability in SIMATIC S7-200 SMART devices could allow an attacker to cause a denial of service condition if a specially crafted TCP packet is sent to the device.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-969738.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-068047", "title": "Multiple Vulnerabilities in SCALANCE M-800 Family Before V7.2.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-068047.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-068047.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-068047.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "SCALANCE M-800 family before V7.2.2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-068047.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-087301", "title": "Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-087301.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-087301.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-087301.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "SCALANCE M-800 family before V8.1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-087301.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-116924", "title": "Path Traversal Vulnerability in TIA Portal", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116924.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116924.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116924.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "TIA Portal contains a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-116924.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-180704", "title": "Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-180704.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-180704.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-180704.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "SCALANCE M-800 family before V8.0 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-180704.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-357412", "title": "PRT File Parsing Vulnerability in NX Before V2406.3000", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-357412.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-357412.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-357412.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "NX (incl. NX student versions) before V2406.3000 contains an out-of-bounds read vulnerability that could be triggered when the application reads PRT files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.\r\n\r\nSiemens has released a new version for NX and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-357412.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-407785", "title": "Multiple X_T File Parsing Vulnerabilities in Parasolid and Teamcenter Visualization", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-407785.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-407785.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-407785.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "Parasolid and Teamcenter Visualization are affected by memory corruption vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution or denial of service in the context of the current process.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-407785.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-417547", "title": "Multiple Vulnerabilities in INTRALOG WMS Before V4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-417547.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-417547.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-417547.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "INTRALOG WMS before V4 is affected by vulnerabilities in the SQL Client-Server communication and in the .NET framework. Successful exploitation could allow an unauthenticated attacker located in the INTRALOG WMS network to decrypt and modify client-server communication, or potentially execute arbitrary code on the application servers.\r\n\r\nSiemens has released a new version for INTRALOG WMS and recommends to update to the latest version.\r\nPlease contact your personal INTRALOG WMS contact person referencing the Siemens Security Advisory ID (SSA-417547) and the installed INTRALOG WMS Versions to initiate the dialog with Siemens to get the vulnerabilities fixed." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-417547.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-625850", "title": "Multiple WIBU Systems CodeMeter Vulnerabilities Affecting the Desigo CC Product Family and SENTRON powermanager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625850.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625850.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625850.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "Versions V5.0 through V7 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS), as well as the Desigo CC-based SENTRON powermanager, are affected by multiple vulnerabilities in the underlying third-party component WIBU Systems CodeMeter Runtime.\r\nSuccessful exploitation of these vulnerabilities could allow remote attackers to execute arbitrary code on the Desigo CC server, or create a denial of service condition.\r\nWhile all Desigo CC version lines V5.0, V5.1 and V6 are affected by all listed vulnerabilities, V7 is only affected by CVE-2023-3935.\r\n\r\nSiemens has released a patch to update the CodeMeter Runtime component and recommends to apply the patch on affected systems." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-625850.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-640968", "title": "Untrusted Search Path Vulnerability in TIA Project-Server formerly known as TIA Multiuser Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640968.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640968.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640968.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "TIA Project-Server formerly known as TIA Multiuser Server contains an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-640968.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-659443", "title": "Local Code Execution Vulnerabilities in COMOS Before V10.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-659443.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-659443.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-659443.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "COMOS before V10.5 is affected by two local code execution vulnerabilities in the integrated Open Design Alliance Drawings SDK.\r\n\r\nSiemens has released a new version for COMOS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-659443.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-716317", "title": "Multiple Vulnerability in SINEC Traffic Analyzer Before V2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-716317.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-716317.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-716317.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "SINEC Traffic Analyzer before V2.0 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-716317.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-720392", "title": "Multiple Vulnerabilities in Third-Party Components in Location Intelligence Before V4.4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-720392.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-720392.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-720392.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "Location Intelligence before V4.4 is affected by multiple vulnerabilities that could allow an attacker in an on-path position to read and modify data passed over the connection between legitimate clients and the affected product or brute force user passwords.\r\n\r\nSiemens has released a new version for Location Intelligence family and recommends to update to the latest version. The update is available from Siemens Online Software Delivery (OSD)." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-720392.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-722010", "title": "Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-722010.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-722010.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-722010.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by an out of bounds read vulnerability in the APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-722010.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-771940", "title": "X_T File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-771940.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-771940.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-771940.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "Teamcenter Visualization and JT2Go are affected by out of bounds read, stack exhaustion and null pointer dereference vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-771940.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-784301", "title": "Multiple Vulnerabilities in SINEC NMS Before V3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784301.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784301.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784301.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "SINEC NMS before V3.0 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-784301.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-813746", "title": "BadAlloc Vulnerabilities in SCALANCE X-200, X-200IRT, and X-300 Switch Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-813746.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-813746.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-813746.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "Siemens has released a new firmware version for SCALANCE X-200 and X-200 IRT switches that address Bad Alloc vulnerabilities in the underlying operating system and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-813746.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-856475", "title": "X_T File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-856475.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-856475.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-856475.json.asc" } ], "published": "2024-08-13T00:00:00Z", "updated": "2024-08-13T00:00:00Z", "summary": { "content": "Teamcenter Visualization and JT2Go are affected by out of bounds read and null pointer dereference vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-856475.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-857368", "title": "Multiple Vulnerabilities in Omnivise T3000", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-857368.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-857368.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-857368.json.asc" } ], "published": "2024-08-02T00:00:00Z", "updated": "2024-08-02T00:00:00Z", "summary": { "content": "Omnivise T3000 contains multiple vulnerabilities that could allow an attacker to escalate privileges.\r\n\r\nSiemens Energy has released patches for several affected products and recommends to apply the patches. Siemens Energy is preparing further fixes for versions still under maintenance and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-857368.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-071402", "title": "Multiple Vulnerabilities in SICAM Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-071402.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-071402.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-071402.json.asc" } ], "published": "2024-07-22T00:00:00Z", "updated": "2024-07-22T00:00:00Z", "summary": { "content": "Multiple SICAM products are affected by unauthorized password reset and firmware downgrade vulnerabilities that could lead to privilege escalation and potential leak of information, namely: \r\n\r\n- SICAM A8000 Device firmware \r\n - CPCI85 for CP-8031/CP-8050\r\n\r\n- SICAM EGS Device firmware \r\n - CPCI85\r\n\r\n- SICAM 8 Software Solution \r\n - SICORE \r\n\r\nSiemens has released new firmware versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-071402.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-064222", "title": "Multiple File Parsing Vulnerabilities in Simcenter Femap before V2406", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-064222.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-064222.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-064222.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Simcenter Femap contains multiple file parsing vulnerabilities that could be triggered when the application reads files in IGS, BDF or BMP file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for Simcenter Femap and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-064222.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-160243", "title": "Multiple Vulnerabilities in SINEC NMS before V2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-160243.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-160243.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-160243.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "SINEC NMS before V2.0 is affected by a code injection and a stored cross-site scripting vulnerability.\r\n\r\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-160243.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-313039", "title": "Deserialization Vulnerability in STEP 7 Safety before V19", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313039.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313039.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313039.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.\r\n\r\nSiemens has released a new version for SIMATIC STEP 7 Safety V18 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-313039.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-337522", "title": "Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-337522.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-337522.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-337522.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Siemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-337522.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-346262", "title": "Denial of Service Vulnerability in SNMP Interface of Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-346262.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-346262.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-346262.json.asc" } ], "published": "2017-11-23T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a denial of service attack by sending specially crafted packets to port 161/udp (SNMP).\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-346262.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-381581", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2 SP1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-381581.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-381581.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-381581.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server before V3.2 SP1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-381581.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-473245", "title": "Denial of Service Vulnerability in Profinet Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-473245.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-473245.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-473245.json.asc" } ], "published": "2019-10-08T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "A vulnerability in affected devices could allow an attacker to perform a denial of service attack if a large amount of specially crafted UDP packets are sent to the device.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-473245.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-484086", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-484086.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-484086.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-484086.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server is affected by multiple vulnerabilities, including\r\n\r\n* A cross-site scripting vulnerability in an error message pop up window (CVE-2022-29034)\r\n* Several authentication bypass, privilege escalation and integrity check vulnerabilities (CVE-2022-32251 through -32261)\r\n* A command injection vulnerability in the file upload service (CVE-2022-32262)\r\n* A chosen-plaintext attack against HTTP over TLS (\"BREACH\", CVE-2022-27221)\r\n* Information disclosure vulnerabilities in the curl component (CVE-2021-22924 through -22925)\r\n* Several vulnerabilities in the libexpat library, that could be exploited when the server is parsing untrusted XML files (CVE-2021-45960, CVE-2021-46143, CVE-2022-22822 through -22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235 through -25236, CVE-2022-25313 through -25315.\r\n\r\nSiemens has released an update for the SINEMA Remote Connect Server and recommends to update to the latest version. Note that the update also contains additional fixes for vulnerabilities documented in Siemens Security Advisories SSA-244969, SSA-539476, SSA-685781 and SSA-712929." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-484086.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-750274", "title": "Impact of CVE-2024-3400 on RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-750274.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-750274.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-750274.json.asc" } ], "published": "2024-04-19T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Palo Alto Networks has published [1] information on CVE-2024-3400 in PAN-OS. This advisory addresses Siemens Industrial products affected by this vulnerability.\r\n\r\nSiemens has released a new version of Palo Alto Networks Virtual NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\r\n\r\n[1] https://security.paloaltonetworks.com/CVE-2024-3400" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-750274.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-779936", "title": "Catalog-Profile Deserialization Vulnerability in Siemens Engineering Platforms before V19", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-779936.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-779936.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-779936.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-779936.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-780073", "title": "Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-780073.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-780073.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-780073.json.asc" } ], "published": "2020-02-11T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Products that include the Siemens PROFINET-IO (PNIO) stack in versions prior V06.00 are potentially affected by a denial of service vulnerability when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.\r\n\r\nAdditionally, Siemens recommends other vendors of PROFINET devices to check if their products have incorporated a vulnerable version of the Siemens PNIO stack as part of the Siemens Development/Evaluation Kits." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-780073.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-824889", "title": "XML File Parsing Vulnerabilities in JT Open and PLM XML SDK", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824889.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824889.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824889.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "JT Open Toolkit and PLM XML SDK are affected by stack buffer overflow and null pointer dereference vulnerabilities that could be triggered while parsing XML file. If a user is tricked to open a malicious XML file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-824889.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-825651", "title": "Deserialization Vulnerability in SIMATIC STEP 7 (TIA Portal) before V18 Update 2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-825651.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-825651.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-825651.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.\r\n\r\nSiemens has released a new version for SIMATIC STEP 7 (TIA Portal)\u00a0V18 and recommends to update to the latest version. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-825651.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-868282", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Client before V3.2 HF1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-868282.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-868282.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-868282.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server before V3.2 HF1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Client and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-868282.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-928781", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2 HF1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928781.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928781.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928781.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server before V3.2 HF1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SINEMA Remote Connect Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-928781.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-998949", "title": "Hard-coded Default Encryption Key in Mendix Encryption Module V10.0.0 and V10.0.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-998949.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-998949.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-998949.json.asc" } ], "published": "2024-07-09T00:00:00Z", "updated": "2024-07-09T00:00:00Z", "summary": { "content": "The Mendix Encryption module versions V10.0.0 and V10.0.1 define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an attacker to decrypt any encrypted project data, as the default encryption key can be considered compromised.\r\n\r\nSiemens has released a new version for Mendix Encryption and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-998949.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-024584", "title": "Authentication Bypass Vulnerability in PowerSys before V3.11", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-024584.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-024584.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-024584.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "PowerSys before V3.11 is affected by a vulnerability that could allow a local attacker to bypass authentication, thereby gaining administrative privileges for the managed remote devices.\r\n\r\nSiemens has released a new version for PowerSys and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-024584.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-035466", "title": "Incorrect Permission Assignment in SICAM PAS/PQS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-035466.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-035466.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-035466.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "SICAM PAS/PQS is affected by insecure permission assignments in application folders that could allow an authenticated local attacker to read and modify configuration data or to escalate privileges. \r\n\r\nSiemens has released a new version for SICAM PAS/PQS and recommends to update to the latest version.\r\nSiemens has also released a security patch that can be applied to previous versions to fix the permissions of the impacted folders. See also chapter `Additional Information`." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-035466.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-093430", "title": "Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-238730", "title": "Out-of-Bounds Write Vulnerabilities in SITOP UPS1600 before V2.5.4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-238730.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-238730.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-238730.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "Multiple out-of-bounds vulnerabilities in third-party components are affecting SITOP UPS1600 before V2.5.4. Attackers could exploit these vulnerabilities and cause limited impact in the affected systems.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-238730.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-319319", "title": "Denial of Service Vulnerability in TIA Administrator", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-319319.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-319319.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-319319.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "TIA Administrator creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.\r\n\r\nSiemens has released a new version for TIA Administrator and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-319319.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-341067", "title": "Multiple vulnerabilities in third-party components in ST7 ScadaConnect before V1.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-341067.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-341067.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-341067.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "Siemens has released a new version for ST7 ScadaConnect and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-341067.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-481506", "title": "Information Disclosure Vulnerability in SIMATIC S7-200 SMART Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-481506.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-481506.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-481506.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "SIMATIC S7-200 SMART devices contain an information disclosure vulnerability which leaves the system susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack and eventually could allow an attacker to create a denial of service condition.\r\n\r\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-481506.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-540640", "title": "Improper Privilege Management Vulnerability in Mendix Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-540640.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-540640.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-540640.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "Apps built with Mendix Runtime >= V9.3 could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a target role which contains the elevated access rights.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-540640.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-620338", "title": "Buffer Overflow Vulnerability in SICAM AK3 / BC / TM", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620338.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620338.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-620338.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "SICAM AK3/TM/BC devices are affected by a buffer overflow vulnerability that could allow an attacker to execute code in the context of the current process or lead to a denial of service condition.\r\n\r\n- SICAM AK3 device firmware\r\n\t - CPCX26 for CP-2016\r\n\t - PCCX26 for CP-2019\r\n- SICAM AK3, SICAM BC and SICAM TM device firmware\r\n\t - ETA4 and ETA5 for SM-2558\r\n\r\nSiemens has released new firmware versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-620338.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-625862", "title": "Multiple Vulnerabilities in Third-Party Components in SIMATIC CP 1542SP-1 and CP 1543SP-1 before V2.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625862.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625862.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-625862.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "SIMATIC CP 1542SP-1 and CP 1543SP-1 before V2.3 are affected by multiple vulnerabilities in third-party components and the integrated web server.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-625862.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-871704", "title": "Multiple Vulnerabilities in SICAM Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871704.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871704.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871704.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "Multiple SICAM products are affected by vulnerabilities that could lead to privilege escalation, remote code execution or information loss namely: \r\n\r\n- SICAM A8000 device firmwares \r\n - CPC80 for CP-8000/CP-8021/CP-8022 \r\n - CPCI85 and OPUPI0 for CP-8031/CP-8050\r\n\r\n- SICAM EGS firmware \r\n - CPCI85 and OPUPI0\r\n\r\n- SICAM 8 Software Solution \r\n - SICORE \r\n\r\nSiemens has released new versions for the affected firmwares and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-871704.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-879734", "title": "Multiple Vulnerabilities in SCALANCE XM-400/XR-500 before V6.6.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-879734.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-879734.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-879734.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "Siemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-879734.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-900277", "title": "MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0012 and V2024.0001", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-900277.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-900277.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-900277.json.asc" } ], "published": "2024-06-11T00:00:00Z", "updated": "2024-06-11T00:00:00Z", "summary": { "content": "Tecnomatix Plant Simulation contains a type confusion vulnerability that could be triggered when the application reads MODEL files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-900277.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-046364", "title": "X_T File Parsing Vulnerabilities in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-046364.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-046364.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-046364.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Parasolid is affected by out of bounds read and null pointer dereference vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the out of bounds read vulnerabilities to perform remote code execution in the context of the current process or denial of service condition in the application. \r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-046364.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-225840", "title": "Vulnerabilities in the Network Communication Stack in Sinteso EN and Cerberus PRO EN Fire Protection Systems", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225840.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225840.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-225840.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Several products used in Sinteso EN and Cerberus PRO EN Fire Protection Systems contain buffer overflow vulnerabilities in the network communication stack. Successful exploitation of the vulnerabilities could allow an unauthenticated attacker, who gained access to the fire protection system network, to execute arbitrary code on the affected products (CVE-2024-22039) or create a denial of service condition (CVE-2024-22040, CVE-2024-22041).\r\n\r\nProduct-specific impact of the individual vulnerabilities is documented in the chapter \"Vulnerability Description\".\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-225840.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-240541", "title": "WIBU Systems CodeMeter Heap Buffer Overflow Vulnerability in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-240541.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-240541.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-240541.json.asc" } ], "published": "2023-09-12T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "WIBU Systems published information about a heap buffer overflow vulnerability and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products for license management.\r\n\r\nThe vulnerability is described in the section 'Vulnerability Classification' below and got assigned the CVE ID CVE-2023-3935.\r\nSuccessful exploitation of this vulnerability could allow\r\n\r\n* an unauthenticated remote attacker to execute code on vulnerable products, where CodeMeter Runtime (i.e., CodeMeter.exe) is configured as a server, or\r\n* an authenticated local attacker to gain root/admin privileges on vulnerable products, where CodeMeter Runtime is configured as a client.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-240541.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-258494", "title": "Stack Overflow Vulnerability in Simcenter Nastran before 2406.90", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-258494.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-258494.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-258494.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Simcenter Nastran is affected by a stack overflow vulnerability that could be triggered when an application binary reads arbitrary string as a file argument. If a user is tricked to run one of the impacted application binary with a malicious string, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released a new version for Simcenter Nastran 2406 and recommends to update to the latest version. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-258494.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-273900", "title": "Multiple Vulnerabilities in SIMATIC CN 4100 before V3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-273900.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-273900.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-273900.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "SIMATIC CN 4100 is vulnerable to use of hard coded credentials including `root` user and contains an unrestricted USB port that could be misused for insecure boot.\r\n\r\nSiemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-273900.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-292022", "title": "Vulnerability in Nozomi Guardian/CMC before 23.4.1 on RUGGEDCOM APE1808 devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292022.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292022.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292022.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Nozomi Networks has published information on vulnerabilities in [Nozomi Guardian/CMC before 23.4.1](https://security.nozominetworks.com/). This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Nozomi Network's upstream security notifications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-292022.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-292063", "title": "Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.3 and 23.1.0 on RUGGEDCOM APE1808 devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292063.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292063.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292063.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Nozomi Networks has published information on vulnerabilities in [Nozomi Guardian/CMC before V22.6.3 and 23.1.0](https://security.nozominetworks.com/). This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Nozomi Network's upstream security notifications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-292063.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-382651", "title": "File Parsing Vulnerability in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382651.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382651.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382651.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Solid Edge is affected by an out of bounds read vulnerability that could be triggered when the application reads files that contains XT parts. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-382651.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-489698", "title": "X_T File Parsing Vulnerability in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-489698.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-489698.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-489698.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Parasolid is affected by an out of bounds write vulnerability that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-489698.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-589937", "title": "Multiple Memory Corruption Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589937.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589937.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589937.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application is parsing PAR files. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to execute arbitrary code in the context of the current process.\r\n\r\nSiemens has released a new version for Solid Edge and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-589937.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-592380", "title": "Denial of Service Vulnerability in SIMATIC S7-1500 CPUs and related products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-592380.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-592380.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-592380.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "A vulnerability has been identified in the SIMATIC S7-1500 CPU family and related products that could allow an attacker to cause a denial of service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-592380.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-647455", "title": "Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.2 on RUGGEDCOM APE1808 devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647455.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647455.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647455.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Nozomi Networks has published information on vulnerabilities in [Nozomi Guardian/CMC before V22.6.2](https://security.nozominetworks.com/). This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Nozomi Network's upstream security notifications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-647455.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-661579", "title": "Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661579.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661579.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661579.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Teamcenter Visualization and JT2Go are affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious CGM or XML files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-661579.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-665034", "title": "Vulnerability in Nozomi Guardian/CMC before 23.3.0 on RUGGEDCOM APE1808 devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-665034.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-665034.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-665034.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Nozomi Networks has published information on vulnerabilities in [Nozomi Guardian/CMC before 23.3.0](https://security.nozominetworks.com/). This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\r\n\r\nSiemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Nozomi Network's upstream security notifications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-665034.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-871717", "title": "Multiple Vulnerabilities in Polarion ALM", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871717.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871717.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-871717.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Polarion ALM is affected by incorrect default path permissions in installation path, and improper authentication in the REST API endpoints of DOORS connector. An attacker could exploit the vulnerabilities for unauthenticated access, or privilege escalation. \r\n\r\nSiemens has released a new version for Polarion ALM and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-871717.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-916916", "title": "Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-916916.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-916916.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-916916.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "The RUGGEDCOM CROSSBOW server application before V5.5 contains multiple vulnerabilities that could allow an attacker to execute arbitrary database queries via SQL injection attacks, or upload of arbitrary files to the application's file system. The majority of the reported vulnerabilities might have a high impact in the availability of the affected systems.\r\n\r\nSiemens has released a new version for RUGGEDCOM CROSSBOW and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-916916.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-923361", "title": "MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0011", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-923361.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-923361.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-923361.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Tecnomatix Plant Simulation contains an out of bounds write vulnerability that could be triggered when the application reads MODEL files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.\r\n\r\nSiemens has released a new version for Tecnomatix Plant Simulation V2302 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-923361.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-925850", "title": "Improper Access Control in Polarion ALM", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-925850.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-925850.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-925850.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "The Apache Lucene based query engine in Polarion ALM lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects.\r\n\r\nSiemens has released a new version for Polarion ALM and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-925850.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-953710", "title": "Vulnerabilities in the Network Communication Stack in Desigo Fire Safety UL and Cerberus PRO UL Fire Protection Systems", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-953710.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-953710.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-953710.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "Several products used in Desigo Fire Safety UL and Cerberus PRO UL Fire Protection Systems contain buffer overflow vulnerabilities in the network communication stack. Successful exploitation of the vulnerabilities could allow an unauthenticated attacker, who gained access to the fire protection system network, to execute arbitrary code on the affected products (CVE-2024-22039) or create a denial of service condition (CVE-2024-22040, CVE-2024-22041).\r\n\r\nProduct-specific impact of the individual vulnerabilities is documented in the chapter \u201cVulnerability\r\nDescription\u201d.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-953710.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-968170", "title": "Remote Code Execution Vulnerability in SIMATIC STEP 7 V5.x and Derived Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-968170.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-968170.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-968170.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "SIMATIC STEP 7 and PCS 7 contain a database management \r\nsystem that could allow remote users to use embedded functions of the database (local or in a network share) that have impact on the server.\r\n\r\nAn attacker with network access to the server network could leverage these embedded functions to run code in the database management system's server (where STEP 7 or PCS 7 are running).\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-968170.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-976324", "title": "Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component before V27.1.215", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-976324.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-976324.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-976324.json.asc" } ], "published": "2024-05-14T00:00:00Z", "updated": "2024-05-14T00:00:00Z", "summary": { "content": "PS/IGES Parasolid Translator Component contains multiple file parsing vulnerabilities that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for PS/IGES Parasolid Translator Component and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-976324.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-128433", "title": "Multiple Vulnerabilities in SINEC NMS before V2.0 SP2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-128433.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-128433.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-128433.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "SINEC NMS before V2.0 SP2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-128433.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-203374", "title": "Multiple OpenSSL Vulnerabilities in SCALANCE W1750D Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-203374.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-203374.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-203374.json.asc" } ], "published": "2023-03-14T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "The SCALANCE W1750D device contains multiple vulnerabilities in the integrated OpenSSL component that could allow an attacker to read memory contents, decrypt RSA-encrypted messages or create a denial of service condition.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-203374.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-222019", "title": "X_T File Parsing Vulnerabilities in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222019.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222019.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222019.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "Parasolid is affected by out of bounds read, stack exhaustion and null pointer dereference vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-222019.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-457702", "title": "Wi-Fi Encryption Bypass Vulnerabilities in SCALANCE W700 Product Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-457702.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-457702.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-457702.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "The SCALANCE W700 devices are affected by Wi-Fi encryption bypass vulnerabilities (\"Framing Frames\") that could allow an attacker to disclose sensitive information, to steal the victims session or to execute denial-of-service attacks.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-457702.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-556635", "title": "Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-556635.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-556635.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-556635.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "Siemens has released a new version for Telecontrol Server Basic that fixes multiple vulnerabilities." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-556635.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-716164", "title": "Multiple Vulnerabilities in Scalance W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-716164.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-716164.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-716164.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "The SCALANCE W1750D devices contain multiple vulnerabilities that could allow an attacker to inject commands or exploit buffer overflow vulnerabilities which could lead to sensitive information disclosure, unauthenticated denial of service or unauthenticated remote code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-716164.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-794697", "title": "Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.0.\r\n\r\nSiemens has released a new version for SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem and recommends to update to the latest version.\r\n \r\nThis advisory lists vulnerabilities for firmware version V1.0 only; for V1.1 refer to Siemens Security Advisory SSA-265688 ()." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-794697.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-831302", "title": "Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-831302.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-831302.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-831302.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0.\r\n\r\nSiemens has released a new version for SIMATIC S7-1500 TM MFP - BIOS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-831302.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-885980", "title": "Multiple Vulnerabilities in Scalance W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-885980.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-885980.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-885980.json.asc" } ], "published": "2024-04-09T00:00:00Z", "updated": "2024-04-09T00:00:00Z", "summary": { "content": "The SCALANCE W1750D devices contain multiple vulnerabilities that could allow an attacker to exploit buffer overflow and information disclosure vulnerabilities which could lead to information disclosure or unauthenticated remote code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-885980.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-000072", "title": "Multiple File Parsing Vulnerabilities in Simcenter Femap", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-000072.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-000072.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-000072.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "Simcenter Femap contains multiple file parsing vulnerabilities that could be triggered when the application reads files in Catia MODEL file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released a new version for Simcenter Femap and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-000072.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-145196", "title": "Authorization Bypass Vulnerability in Siveillance Control", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145196.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145196.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145196.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "Siveillance Control does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges.\r\n\r\nSiemens has released a new version for Siveillance Control and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-145196.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-576771", "title": "Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-576771.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-576771.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-576771.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server before V3.2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-576771.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-653855", "title": "Information Disclosure vulnerability in SINEMA Remote Connect Client before V3.1 SP1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-653855.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-653855.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-653855.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Client before V3.1 SP1 is affected by an information disclosure vulnerability.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-653855.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-693975", "title": "Denial-of-Service Vulnerability in the Web Server of Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693975.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693975.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693975.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "A vulnerability in the affected products could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial-of-service attack.\r\n\r\nSiemens has released a new version for SINAMICS S210 (6SL5...) and recommends to update to the latest version. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-693975.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-699386", "title": "Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-699386.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-699386.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-699386.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family before V4.5 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-699386.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-770721", "title": "Multiple Vulnerabilities in SIMATIC RF160B before V2.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770721.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770721.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770721.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "SIMATIC RF160B contain multiple vulnerabilities of different types that could allow an attacker to execute arbitrary code within the context of a privileged process.\r\n\r\nSiemens has released a new version for SIMATIC RF160B and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-770721.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-918992", "title": "Unused HTTP Service on SENTRON 3KC ATC6 Ethernet Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-918992.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-918992.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-918992.json.asc" } ], "published": "2024-03-12T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "SENTRON 3KC ATC6 Expansion Module Ethernet exposes an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet, which could allow an attacker on the same Modbus network to create a denial of service condition that forces the device to reboot.\r\n\r\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-918992.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-943925", "title": "Multiple Vulnerabilities in SINEC NMS before V2.0 SP1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-943925.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-943925.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-943925.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-03-12T00:00:00Z", "summary": { "content": "SINEC NMS before V2.0 SP1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-943925.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-017796", "title": "Multiple File Parsing Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-017796.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-017796.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-017796.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL, PSOBJ or SPP file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-017796.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-108696", "title": "Multiple Vulnerabilities in SIDIS Prime before V4.0.400", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-108696.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-108696.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-108696.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "SIDIS Prime before V4.0.400 is affected by multiple vulnerabilities in the components OPC UA and OpenSSL, that could allow an unauthenticated attacker with access to the network where SIDIS Prime is installed to reuse OPC UA client credentials, create a denial of service condition of the SIDIS Prime OPC UA client, or create a denial of service condition of the SIDIS Prime TLS service.\r\n\r\nSiemens has released a new version of SIDIS Prime and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-108696.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-309571", "title": "IPU 2021.1 Vulnerabilities in Siemens Industrial Products using Intel CPUs (June 2021)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-309571.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-309571.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-309571.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "Intel has published information on vulnerabilities in Intel products in [June 2021]().\r\nThis advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update.\r\n\r\nIn this advisory we summarize:\r\n\r\n- \"2021.1 IPU \u2013 Intel\u00ae CSME, SPS and LMS Advisory\" Intel-SA-00459,\r\n\r\n- \"2021.1 IPU \u2013 BIOS Advisory\" Intel-SA-00463,\r\n\r\n- \"2021.1 IPU \u2013 Intel\u00ae Processor Advisory\" Intel-SA-00464, and\r\n\r\n- \"2021.1 IPU - Intel Atom\u00ae Processor Advisory\" Intel-SA-00465.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-309571.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-516818", "title": "TCP Sequence Number Validation Vulnerability in the TCP/IP Stack of CP343-1 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-516818.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-516818.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-516818.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-516818.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-543502", "title": "Local Privilege Escalation Vulnerability in Unicam FX", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-543502.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-543502.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-543502.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "Unicam FX contains a local privilege escalation vulnerability that could allow an attcker to gain SYSTEM privileges. \r\n\r\nUnicam FX has reached end of software maintanence. Further information on recommendations for successor product can be found in section 'Additional Information'." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-543502.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-580228", "title": "Use of Hard-Coded Credentials Vulnerability in Location Intelligence before V4.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580228.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580228.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580228.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "Location Intelligence before V4.3 is affected by a Use of Hard-coded Credentials vulnerability that could allow an attacker to obtain full administrative access to the application.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-580228.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-602936", "title": "Multiple Vulnerabilities in SCALANCE SC-600 Family before V3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-602936.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-602936.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-602936.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "SCALANCE SC-600 Family before V3.1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-602936.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-647068", "title": "Ripple20 in SIMATIC RTLS Gateways", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647068.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647068.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-647068.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "SIMATIC RTLS Gateways are affected by vulnerabilities that were disclosed by JSOF research lab [\u201cRipple20\u201d](https://www.jsof-tech.com/ripple20/) for the TCP/IP stack.\r\n\r\nSiemens recommends countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-647068.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-797296", "title": "XT File Parsing Vulnerability in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-797296.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-797296.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-797296.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "Parasolid is affected by out of bounds read and null pointer dereference vulnerabilities that could be triggered when the application reads files in XT format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-797296.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-806742", "title": "Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json.asc" } ], "published": "2024-02-13T00:00:00Z", "updated": "2024-02-13T00:00:00Z", "summary": { "content": "SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released an update for SCALANCE X-300 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-480095", "title": "Vulnerabilities in the Web Interface of SICAM Q100 Devices before V2.60", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480095.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480095.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480095.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "The web server of SICAM Q100 devices, versions before V2.60, contains a Cross Site Request Forgery (CSRF) vulnerability and is missing cookie protection flags. This could allow an attacker to perform arbitrary actions on the device on behalf of a legitimate user, or impersonate that user.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-480095.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-570294", "title": "Multiple Vulnerabilities in SICAM Q100 Before V2.50", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-570294.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-570294.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-570294.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "SICAM Q100 devices contain multiple vulnerabilities that could allow an attacker to take over the session of a logged in user or to inject custom code.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-570294.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-583634", "title": "Command Injection Vulnerability in the CPCI85 Firmware of SICAM A8000 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-583634.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-583634.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-583634.json.asc" } ], "published": "2024-01-09T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by a command injection vulnerability that could allow an authenticated remote attacker to inject commands that are executed on the device with root privileges during device startup.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-583634.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-589891", "title": "Multiple PAR File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589891.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589891.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589891.json.asc" } ], "published": "2024-01-09T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "Siemens Solid Edge 2023 has released Update 10, that fixes multiple vulnerabilities that could be triggered when the application reads PAR files.\r\nIf a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.\r\n\r\nSiemens has released a new version for Solid Edge SE2023 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-589891.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-702935", "title": "Redfish Server Vulnerability in maxView Storage Manager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-702935.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-702935.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-702935.json.asc" } ], "published": "2024-01-09T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "MaxView Storage Manager shipped with affected SIMATIC IPCs contains a Redfish Server Vulnerability that could provide unauthorized access.\r\n\r\nMicrochip has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-702935.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-761617", "title": "Authentication Bypass and Information Disclosure Vulnerabilities in SiNVR/SiVMS Video Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-761617.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-761617.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-761617.json.asc" } ], "published": "2019-12-10T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "The Video Server application in SiNVR/SiVMS solutions contains two vulnerabilities\r\ninvolving authentication bypass (CVE-2019-18339) and information disclosure (CVE-2019-18340).\r\n\r\nPKE has released an update of the application that fixes CVE-2019-18339.\r\nThis update is not available under the former Siemens OEM brand name SiNVR. For details contact PKE ().\r\n\r\nSiemens recommends specific countermeasures to mitigate the vulnerabilities." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-761617.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-761844", "title": "Multiple Vulnerabilities in Control Center Server (CCS)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-761844.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-761844.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-761844.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "The advisory informs about multiple vulnerabilities in the Central Control Server (CCS) application, as initially\r\nreported in SSA-761617 () on 2019-12-10\r\nand SSA-844761 () on 2020-03-10.\r\n\r\nThe vulnerabilities involve authentication bypass (CVE-2019-18337, CVE-2019-18341),\r\npath traversal (CVE-2019-18338, CVE-2019-19290), information disclosure (CVE-2019-13947, CVE-2019-18340, CVE-2019-19291),\r\nprivilege escalation (CVE-2019-18342), SQL injection (CVE-2019-19292), cross-site scripting (CVE-2019-19293, CVE-2019-19294), and\r\ninsufficient logging (CVE-2019-19295).\r\n\r\nPKE has released an update for CCS that fixes the reported vulnerabilities, except for CVE-2019-18340. For details contact PKE ().\r\n\r\nSiemens recommends to update to the latest version and recommends specific countermeasures to mitigate the vulnerabilities." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-761844.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-772220", "title": "OpenSSL Vulnerabilities in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-772220.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-772220.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-772220.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows\r\nan unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent.\r\n\r\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available.\r\n\r\n[0] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-772220.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-777015", "title": "Multiple Vulnerabilities in SIMATIC CN 4100 before V2.7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-777015.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-777015.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-777015.json.asc" } ], "published": "2024-01-09T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "SIMATIC CN 4100 is vulnerable to authorization bypass through user-controlled key, use of default credentials and unauthenticated IP address change that could allow an attacker to remotely login as root or cause denial of service condition of the device. \r\n\r\nSiemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-777015.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-786191", "title": "Local Privilege Escalation Vulnerability in Spectrum Power 7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-786191.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-786191.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-786191.json.asc" } ], "published": "2024-01-09T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "Spectrum Power 7 is affected by a vulnerability that could allow an authenticated local attacker to inject arbitrary code and gain root access.\r\n\r\nSiemens has released an update for Spectrum Power 7 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-786191.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-794653", "title": "Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794653.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794653.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794653.json.asc" } ], "published": "2024-01-09T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious CGM files. If a user is tricked to open a malicious CGM file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released new versions for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-794653.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-844761", "title": "Multiple Vulnerabilities in SiNVR/SiVMS Video Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-844761.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-844761.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-844761.json.asc" } ], "published": "2020-03-10T00:00:00Z", "updated": "2024-01-09T00:00:00Z", "summary": { "content": "The Video Server application in SiNVR/SiVMS solutions contains five vulnerabilities\r\ninvolving information disclosure (CVE-2019-19291, CVE-2019-19299),\r\npath traversal (CVE-2019-19296, CVE-2019-19297), and denial-of-service (CVE-2019-19298).\r\n\r\nPKE has released updates of the application that fixes the reported vulnerabilities, except for CVE-2019-19299.\r\nThis update is not available under the former Siemens OEM brand name SiNVR.\r\nFor details contact PKE ()." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-844761.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-077170", "title": "Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-077170.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-077170.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-077170.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2023-12-12T00:00:00Z", "summary": { "content": "SINEC INS before V1.0 SP2 Update 2 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released an update for SINEC INS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-077170.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-118850", "title": "Denial of Service Vulnerability in the OPC UA Implementation in SINUMERIK ONE and SINUMERIK MC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-118850.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-118850.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-118850.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2023-12-12T00:00:00Z", "summary": { "content": "SINUMERIK ONE and SINUMERIK MC products are affected by a denial of service vulnerability in the OPC UA implementation of the integrated S7-1500 CPU. The vulnerability in the integrated S7-1500 CPU is documented in more detail in SSA-711309 [1].\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions.\r\n\r\n[1] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-118850.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-618620", "title": "Vulnerabilities in Boot Loader (U-Boot) of RUGGEDCOM ROS Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-618620.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-618620.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-618620.json.asc" } ], "published": "2019-12-10T00:00:00Z", "updated": "2023-12-12T00:00:00Z", "summary": { "content": "The boot loader within RUGGEDCOM ROS contains two vulnerabilities in the loading process of the operating system kernel. The more severe of these vulnerabilities could allow an attacker with local access to the device to execute arbitrary code on an affected device.\r\n\r\nSiemens recommends specific countermeasures to mitigate this issue." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-618620.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-887801", "title": "Information Disclosure Vulnerability in SIMATIC STEP 7 (TIA Portal)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887801.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887801.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887801.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2023-12-12T00:00:00Z", "summary": { "content": "Siemens has released a new version of STEP 7 (TIA Portal) that fixes an information disclosure vulnerability. \r\nA local attacker could gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-887801.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-892915", "title": "Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-892915.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-892915.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-892915.json.asc" } ], "published": "2023-12-12T00:00:00Z", "updated": "2023-12-12T00:00:00Z", "summary": { "content": "Multiple vulnerabilities in the affected products could allow an unauthorized attacker with network access to the webserver to perform a denial of service attack.\r\n\r\nSiemens has released a new version for SINAMICS S120 (incl. SIPLUS variants) and recommends to update to the latest version. Siemens recommends specific countermeasures for products where fixes are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-892915.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-983300", "title": "Vulnerabilities in LOGO! Soft Comfort", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-983300.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-983300.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-983300.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2023-12-12T00:00:00Z", "summary": { "content": "Two vulnerabilities have been identified in the LOGO! Soft Comfort software.\r\nThese could allow an attacker to take over a system with the affected software installed.\r\n\r\nSiemens has released an update for LOGO! Soft Comfort and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-983300.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-084182", "title": "Privilege Escalation Vulnerability in Mendix Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-084182.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-084182.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-084182.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "Mendix Runtime contains a capture-replay flaw which could have an impact to apps built with the platform, if certain preconditions are met that depend on the app's model and access control design. This could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-084182.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-099606", "title": "Multiple Vulnerabilities in SIMATIC MV500 before V3.3.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-099606.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-099606.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-099606.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "SIMATIC MV500 before V3.3.5 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released an update for SIMATIC MV500 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-099606.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-137900", "title": "Multiple Vulnerabilities in COMOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-137900.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-137900.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-137900.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. \r\n\r\nSiemens has released an update for COMOS and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-137900.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-150063", "title": "Multiple Vulnerabilities in SINEC PNI before V2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-150063.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-150063.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-150063.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "SINEC PNI before V2.0 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released an update for SINEC PNI and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-150063.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-197270", "title": "Information Disclosure Vulnerability in Siemens OPC UA Modeling Editor (SiOME)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-197270.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-197270.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-197270.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "Siemens OPC UA Modeling Editor (SiOME) is affected by an XML external entity (XXE) injection vulnerability that could allow an attacker to interfere with an application's processing of XML data and read arbitrary files in the system.\r\n\r\nSiemens has released a new version for Siemens OPC UA Modelling Editor (SiOME) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-197270.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-268517", "title": "Code Execution Vulnerability (libwebp CVE-2023-4863) in Mendix Studio Pro", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-268517.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-268517.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-268517.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "Mendix Studio Pro is vulnerable to an out of bounds write vulnerability in the integrated libwebp library (CVE-2023-4863), that could allow an attacker to execute code in the context of a victim user's system.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-268517.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-363107", "title": "An Improper Initialization Vulnerability Affects SIMATIC WinCC Kiosk Mode", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-363107.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-363107.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-363107.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "A vulnerability was found in SIMATIC WinCC that could allow authenticated attackers to escape the Kiosk Mode.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-363107.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-456933", "title": "Multiple Vulnerabilities in SIMATIC PCS neo before V4.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-456933.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-456933.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-456933.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "SIMATIC PCS neo before V4.1 is affected by multiple vulnerabilities.\r\n\r\nSiemens has released a new version for SIMATIC PCS neo and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-456933.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-478780", "title": "Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478780.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478780.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478780.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-478780.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-617233", "title": "Urgent/11 TCP/IP Stack Vulnerabilities in SIPROTEC 4 7SJ66 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-617233.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-617233.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-617233.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "SIPROTEC 4 7SJ66 devices are affected by multiple security vulnerabilities due to the underlying Wind River VxWorks network stack. This stack is affected by nine of the eleven vulnerabilities that are also known as \"URGENT/11\".\r\n\r\nThe vulnerabilities could allow an attacker to execute a variety of exploits for the purpose of denial of service (DoS), data extraction, remote code execution, etc. targeting availability, integrity and confidentiality of the devices and data.\r\n\r\nSiemens has released a new version for SIPROTEC 4 7SJ66 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-617233.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-887122", "title": "X_T File Parsing Vulnerabilities in Simcenter Femap", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887122.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887122.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887122.json.asc" } ], "published": "2023-11-14T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "Simcenter Femap is affected by out of bounds write vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-887122.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-975766", "title": "Open Design Alliance Drawings SDK Vulnerability in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975766.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975766.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975766.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-11-14T00:00:00Z", "summary": { "content": "Solid Edge is affected by a file parsing vulnerability in Drawings SDK from Open Design Alliance. If a user is tricked to open a malicious DWG file with the affected application, an attacker could leverage the vulnerability to crash the application or execute arbitrary code.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions.\r\n\r\nNote:\r\n\r\n - This advisory covers security vulnerabilities recently disclosed by Open Design Alliance [0]\r\n\r\n[0] [https://www.opendesign.com/security-advisories](https://www.opendesign.com/security-advisories)" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-975766.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-829656", "title": "Stack Overflow Vulnerability in Xpedition Layout Browser", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-829656.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-829656.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-829656.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "Siemens Xpedition Layout Browser consists of a stack overflow vulnerability that could be triggered when the application reads a malicious file in PCB format. If a user is tricked to open a malicious file with the affected product, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released an update for Xpedition Layout Browser and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-829656.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-134651", "title": "Hard Coded SSH ID in CPCI85 Firmware of SICAM A8000 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-134651.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-134651.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-134651.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 contains a hard-coded ID in the SSH `authorized_keys` configuration file. An attacker with knowledge of the corresponding credential could login to the device via SSH. Only devices with activated debug support are affected.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-134651.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-250085", "title": "Multiple Vulnerabilities in SINEC NMS and SINEMA Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-250085.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-250085.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-250085.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "SINEC NMS and SINEMA Server V14 contain multiple vulnerabilities that could allow an attacker to execute arbitrary code on the system, arbitrary commands on the local database or achieve privilege escalation. \r\n\r\nSiemens has released several updates for SINEC NMS and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-250085.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-285795", "title": "Denial of Service in OPC-UA in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-285795.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-285795.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-285795.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "A vulnerability in the underlying third party component OPC UA ANSIC Stack (also called Legacy C-Stack) affects several industrial products. The vulnerability could cause a crash of the component that includes the vulnerable part of the stack.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-285795.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-295483", "title": "User Enumeration Vulnerability in Mendix Forgot Password Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-295483.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-295483.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-295483.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "The Mendix Forgot Password module contains a user enumeration vulnerability that could allow an attacker to retrieve valid users.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-295483.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-386812", "title": "Remote Code Execution Vulnerability in Simcenter Amesim before V2021.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-386812.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-386812.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-386812.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "Simcenter Amesim contains a vulnerable SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process. \r\n\r\nSiemens has released an update for Simcenter Amesim and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-386812.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-516174", "title": "Wi-Fi Encryption Bypass Vulnerabilities in SCALANCE W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-516174.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-516174.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-516174.json.asc" } ], "published": "2023-05-09T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "The SCALANCE W1750D device is affected by Wi-Fi encryption bypass vulnerabilities (\"Framing Frames\") that could allow an attacker to disclose sensitive information or to steal the victims session.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-516174.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-524778", "title": "File Parsing Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-524778.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-524778.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-524778.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation contains multiple vulnerabilities that could be triggered when the application reads SPP and IGS files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-524778.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-594373", "title": "Cross-Site-Scripting (XSS) Vulnerability in SINEMA Server V14", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594373.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594373.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594373.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "SINEMA Server V14 improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could perform a stored cross-site scripting (XSS) attack that may lead to arbitrary code execution with `SYSTEM` privileges on the application server.\r\n\r\nSiemens recommends to migrate to its successor product SINEC NMS V2.0 or later. Siemens recommends to apply specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-594373.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-770890", "title": "Path Traversal Vulnerability in the Web Server of CPCI85 Firmware of SICAM A8000 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770890.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770890.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-770890.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "The web server in the CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by a path traversal vulnerability that could allow an authenticated remote attacker to traverse directories on the system, download arbitrary files and potentially escalate privileges to the administrator role.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-770890.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-784849", "title": "Direct Memory Access Vulnerabilities in SIMATIC CP Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784849.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784849.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784849.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "Several SIMATIC CP devices contain direct memory access vulnerabilities that could allow an attacker to execute code, access the PROFINET network without restrictions or perform denial of service attacks.\r\n\r\nSiemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-784849.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-843070", "title": "Multiple Vulnerabilities in SCALANCE W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-843070.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-843070.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-843070.json.asc" } ], "published": "2023-10-10T00:00:00Z", "updated": "2023-10-10T00:00:00Z", "summary": { "content": "The SCALANCE W1750D device contains multiple vulnerabilities that could allow an attacker to inject commands or exploit buffer overflow vulnerabilities which could lead to sensitive information disclosure, unauthenticated denial of service or unauthenticated remote code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-843070.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-357182", "title": "Local Privilege Escalation Vulnerability in Spectrum Power 7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-357182.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-357182.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-357182.json.asc" } ], "published": "2023-09-14T00:00:00Z", "updated": "2023-09-14T00:00:00Z", "summary": { "content": "Spectrum Power 7 is affected by a vulnerability that could allow an authenticated local attacker to inject arbitrary code to the update script and escalate privileges.\r\n\r\nSiemens has released an update for Spectrum Power 7 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-357182.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-646240", "title": "Sensitive Information Disclosure in SIMATIC PCS neo Administration Console", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-646240.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-646240.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-646240.json.asc" } ], "published": "2023-09-14T00:00:00Z", "updated": "2023-09-14T00:00:00Z", "summary": { "content": "The Administration Console of SIMATIC PCS neo leaks Windows admin credentials. An attacker with local Windows access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems.\r\n\r\nSiemens has released a security patch for the affected products and recommends to install the patch." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-646240.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-147266", "title": "Multiple Vulnerabilities in QMS Automotive before V12.39", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-147266.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-147266.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-147266.json.asc" } ], "published": "2023-09-12T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "QMS Automotive before V12.39 contains multiple vulnerabilities that could allow an attacker to perform malicious code injection, information disclosure or lead to a denial of service condition. \r\n\r\nSiemens has released an update for QMS Automotive and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-147266.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-190839", "title": "X_T File Parsing Vulnerabilities in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-190839.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-190839.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-190839.json.asc" } ], "published": "2023-09-12T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "Parasolid is affected by out of bounds write vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-190839.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-278349", "title": "Multiple WRL File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-278349.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-278349.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-278349.json.asc" } ], "published": "2023-09-12T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "Siemens JT2Go and Teamcenter Visualization are affected by file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-278349.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-382653", "title": "Multiple Denial of Service Vulnerabilities in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382653.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382653.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-382653.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "Affected SIMATIC firmware contains multiple vulnerabilities that could allow an unauthenticated attacker to perform a denial of service attack under certain conditions.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-382653.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-450613", "title": "Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-450613.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-450613.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-450613.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "Insyde has published information on vulnerabilities in Insyde BIOS on [November 8th 2022](https://www.insyde.com/security-pledge). These vulnerabilities also affect the RUGGEDCOM APE1808 product family.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-450613.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-478960", "title": "Missing CSRF Protection in the Web Server Login Page of Industrial Controllers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478960.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478960.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478960.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "The web server login page of affected products does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack..\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-478960.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-587547", "title": "Unencrypted Storage of User Credentials in QMS Automotive", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-587547.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-587547.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-587547.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "QMS Automotive contains a vulnerability that stores user credentials in plantext within the user database. This could allow an attacker to read credentials from memory. \r\n\r\nSiemens has released an update for QMS Automotive and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-587547.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-764801", "title": "File Parsing Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-764801.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-764801.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-764801.json.asc" } ], "published": "2023-07-11T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation contains multiple vulnerabilities that could be triggered when the application reads PAR, SPP, STP and PRT files.\r\nIf a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-764801.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-957369", "title": "Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-957369.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-957369.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-957369.json.asc" } ], "published": "2023-09-12T00:00:00Z", "updated": "2023-09-12T00:00:00Z", "summary": { "content": "Insyde has published information on vulnerabilities in Insyde BIOS up to [August 2023](https://www.insyde.com/security-pledge). These vulnerabilities also affect the RUGGEDCOM APE1808 product family.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-957369.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-001569", "title": "JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-001569.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-001569.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-001569.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "JT Open Toolkit, JT Utilities and Parasolid are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-001569.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-116172", "title": "Nullsoft Scriptable Install System (NSIS) Vulnerability (CVE-2023-37378) in Parasolid Installer", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116172.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116172.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116172.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "A vulnerability in Nullsoft Scriptable Installer System (NSIS) software (CVE-2023-37378) used in Parasolid installers before V36 creates an \u201cuninstall directory\u201d with insufficient access control. This could allow an attacker to misuse the vulnerability, and potentially escalate privileges. \r\n\r\nOnly systems where Parasolid is installed with a Parasolid installer is impacted. Siemens recommends to uninstall impacted Parasolid instances and reinstall with the latest installer available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-116172.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-131450", "title": "File parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-131450.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-131450.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-131450.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "Siemens JT2Go, Teamcenter Visualization and Solid Edge are affected by multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as ASM or TIFF file format) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-131450.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-180579", "title": "Privilege Management Vulnerability and Multiple Nucleus RTOS Vulnerabilities in APOGEE/TALON Field Panels before V3.5.5/V2.8.20", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-180579.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-180579.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-180579.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "APOGEE PXC / TALON TC field panels (BACnet before V3.5.5 and P2 Ethernet before V2.8.20) contain multiple vulnerabilities:\r\n\r\n* CVE-2022-45937: A privilege management vulnerability that could allow low privilege authenticated attackers to gain high privilege access.\r\n* CVE-2020-28388: Predictable Initial Sequence Numbers in the TCP/IP Stack of Nucleus RTOS (real-time operating system) used by the affected products.\r\n* Several vulnerabilities in the DNS (domain name service) implementation of Nucleus RTOS.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-180579.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-188491", "title": "DLL Hijacking Vulnerabilities in Siemens Software Center", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-188491.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-188491.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-188491.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "Multiple DLL Hijacking vulnerabilities in Siemens Software Center (SSC) could allow a local attacker to execute code with elevated privileges.\r\n\r\nSiemens has released an update for the Siemens Software Center and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-188491.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-223771", "title": "SISCO Stack Vulnerability in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-223771.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-223771.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-223771.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "A vulnerability in the third party component SISCO MMS-EASE could allow attackers to cause a denial of service condition with SIPROTEC 5 devices.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-223771.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-472630", "title": "Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472630.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472630.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472630.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "The RUGGEDCOM CROSSBOW server application before V5.4 contains multiple vulnerabilities that could allow an attacker to execute arbitrary database queries via SQL injection attacks, to create a denial of service condition, or to write arbitrary files to the application's file system.\r\n\r\nSiemens has released an update for RUGGEDCOM CROSSBOW and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-472630.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-811403", "title": "Multiple File Parsing Vulnerabilities in Solid Edge before V223 Update 7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-811403.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-811403.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-811403.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as DFT, PAR or PSM format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to crash the application or execute arbitrary code.\r\n\r\nSiemens has released an update for Solid Edge SE2023 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-811403.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-851884", "title": "Authentication Bypass Vulnerability in Mendix SAML Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-851884.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-851884.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-851884.json.asc" } ], "published": "2023-03-14T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "The Mendix SAML module insufficiently verifies the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application.\r\n\r\nMendix has provided fix releases for the Mendix SAML module and recommends to update to the latest version.\r\n\r\nNote: For compatibility reasons, fixes for several versions of the Mendix SAML module were introduced in two release steps:\r\n\r\n* The first fix versions address CVE-2023-25957. It removes the vulnerability, except when the recommended, default configuration option `'Use Encryption'` is disabled.\r\n\r\n* The second fix versions address CVE-2023-29129, which removes the issue for the non default configuration as well." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-851884.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-932528", "title": "Multiple File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-932528.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-932528.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-932528.json.asc" } ], "published": "2023-05-09T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as DWG, IFC, OBJ or STP format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to crash the application or execute arbitrary code.\r\n\r\nSiemens has released several updates for Solid Edge SE2023 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-932528.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-975961", "title": "Privilege Escalation Vulnerabilities in SICAM TOOLBOX II before V07.10", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975961.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975961.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-975961.json.asc" } ], "published": "2023-08-08T00:00:00Z", "updated": "2023-08-08T00:00:00Z", "summary": { "content": "SICAM TOOLBOX II contains two vulnerabilities that could allow local attackers to execute code on the system with elevated privileges.\r\n\r\nSiemens has released an update for SICAM TOOLBOX II and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-975961.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-146325", "title": "Multiple Vulnerabilities in RUGGEDCOM ROX before V2.16", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-146325.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-146325.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-146325.json.asc" } ], "published": "2023-07-11T00:00:00Z", "updated": "2023-07-11T00:00:00Z", "summary": { "content": "Devices based on RUGGEDCOM ROX before V2.16 contain multiple high severity vulnerabilities, including the third-party vulnerabilities: CVE-2022-24903, CVE-2022-2068, CVE-2021-22946, CVE-2022-22576, CVE-2022-27781, CVE-2022-27782, CVE-2022-32207, CVE-2022-1292.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-146325.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-313488", "title": "Multiple Vulnerabilities in SIMATIC CN 4100 before V2.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313488.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313488.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313488.json.asc" } ], "published": "2023-07-11T00:00:00Z", "updated": "2023-07-11T00:00:00Z", "summary": { "content": "SIMATIC CN 4100 is vulnerable to improper access control and insecure default configurations that could allow an attacker to gain privilege escalation, and bypass network isolation. \r\n\r\nSiemens has released an update for SIMATIC CN 4100 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-313488.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-561322", "title": "Multiple Vulnerabilities in SIMATIC MV500 Devices before V3.3.4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-561322.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-561322.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-561322.json.asc" } ], "published": "2023-07-11T00:00:00Z", "updated": "2023-07-11T00:00:00Z", "summary": { "content": "SIMATIC MV500 devices before V3.3.4 are affected by multiple vulnerabilities in the web server and several third-party components.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-561322.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-924149", "title": "Stack Overflow Vulnerability in SiPass Integrated before V2.90.3.8", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-924149.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-924149.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-924149.json.asc" } ], "published": "2023-07-11T00:00:00Z", "updated": "2023-07-11T00:00:00Z", "summary": { "content": "SiPass integrated versions before V2.90.3.8 contain a stack overflow vulnerability that could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.\r\n\r\nSiemens has released an update for SiPass integrated and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-924149.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-930100", "title": "Privilege Escalation Vulnerability in Simcenter STAR-CCM+", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-930100.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-930100.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-930100.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-07-11T00:00:00Z", "summary": { "content": "Simcenter STAR-CCM+ contains a privilege escalation vulnerability which could allow a local attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges.\r\n\r\nSiemens has released an update for Simcenter STAR-CCM+ and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-930100.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-942865", "title": "Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-942865.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-942865.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-942865.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-06-14T00:00:00Z", "summary": { "content": "SINAMICS PERFECT HARMONY GH180 is affected by multiple vulnerabilities in the integrated SCALANCE S615 device, as documented in SSA-419740 ().\r\n\r\nSiemens recommends to update the firmware of the integrated SCALANCE S615 device to the latest version. Siemens recommends specific countermeasures for products where the firmware update is not, or not yet applied.\r\n\r\nAdditional considerations regarding the specific impact of the vulnerabilities to SINAMICS MV products can be found in the chapter \"Additional Information\"." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-942865.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-120378", "title": "Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-120378.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-120378.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-120378.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious TIF, CGM or PDF files. If a user is tricked to open a malicious TIF, CGM or PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-120378.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-482956", "title": "Information Disclosure Vulnerability in SIMOTION before V5.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-482956.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-482956.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-482956.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "SIMOTION contains an information disclosure vulnerability that could allow an unauthenticated attacker to extract confidential technology object (TO) configuration from the device.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-482956.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-508677", "title": "Use of Obsolete Function Vulnerability in SIMATIC WinCC before V8", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-508677.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-508677.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-508677.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.\r\n\r\nStarting with WinCC V8.0 the legacy OPC services are no longer enabled by default in new installations. Siemens recommends to use OPC UA instead and to disable the legacy OPC services. For deployments where the legacy OPC services are still in use, ensure that only trusted users are part of the SIMATIC HMI group." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-508677.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-538795", "title": "Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-538795.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-538795.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-538795.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious CGM files. If a user is tricked to open a malicious CGM file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-538795.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-572005", "title": "Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-572005.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-572005.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-572005.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "Session fixation and multiple incorrect parameter parsing vulnerabilities that could potentially lead to remote code execution were identified in the web server of SICAM P850 and SICAM P855 devices.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-572005.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-731916", "title": "Multiple Vulnerabilities in CPCI85 Firmware of SICAM A8000 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-731916.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-731916.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-731916.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by multiple vulnerabilities such as authenticated remote command injection, exposure of serial UART interface, and hard coded credentials (for UART login). \r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-731916.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-824231", "title": "Unauthenticated Firmware Upload Vulnerability in Desigo PX Controllers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824231.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824231.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-824231.json.asc" } ], "published": "2018-01-24T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "Several Desigo PXC/PXM devices contain a vulnerability that could allow unauthenticated remote attackers to upload malicious firmware without prior authentication. \r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-824231.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-887249", "title": "Multiple Vulnerabilities in the Web Interface of SICAM Q200 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887249.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887249.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-887249.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "Multiple vulnerabilities were identified in the webserver of Q200 devices. These include Cross Site Request Forgery (CSRF), session fixation, missing secure flags in HTTP cookies and memory corruption issues due to missing input validation that could lead to remote code execution. \r\n\r\nSiemens has released an update for POWER METER SICAM Q200 family and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-887249.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-914026", "title": "Local Code Execution Vulnerability in SIMATIC WinCC V7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914026.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914026.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914026.json.asc" } ], "published": "2023-06-13T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "SIMATIC WinCC V7 is affected by a vulnerability that could allow a local attacker to inject arbitrary code and escalate privileges, if a non-default installation path was chosen during installation.\r\n\r\nSiemens has released an update for SIMATIC WinCC and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-914026.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-988345", "title": "Local Privilege Escalation Vulnerability in Xpedition Designer", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-988345.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-988345.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-988345.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2023-06-13T00:00:00Z", "summary": { "content": "A vulnerability in Xpedition Designer could allow an attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-988345.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-113131", "title": "Denial of Service Vulnerabilities in SIMATIC S7-400 CPUs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-113131.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-113131.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-113131.json.asc" } ], "published": "2018-11-13T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "Two vulnerabilities have been identified in the SIMATIC S7-400 CPU family\r\nthat could allow an attacker to cause a denial of service condition. In order\r\nto exploit the vulnerabilities, an attacker must have access to the affected\r\ndevices on port 102/tcp via Ethernet, PROFIBUS or Multi Point Interfaces\r\n(MPI). \r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-113131.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-325383", "title": "Multiple Vulnerabilities in SCALANCE LPE9403 before V2.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-325383.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-325383.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-325383.json.asc" } ], "published": "2023-05-09T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "SCALANCE LPE9403 is affected by multiple vulnerabilities that could allow an attacker to impact its confidentiality, integrity and availability.\r\n\r\nSiemens has released an update for the SCALANCE LPE9403 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-325383.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-480230", "title": "Denial of Service Vulnerability in Webserver of Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480230.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480230.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480230.json.asc" } ], "published": "2019-04-09T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "A vulnerability in the affected devices could allow an unauthorized attacker\r\nwith network access to the webserver of an affected device to perform a\r\ndenial of service attack.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-480230.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-555292", "title": "Security Vulnerabilities Fixed in SIMATIC Cloud Connect 7 V2.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-555292.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-555292.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-555292.json.asc" } ], "published": "2023-05-09T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "SIMATIC Cloud Connect 7 contains multiple vulnerabilities that could allow an attacker to impact its confidentiality, integrity and availability.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-555292.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-592007", "title": "Denial of Service Vulnerability in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-592007.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-592007.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-592007.json.asc" } ], "published": "2018-03-20T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "Several industrial controllers are affected by a security vulnerability that could allow an attacker to cause a denial of service condition via PROFINET DCP network packets under certain circumstances. Precondition for this scenario is a direct OSI Layer 2 access to the affected products. PROFIBUS interfaces are not affected. \r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-592007.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-632164", "title": "External Entity Injection Vulnerability in Polarion ALM", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-632164.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-632164.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-632164.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "Polarion ALM is vulnerable to XML External Entity (XXE) injection attack that could allow an attacker to potentially disclose confidential data. \r\n\r\nSiemens has released an update for Polarion ALM and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-632164.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-789345", "title": "Code Execution Vulnerabilities in Siveillance Video Event and Management Servers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789345.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789345.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789345.json.asc" } ], "published": "2023-05-09T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "Both the Event Server and the Management Server components of Siveillance Video deserialize data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions. The provided cumulative hotfix releases include the fixes for both Event Server (ES) and Management Server (MS). Ensure to apply the fixes on all relevant servers in your deployment." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-789345.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-892048", "title": "Third-Party Component Vulnerabilities in SINEC NMS before V1.0.3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-892048.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-892048.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-892048.json.asc" } ], "published": "2023-05-09T00:00:00Z", "updated": "2023-05-09T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affecting third-party components libexpat and libcurl of SINEC NMS before V1.0.3.1 could allow an attacker to impact SINEC NMS confidentiality, integrity and availability.\r\n\r\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-892048.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-102233", "title": "SegmentSmack in VxWorks-based Industrial Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-102233.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-102233.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-102233.json.asc" } ], "published": "2020-04-14T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "The products listed below contain a vulnerability that could allow remote attackers to affect\r\nthe availability of the devices under certain conditions.\r\nThe underlying TCP stack can be forced to make very computation expensive calls\r\nfor every incoming packet which can lead to a Denial-of-Service.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-102233.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-270778", "title": "Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC Software", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-270778.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-270778.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-270778.json.asc" } ], "published": "2020-02-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "A Denial-of-Service vulnerability was found in SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC software when encrypted communication is enabled. The vulnerability could allow \nan attacker with network access to cause a Denial-of-Service condition under certain circumstances (versions prior to SIMATIC WinCC V7.3 or SIMATIC PCS 7 V8.1 are not affected as encrypted communication is not an option).\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.\n\nNote: The vulnerability is part of a shared component, used by various Siemens products (SIMATIC Communication Services - SCS). The installation of a fix version of any product also removes the vulnerability for other products on the same system, even if those products were not updated." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-270778.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-310038", "title": "Multiple Vulnerabilities in SCALANCE X Switch Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-310038.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-310038.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-310038.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Several SCALANCE X switches contain multiple vulnerabilities. An unauthenticated attacker could reboot, cause denial-of-service conditions and potentially impact the system by other means through heap and buffer overflow vulnerabilities.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-310038.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-459643", "title": "Denial of Service Vulnerability in RUGGEDCOM ROS before V5.6.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-459643.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-459643.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-459643.json.asc" } ], "published": "2022-09-13T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "RUGGEDCOM ROS-based devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop, with none completed, the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections.\r\nThe web server recovers by itself once the attack ends.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-459643.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-462066", "title": "Vulnerability known as TCP SACK PANIC in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-462066.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-462066.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-462066.json.asc" } ], "published": "2019-09-10T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-462066.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-472454", "title": "Command Injection Vulnerability in CPCI85 Firmware of SICAM A8000 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472454.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472454.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-472454.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by unauthenticated command injection vulnerability. This could allow an attacker to perfom remote code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-472454.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-479249", "title": "Weak Encryption Vulnerability in SCALANCE X-200IRT Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-479249.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-479249.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-479249.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "The SSH server on SCALANCE X-200IRT devices is configured to offer weak ciphers by default. This could\r\nallow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over\r\nthe connection between legitimate clients and the affected device.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-479249.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-511182", "title": "Use of Static TLS Certificate Known Hard Coded Private Keys in Adaptec Maxview Application", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-511182.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-511182.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-511182.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "The Adaptec Maxview application shipped with affected SIMATIC IPCs contains a hard coded, non-unique certificate to secure HTTPS connections between the browser and the local Maxview configuration application. A local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit.\r\n\r\nAdaptec has released updates for the affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-511182.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-549234", "title": "Denial-of-Service Vulnerability in SIMATIC NET CP Modules", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-549234.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-549234.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-549234.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "A denial of service vulnerability was identified in different types of Communication Processors. An attacker could exploit this vulnerability causing the device to become un-operational until the device is restarted.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-549234.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-557541", "title": "Denial-of-Service Vulnerability in SIMATIC S7-400 CPUs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-557541.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-557541.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-557541.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "SIMATIC S7-400 CPU devices contain an input validation vulnerability that could allow an attacker to create a Denial-of-Service condition. A restart is needed to restore normal operations.\n\nSiemens has released an update for SIMATIC S7-410 V10 CPU family and SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants for both) and recommends to update to the latest version. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-557541.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-558014", "title": "Third-Party Component Vulnerabilities in SCALANCE XCM332 before V2.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-558014.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-558014.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-558014.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Multiple vulnerabilities in the third-party components cURL, BusyBox, libtirpc, Expat as well as in the Linux Kernel could allow an attacker to impact the SCALANCE XCM332 device's confidentiality, integrity and availability.\r\n\r\nSiemens has released an update for the SCALANCE XCM332 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-558014.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-572164", "title": "Luxion KeyShot Vulnerability in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-572164.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-572164.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-572164.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "The Solid Edge installation package includes a specific version of the third-party product\r\nKeyShot from Luxion : , which may not contain the latest security fixes provided by Luxion.\r\n\r\nSiemens recommends to update KeyShot according to the information in the\r\nLuxion Security Advisory LSA-610622: ." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-572164.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-603476", "title": "Web Vulnerabilities in SIMATIC NET CP 343-1/CP 443-1 Modules and SIMATIC S7-300/S7-400 CPUs", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-603476.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-603476.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-603476.json.asc" } ], "published": "2016-11-21T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "SIMATIC CP 343-1 Advanced/CP-443-1 Advanced devices and SIMATIC S7-300/S7-400 CPUs are affected by two vulnerabilities. One of the vulnerabilities could allow remote attackers to perform operations as an authenticated user under certain conditions.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-603476.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-629917", "title": "Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629917.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629917.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629917.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by a memory corruption vulnerability in the APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-629917.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-642810", "title": "JT File Parsing Vulnerability in JT Open and JT Utilities", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-642810.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-642810.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-642810.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "JT Open Toolkit and JT Utilities are affected by a memory corruption vulnerability that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-642810.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-676336", "title": "OpenSSH Vulnerabilities in SCALANCE X-200 and X-300/X408 Switches", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-676336.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-676336.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-676336.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "The latest update of the SCALANCE X-200 and X-300/X408 switches families fixes multiple OpenSSH vulnerabilities.\nThe most severe of these vulnerabilities could allow a denial of service condition.\n \nSiemens has released updates for several affected products and recommends to update to the latest versions.\nSiemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-676336.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-699404", "title": "Observable Response Discrepancy in Mendix Forgot Password Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-699404.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-699404.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-699404.json.asc" } ], "published": "2023-04-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "The Mendix Forgot Password module contains an observable response discrepancy issue that could allow an attacker to retrieve sensitive information.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-699404.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-700053", "title": "Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-700053.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-700053.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-700053.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by multiple file parsing vulnerabilities that could be triggered when the application reads a malicious file in CGM or RAS format. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-700053.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-792594", "title": "Host Header Injection Vulnerability in Polarion ALM", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-792594.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-792594.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-792594.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Polarion ALM contains a misconfiguration in its default Apache HTTP Server configuration that could allow an attacker to perform host header injection attacks. \r\n\r\nSiemens has released an update for Polarion ALM and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-792594.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-838121", "title": "Multiple Denial of Service Vulnerabilities in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-838121.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-838121.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-838121.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Affected SIMATIC firmware contains three vulnerabilities that could allow an unauthenticated attacker to perform a denial of service attack under certain conditions.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-838121.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-840188", "title": "Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-840188.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-840188.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-840188.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow local or remote attackers to escalate privileges and read, write or delete critical files.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.\r\n\r\nNote: The vulnerability CVE-2021-40359 is part of a shared component, used by various Siemens products (SIMATIC Communication Services - SCS). The installation of a fix version of any product also removes the vulnerability for other products on the same system, even if those products were not updated." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-840188.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-978220", "title": "Denial of Service Vulnerability over SNMP in Multiple Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-978220.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-978220.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-978220.json.asc" } ], "published": "2020-02-11T00:00:00Z", "updated": "2023-04-11T00:00:00Z", "summary": { "content": "Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a denial of service attack by sending specially crafted packets to port 161/udp (SNMP).\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-978220.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-260625", "title": "Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-260625.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-260625.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-260625.json.asc" } ], "published": "2023-03-14T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "RUGGEDCOM CROSSBOW V5.2 fixes two vulnerabilities that\r\ncould allow authenticated remote attackers to perform unauthorized actions\r\n(CVE-2023-27309) or escalate privileges (CVE-2023-27310).\r\n\r\nSiemens has released an update for RUGGEDCOM CROSSBOW and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-260625.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-320629", "title": "Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-320629.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-320629.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-320629.json.asc" } ], "published": "2023-03-14T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "RUGGEDCOM CROSSBOW before V5.3 contains two vulnerabilities that could allow authenticated remote attackers to access data they are not authorized for, or execute arbitrary database queries via an SQL injection attack.\n\nSiemens has released an update for RUGGEDCOM CROSSBOW and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-320629.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-324955", "title": "SAD DNS Attack in Linux Based Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-324955.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-324955.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-324955.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "A vulnerability made public under the name SAD DNS affects Domain Name \r\nSystem resolvers due to a vulnerability in the Linux kernel when \r\nhandling ICMP packets. The Siemens products which are affected\r\nare listed below. For more information please see .\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-324955.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-419740", "title": "Multiple\tThird-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-419740.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-419740.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-419740.json.asc" } ], "published": "2023-03-14T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "Multiple third-party component vulnerabilities were reported for the Busybox applet, the Linux Kernel, OpenSSL, OpenVPN and various other components used by the RUGGEDCOM and SCALANCE products. The vulnerabilities range from improper neutralization of special elements to improper handling of commands under certain circumstances, that could lead to code injection and denial of service.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-419740.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-476715", "title": "Two Vulnerabilities in Automation License Manager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-476715.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-476715.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-476715.json.asc" } ], "published": "2023-01-10T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "Siemens Automation License Manager contains two vulnerabilities which, when combined, could allow an attacker to modify and rename license files, extract licenses and overwrite arbitrary files on the target system potentially leading to privilege escalation and remote code execution. The affected functionality is not available for remote attackers in the default configuration since version V6.0 SP2 of Automation License Manager.\r\n\r\nSiemens has released an update for Automation License Manager V6 and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-476715.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-491245", "title": "Multiple File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-491245.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-491245.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-491245.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as X_B, DWG, DXF, STL, STP, SLDPRT and PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to crash the application, extract data or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-491245.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-517377", "title": "Multiple Vulnerabilities in the SRCS VPN Feature in SIMATIC CP Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-517377.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-517377.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-517377.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "The below referenced devices contain multiple vulnerabilities that could be exploited when the SINEMA Remote Connect Server (SRCS) VPN feature is used. The feature is not activated by default. The most severe could allow an attacker to execute arbitrary code with elevated privileges under certain circumstances.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-517377.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-539476", "title": "Siemens SIMATIC NET CP, SINEMA and SCALANCE Products Affected by Vulnerabilities in Third-Party Component strongSwan", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-539476.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-539476.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-539476.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "Vulnerabilities in the third-party component strongSwan could allow an attacker to cause a denial of service (DoS) condition in affected devices by exploiting integer overflow bugs.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-539476.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-565386", "title": "Third-Party Component Vulnerabilities in SCALANCE W-700 IEEE 802.11ax devices before V2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-565386.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-565386.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-565386.json.asc" } ], "published": "2023-03-14T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affecting various third-party components of SCALANCE W-700 IEEE 802.11ax devices before V2.0 could allow an attacker to cause a denial of service condition, disclose sensitive data or violate the system integrity.\r\n\r\nSiemens has released an update for SCALANCE W-700 IEEE 802.11ax and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-565386.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-847261", "title": "Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-847261.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-847261.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-847261.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation has released an update, 2201 Update 6, that fixes multiple vulnerabilities that could be triggered when the application reads SPP files.\r\nIf a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.\r\n\r\nSiemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-847261.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-941426", "title": "Multiple LLDP Vulnerabilities in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-941426.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-941426.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-941426.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2023-03-14T00:00:00Z", "summary": { "content": "There are multiple vulnerabilities in an underlying Link Layer Discovery Protocol (LLDP) third party library.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-941426.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-252808", "title": "XPath Constraint Vulnerability in Mendix Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-252808.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-252808.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-252808.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-252808.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-313313", "title": "Denial of Service Vulnerability in the FTP Server of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313313.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313313.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-313313.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "The FTP server of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-313313.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-506569", "title": "Multiple Vulnerabilities in SCALANCE W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-506569.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-506569.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-506569.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "The SCALANCE W1750D device contains multiple vulnerabilities that could allow an attacker to inject commands or exploit buffer overflow vulnerabilities which could lead to denial of service, unauthenticated remote code execution or stored XSS.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-506569.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-565356", "title": "X_T File Parsing Vulnerabilities in Simcenter Femap before V2023.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-565356.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-565356.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-565356.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "Simcenter Femap is affected by out of bounds read/write vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-565356.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-568428", "title": "Weak Key Protection Vulnerability in SINUMERIK ONE and SINUMERIK MC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-568428.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-568428.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-568428.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "SINUMERIK ONE and SINUMERIK MC products are affected by a weak key protection vulnerability in the integrated S7-1500 CPU. The weak key protection vulnerability in the integrated S7-1500 CPU is documented in more detail in SSA-568427 [1].\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions.\r\n\r\n[1] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-568428.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-617755", "title": "Denial of Service Vulnerability in the SNMP Agent of SCALANCE X-200IRT Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-617755.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-617755.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-617755.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "Products of the SCALANCE X-200IRT switch family are affected by a denial of service vulnerability in the SNMP agent that could allow remote attackers to cause a denial of service condition.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-617755.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-658793", "title": "Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-658793.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-658793.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-658793.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "SiPass integrated ACC (Advanced Central Controller) devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-658793.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-693110", "title": "Buffer Overflow Vulnerability in COMOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693110.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693110.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693110.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "COMOS is affected by memory corruption vulnerability in the cache validation service that could allow an attacker to execute arbitrary code or cause denial of service condition. \r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-693110.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-744259", "title": "Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-744259.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-744259.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-744259.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "Siemens has released a new version for Brownfield Connectivity - Gateway that contains fixes for multiple vulnerabilities in the underlying Golang implementation. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS).\r\n\r\nSiemens has released an update for Brownfield Connectivity - Gateway and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-744259.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-836777", "title": "JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836777.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836777.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836777.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "JT Open Toolkit, JT Utilities and Parasolid are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-836777.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-953464", "title": "Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-953464.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-953464.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-953464.json.asc" } ], "published": "2023-02-14T00:00:00Z", "updated": "2023-02-14T00:00:00Z", "summary": { "content": "Siemens has released a new version for Brownfield Connectivity - Client that contains fixes for multiple vulnerabilities in the underlying OpenSSL library. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS).\r\n\r\nSiemens has released an update for Brownfield Connectivity - Client and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-953464.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-210822", "title": "Improper Access Control Vulnerability in Mendix Workflow Commons Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-210822.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-210822.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-210822.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-01-10T00:00:00Z", "summary": { "content": "The Mendix Workflow Commons module improperly handles access control for some module entities. This could allow authenticated remote attackers to read or delete sensitive information.\r\n\r\nMendix has released updates for several version lines of the Mendix Workflow Commons module and recommends to update to the latest version.\r\n\r\nNote that the fix might slightly impact the module's functionality in specific cases." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-210822.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-332410", "title": "Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-332410.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-332410.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-332410.json.asc" } ], "published": "2023-01-10T00:00:00Z", "updated": "2023-01-10T00:00:00Z", "summary": { "content": "Siemens has released a new version for SINEC INS that fixes multiple vulnerabilities that could allow an attacker to read and write arbitrary files from the file system of the affected component and to ultimately execute arbitrary code on the device. In addition, this version also contains fixes for multiple vulnerabilities in underlying third party components.\r\n\r\nSiemens has released an update for SINEC INS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-332410.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-431678", "title": "Denial of Service Vulnerability in SIMATIC S7 CPU Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-431678.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-431678.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-431678.json.asc" } ], "published": "2020-02-11T00:00:00Z", "updated": "2023-01-10T00:00:00Z", "summary": { "content": "SIMATIC S7 CPU families are affected by a vulnerability that could allow remote attackers\r\nto perform a denial of service attack by sending a specially crafted HTTP request to the web server of an\r\naffected device.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-431678.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-496604", "title": "Cross-Site Scripting Vulnerability in Mendix SAML Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-496604.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-496604.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-496604.json.asc" } ], "published": "2023-01-10T00:00:00Z", "updated": "2023-01-10T00:00:00Z", "summary": { "content": "The Mendix SAML module is affected by a reflected cross-site scripting (XSS) vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link. Apps are only vulnerable in certain cases when non-default configuration is used.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-496604.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-547714", "title": "Argument Injection Vulnerability in SIMATIC WinCC OA Ultralight Client", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-547714.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-547714.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-547714.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2023-01-10T00:00:00Z", "summary": { "content": "SIMATIC WinCC OA contains an argument injection vulnerability that could allow an authenticated remote attacker to inject arbitrary parameters, when starting the Ultralight Client via the web interface (e.g., open attacker chosen panels with the attacker's credentials or start a Ctrl script).\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-547714.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-936212", "title": "JT File Parsing Vulnerabilities in JT Open, JT Utilities and Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-936212.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-936212.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-936212.json.asc" } ], "published": "2023-01-10T00:00:00Z", "updated": "2023-01-10T00:00:00Z", "summary": { "content": "JT Open Toolkit, JT Utilities and Solid Edge are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-936212.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-997779", "title": "File Parsing Vulnerability in Solid Edge before V2023 MP1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-997779.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-997779.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-997779.json.asc" } ], "published": "2023-01-10T00:00:00Z", "updated": "2023-01-10T00:00:00Z", "summary": { "content": "Solid Edge is affected by memory corruption vulnerability that could be triggered when the application read files in different file formats such as PAR, ASM, DFT. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released an update for Solid Edge and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-997779.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-224632", "title": "Improper Access Control Vulnerability in Mendix Email Connector Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-224632.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-224632.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-224632.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "The Mendix Email Connector module improperly handles access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.\r\n\r\nMendix has released an update for the Mendix Email Connector module and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-224632.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-274282", "title": "Cross Site Scripting Vulnerability in PLM Help Server V4.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-274282.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-274282.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-274282.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "The Siemens PLM Help Server V4.2 for documentation contains a reflected cross-\u00adsite scripting vulnerability. This product has reached end of life, and security vulnerabilities are no longer patched. \r\n\r\nSiemens has released a new version of Documentation Server that resolves this vulnerability. See the chapter \"Additional Information\" below for more details." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-274282.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-274900", "title": "Use of Hardcoded Key in SCALANCE X Devices Under Certain Conditions", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-274900.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-274900.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-274900.json.asc" } ], "published": "2021-01-12T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "SCALANCE X devices might not generate a unique random key\r\nafter factory reset, and use a private key shipped with the firmware.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-274900.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-312271", "title": "Unquoted Search Path Vulnerability in Windows-based Industrial Software Applications", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-312271.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-312271.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-312271.json.asc" } ], "published": "2020-06-09T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Several industrial products as listed below contain a local privilege escalation vulnerability that could allow a local attacker to execute arbitrary code with SYTEM privileges.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-312271.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-333517", "title": "Multiple Vulnerabilities in SCALANCE SC-600 Family before V3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-333517.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-333517.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-333517.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affecting various third-party components of the SCALANCE SC-600 family could allow an attacker to cause a denial of service condition, corrupt memory or potentially execute custom code.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-333517.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-360681", "title": "Datalogics File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Siemens Teamcenter Visualization and JT2Go are affected by multiple out of bounds write vulnerabilities in the APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-363821", "title": "Multiple Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-363821.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-363821.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-363821.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "SCALANCE X-200RNA switch devices before V3.2.7 contain multiple vulnerabilities that could allow an attacker to cause a denial of service condition, to extract sensitive information or to hijack existing sessions.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-363821.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-412672", "title": "Multiple OpenSSL and OpenSSH Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-412672.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-412672.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-412672.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "SCALANCE X-200RNA switch devices before V3.2.7 contain multiple OpenSSL and OpenSSH vulnerabilities. The most severe of these vulnerabilities could allow a denial of service condition or could lead to execution of arbitrary code.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-412672.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-436469", "title": "TCP Vulnerability in APOGEE/TALON Field Panels", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-436469.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-436469.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-436469.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "A TCP sequence vulnerability in the APOGEE PXC and TALON TC series of products could allow an attacker to execute a denial of service attack by sending specially crafted packets to the device.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-436469.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-443566", "title": "Authentication Bypass in SCALANCE X Switches Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-443566.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-443566.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-443566.json.asc" } ], "published": "2020-01-14T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Several SCALANCE X switches are affected by an Authentication Bypass vulnerability. The vulnerability allows an unauthenticated attacker to violate access-control rules. The vulnerability can be exploited by sending a GET request to a specific uniform resource locator on the web configuration interface of the device. \r\n\r\nThe security vulnerability could be exploited by an attacker with network access to the affected systems. An attacker could use the vulnerability to obtain sensitive information or change the device configuration. \r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-443566.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-480829", "title": "Cross-Site Scripting Vulnerabilities in SCALANCE X Switches", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480829.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480829.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480829.json.asc" } ], "published": "2018-06-12T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Two cross-site scripting (XSS) vulnerabilities were identified in the web server of several SCALANCE X switches.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-480829.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-588101", "title": "Multiple File Parsing Vulnerabilities in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-588101.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-588101.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-588101.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Parasolid is affected by out of bounds read/write vulnerabilities that could be triggered when the application reads files in X_B format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-588101.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-638652", "title": "Authentication Bypass Vulnerability in Mendix SAML Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-638652.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-638652.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-638652.json.asc" } ], "published": "2022-09-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "The Mendix SAML module insufficiently protects from packet capture replay. This could allow unauthorized remote attackers to bypass authentication and get access to the application.\r\n\r\nMendix has provided fix releases for the Mendix SAML module and recommends to update to the latest version.\r\n\r\nNote: For compatibility reasons, fix versions are introduced in two release steps:\r\n\r\n* The first fix versions address CVE-2022-37011. It removes the vulnerability, except when the not recommended, non default configuration option `'Allow Idp Initiated Authentication'` is enabled.\r\n* The second fix versions address CVE-2022-44457, which removes the issue for the non default configuration as well." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-638652.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-678983", "title": "Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-678983.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-678983.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-678983.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Intel has published information on vulnerabilities in Intel products in [November 2020]().\r\nThis advisory lists the Siemens IPC related products, that are affected by these vulnerabilities.\r\n\r\nIn this advisory we take a representative CVE from each advisory:\r\n\r\n- \u201cIntel CSME, SPS, TXE, AMT and DAL Advisory\u201d Intel-SA-00391 is represented by CVE-2020-8745\r\n\r\n- \u201cIntel RAPL Interface Advisory\u201d Intel-SA-00389 is represented by CVE-2020-8694\r\n\r\n- \u201cIntel Processor Advisory\u201d Intel-SA-00381 is represented by CVE-2020-8698, and \r\n\r\n- \u201cBIOS Advisory\u201d Intel-SA-00358 is represented by CVE-2020-0590.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-678983.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-849072", "title": "Several Vulnerabilities in SICAM PAS before V8.06", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-849072.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-849072.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-849072.json.asc" } ], "published": "2022-12-13T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "SICAM PAS/PQS before V8.06 is affected by three vulnerabilities which could lead to remote code execution, privilege escalation or the creation of a denial of service condition.\r\n\r\nSiemens has released several updates for SICAM PAS/PQS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-849072.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-951513", "title": "Clickjacking Vulnerability in SCALANCE S, SCALANCE X-300, X-200IRT, X-200RNA and X-200 Switch Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-951513.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-951513.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-951513.json.asc" } ], "published": "2020-02-11T00:00:00Z", "updated": "2022-12-13T00:00:00Z", "summary": { "content": "Several SCALANCE X switches contain a vulnerability that could allow an attacker to perform administrative actions\nif the victim is tricked into clicking on a website controlled by the attacker.\nThe attack only works if the victim has an authenticated session on the administrative interface of the switch.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-951513.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-362164", "title": "Predictable Initial Sequence Numbers in the TCP/IP Stack of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-362164.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-362164.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-362164.json.asc" } ], "published": "2021-02-09T00:00:00Z", "updated": "2022-11-08T00:00:00Z", "summary": { "content": "The networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) use Initial Sequence Numbers for TCP-Sessions that are predictable.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-362164.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-371761", "title": "Arbitrary Code Execution Vulnerability in the Logback Component of SINEC NMS before V1.0.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-371761.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-371761.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-371761.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2022-11-08T00:00:00Z", "summary": { "content": "SINEC NMS versions before V1.0.3 are affected by a vulnerability in the logback component (CVE-2021-42550) that could allow attackers with write access to the logback configuration file to execute arbitrary code on the system. \r\n\r\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-371761.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-400332", "title": "Insufficient Design IP Protection in IEEE 1735 Recommended Practice - Impact to Questa and ModelSim", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-400332.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-400332.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-400332.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2022-11-08T00:00:00Z", "summary": { "content": "A security research [1] identified weaknesses in the IEEE 1735 recommended practice for encryption of Design IP, which could allow a sophisticated attacker access to unencrypted Design IP data in IEEE 1735-compliant products. This advisory addresses the specific details for the affected Siemens software products: Questa and ModelSim simulators.\r\n\r\nSiemens is preparing updates and recommends specific countermeasures for Questa and ModelSim.\r\n\r\n[1] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-400332.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-501891", "title": "Cross-Site Scripting Vulnerability in SCALANCE X-200 and X-200IRT Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501891.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501891.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501891.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-11-08T00:00:00Z", "summary": { "content": "There is a cross-site scripting vulnerability that affects the SCALANCE switches. This vulnerability if used by a threat actor could result in the stealing of session cookies and session hijacking.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-501891.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-853037", "title": "File Parsing Vulnerabilities in Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-853037.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-853037.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-853037.json.asc" } ], "published": "2022-11-08T00:00:00Z", "updated": "2022-11-08T00:00:00Z", "summary": { "content": "Parasolid is affected by out of bounds read/write vulnerabilities that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-853037.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-640732", "title": "Authentication Bypass Vulnerability in Siveillance Video Mobile Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640732.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640732.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-640732.json.asc" } ], "published": "2022-10-21T00:00:00Z", "updated": "2022-10-21T00:00:00Z", "summary": { "content": "The mobile server component of Siveillance Video 2022 R2 contains an authentication bypass vulnerability that could allow an unauthenticated remote attacker to access the application without a valid account.\r\n\r\nSiemens has released a hotfix for Siveillance Video 2022 R2 and recommends to apply the hotfix on all installations of the mobile server." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-640732.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-568427", "title": "Weak Key Protection Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-568427.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-568427.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-568427.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "SIMATIC S7-1200, S7-1500 CPUs and related products protect the built-in global private key in a way that cannot be considered sufficient any longer. The key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication. \r\nThis could allow attackers to discover the private key of a CPU product family by an offline attack against a single CPU of the family. Attackers could then use this knowledge to extract confidential configuration data from projects that are protected by that key or to perform attacks against legacy PG/PC and HMI communication.\r\n\r\nSiemens recommends to update both the affected products as well as the corresponding TIA Portal project to the latest versions. TIA Portal V17 and related CPU firmware versions introduced protection of confidential configuration data based on individual passwords per device and TLS-protected PG/PC and HMI communication.\r\n\r\nAdditional details can be found in the related Siemens security bulletin SSB-898115 ()." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-568427.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-254054", "title": "Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) - Impact to Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-254054.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-254054.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-254054.json.asc" } ], "published": "2022-04-19T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "A vulnerability in Spring Framework was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2022-22965 and is also known as \"Spring4Shell\" or \"SpringShell\".\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-254054.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-258115", "title": "DWG File Parsing Vulnerability in Solid Edge before SE2022MP9", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-258115.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-258115.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-258115.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "Solid Edge is affected by a heap overflow vulnerability that could be triggered when the application reads DWG files. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released an update for the Solid Edge and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-258115.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-280624", "title": "Multiple Vulnerabilities in SCALANCE W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280624.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280624.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-280624.json.asc" } ], "published": "2021-10-12T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "The Scalance W1750D device contains multiple vulnerabilities that could allow an attacker to inject commands or exploit multiple buffer overflow vulnerabilities that could lead to denial of service or unauthenticated remote code execution.\r\n\r\nSiemens has released updates for the SCALANCE W1750D and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-280624.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-360783", "title": "Multiple Webserver Vulnerabilities in Desigo PXM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-360783.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-360783.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-360783.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "Desigo PXM devices contain multiple vulnerabilities in the webserver application that could allow an attacker to potentially access sensitive information, execute arbitrary commands, cause a denial of service condition, or perform remote code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-360783.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-384224", "title": "Denial of Service Vulnerability in SIMATIC HMI Panels", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-384224.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-384224.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-384224.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "Several SIMATIC HMI Panels are affected by a vulnerability that could allow an attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-384224.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-611756", "title": "JT File Parsing Vulnerability in JTTK and Simcenter Femap", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-611756.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-611756.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-611756.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "JT Open Toolkit (JTTK) and Simcenter Femap are affected by an uninitialized pointer reference vulnerability that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-611756.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-649853", "title": "Improper Certificate Validation Vulnerability in Industrial Edge Management", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-649853.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-649853.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-649853.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "Industrial Edge Management contains a vulnerability that could allow an unauthenticated attacker to spoof a trusted entity by interfering in the communication path between the Industrial Edge Management (IEM) and the Industrial Edge Hub (IEH) using a crafted certificate.\r\n\r\nAn attacker could use this to inject malicious maintenance requests (e.g. sending statistics, activating remote support, exchanging the initial keys when onboarding, querying new extensions).\r\n\r\nSiemens has released an update for the Industrial Edge Management and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-649853.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-685781", "title": "Multiple Vulnerabilities in Apache HTTP Server Affecting Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-685781.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-685781.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-685781.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "Multiple vulnerabilities were identified in the Apache HTTP Server software. These include NULL Pointer Dereferencing, Out-of-bounds Write and Server-Side Request Forgery related vulnerabilities.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-685781.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-836027", "title": "Client-side Authentication in Desigo CC and Cerberus DMS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836027.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836027.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836027.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "Desigo CC and Cerberus DMS are based on SIMATIC WinCC OA and implement client-side only authentication for specific parts of their client-server communication. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated, as documented for SIMATIC WinCC OA in SSA-111512 [1].\r\n\r\nSiemens recommends specific mitigations, documented in [2], for products where fixes are not, or not yet available. Additional details regarding these mitigations can be found in the chapter Additional Information.\r\n\r\n[1] \r\n[2] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-836027.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-917476", "title": "Multiple Vulnerabilities in SCALANCE W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-917476.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-917476.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-917476.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "The Scalance W1750D device contains multiple vulnerabilities that could allow an attacker to execute code on the affected device(s), read arbitrary files, or create a denial-of-service condition.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-917476.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-928782", "title": "Firmware Authenticity Vulnerability in LOGO! 8 BM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928782.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928782.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-928782.json.asc" } ], "published": "2022-10-11T00:00:00Z", "updated": "2022-10-11T00:00:00Z", "summary": { "content": "LOGO! 8 BM (incl. SIPLUS variants) contains a vulnerability that could allow an attacker to install manipulated firmware packages.\r\n\r\nSiemens has released an update for the LOGO! 8 BM (incl. SIPLUS variants) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-928782.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-179516", "title": "OpenSSL Vulnerability in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-179516.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-179516.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-179516.json.asc" } ], "published": "2018-08-07T00:00:00Z", "updated": "2022-09-13T00:00:00Z", "summary": { "content": "Several Siemens industrial products are affected by a vulnerability in OpenSSL, that could result in data being sent out unencrypted by the SSL/TLS record layer.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-179516.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-243317", "title": "File Parsing Vulnerability in Simcenter Femap and Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-243317.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-243317.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-243317.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-09-13T00:00:00Z", "summary": { "content": "Simcenter Femap and Parasolid are affected by an out of bounds read vulnerability that could be triggered when the application reads files in NEU format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-243317.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-429204", "title": "Open Design Alliance Drawings SDK Vulnerabilities in JT2Go and Teamcenter Visualization", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-429204.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-429204.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-429204.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-09-13T00:00:00Z", "summary": { "content": "JT2Go and Teamcenter Visualization are affected by multiple file parsing vulnerabilities in Drawings SDK from Open Design Alliance. If a user is tricked to open a malicious DWG file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions.\r\n\r\nNote:\r\n\r\n - This advisory covers security vulnerabilities recently disclosed by Open Design Alliance [0]\r\n\r\n[0] [https://www.opendesign.com/security-advisories](https://www.opendesign.com/security-advisories)" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-429204.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-518824", "title": "Multiple File Parsing Vulnerabilities in Simcenter Femap and Parasolid", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-518824.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-518824.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-518824.json.asc" } ], "published": "2022-09-13T00:00:00Z", "updated": "2022-09-13T00:00:00Z", "summary": { "content": "Simcenter Femap and Parasolid are affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in X_T file formats. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-518824.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-589975", "title": "Improper Access Control Vulnerability in CoreShield OWG Software", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589975.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589975.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-589975.json.asc" } ], "published": "2022-09-13T00:00:00Z", "updated": "2022-09-13T00:00:00Z", "summary": { "content": "The default installation of the Windows version of the CoreShield One-Way Gateway (OWG) software sets insecure file permissions that could allow a local attacker to escalate privileges to local administrator.\r\n\r\nSiemens Mobility has released an update for the CoreShield OWG software and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-589975.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-637483", "title": "Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json.asc" } ], "published": "2022-09-13T00:00:00Z", "updated": "2022-09-13T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affecting various third-party components of SINEC INS before V1.0 SP2 could allow an attacker to cause a denial of service condition, disclose sensitive data or violate the system integrity.\r\n\r\nSiemens has released an update for the SINEC INS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-185638", "title": "Authentication Bypass Vulnerability in SICAM A8000 Web Server Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-185638.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-185638.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-185638.json.asc" } ], "published": "2022-08-09T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

A vulnerability was identified in the web server module used in the SICAM A8000 CP-8000, CP-8021 and CP-8022 devices' protocol firmwares.

\n
    \n
  • AGPMT0 (AGP Master)
    • \n
  • DNPiT1 (DNP3 TCP/IP Server)
    • \n
  • DNPiT2 (DNP3 TCP/IP Client)
    • \n
  • DNPMT0 (DNP3 Master seriell)
    • \n
  • DNPST0 (DNP3 Slave seriell)
    • \n
  • ET83 (61850 Ed.1)
    • \n
  • ET85 (61850 Ed.2)
    • \n
  • MBCiT0 (MODBUS TCP/IP Client)
    • \n
  • MBSiT0 (MODBUS TCP/IP Server)
    • \n
  • MODMT2 (MODBUS Master seriell)
    • \n
  • OPUPT0 (OPCUA Pub/Sub)
    • \n
  • OPUPT1 (Mindconnect)
    • \n
\n

The vulnerability could allow unauthenticated access to the web interface of the affected web server module. The module is used for diagnostic purposes as well as commissioning and has to be activated manually within the protocol firmwares. For this reason the protocol firmwares are secure by default. Siemens updated the manual to make the situation transparent and raise awareness for operators.

\n

Siemens recommends countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-185638.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-220589", "title": "Hard Coded Default Credential Vulnerability in Teamcenter", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-220589.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-220589.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-220589.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Siemens has released updates for Teamcenter that fixes a security vulnerability related to unsecure storage of user credentials. This vulnerability affects Java EE Server Manager HTML Adaptor. This service is not installed by default and currently also obsoleted.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-220589.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-232418", "title": "Vulnerabilities in SIMATIC S7-1200 and SIMATIC S7-1500 CPU Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-232418.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-232418.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-232418.json.asc" } ], "published": "2019-08-13T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Two vulnerabilities have been identified in the SIMATIC S7-1200/S7-1500 CPU families and related products. One vulnerability (CVE-2019-10943) could allow an attacker with\nnetwork access to affected devices to modify the user program stored on these\ndevices such that the source code differs from the actual running code. The\nother vulnerability (CVE-2019-10929) could allow an attacker in a Man-in-the-Middle position\nto modify network traffic exchanged on port 102/tcp.

\n

Siemens has released updates for several affected products to fix CVE-2019-10929 and recommends to update to the latest versions.\nRegarding CVE-2019-10943, Siemens recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-232418.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-307392", "title": "Denial of Service in OPC UA in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-307392.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-307392.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-307392.json.asc" } ], "published": "2019-04-09T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

A vulnerability has been identified in the OPC UA server of several industrial\nproducts. The vulnerability could cause a denial of service condition on the\nservice or the device.

\n

Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-307392.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-492828", "title": "Denial-of-Service Vulnerability in SIMATIC S7-300 CPUs and SINUMERIK Controller", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-492828.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-492828.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-492828.json.asc" } ], "published": "2020-11-10T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

A vulnerability in S7-300 might allow an attacker to cause a\nDenial-of-Service condition on port 102 of the affected devices by sending specially\ncrafted packets.

\n

Siemens recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-492828.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-555707", "title": "Information Disclosure Vulnerability in Simcenter STAR-CCM+", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-555707.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-555707.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-555707.json.asc" } ], "published": "2022-08-09T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Simcenter STAR-CCM+ contains an information disclosure vulnerability when using the Power-on-Demand public license server. An attacker could access a system's host, user, and display name.

\n

Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-555707.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-580125", "title": "Multiple Vulnerabilities in SIMATIC eaSie", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580125.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580125.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580125.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

SIMATIC eaSie contains multiple vulnerabilities that could allow an attacker to send arbitrary messages to the underlying message passing framework of the affected system or crash the attached application.

\n

Siemens has released an update for the SIMATIC eaSie Core Package and recommends to update to the latest version.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-580125.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-580693", "title": "WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580693.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580693.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-580693.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

WIBU Systems published information about a denial-of-service vulnerability and an associated fix release version of CodeMeter Runtime,\na product provided by WIBU Systems and used in several Siemens products for license management.

\n

The vulnerability is described in the section \"Vulnerability Classification\" below and got assigned the CVE ID CVE-2021-41057.\nSuccessful exploitation of this vulnerability could allow an attacker to crash the CodeMeter Runtime Server (i.e., CodeMeter.exe), which could cause a denial-of-service condition for the affected Siemens product.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-580693.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-629512", "title": "Local Privilege Escalation Vulnerability in TIA Portal", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629512.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629512.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-629512.json.asc" } ], "published": "2020-01-14T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

The latest updates for TIA Portal fix a vulnerability that could allow\na local attacker to execute arbitrary code with SYSTEM privileges.

\n

Update: The previously provided fixes only correctly set the permissions on English Windows versions.

\n

Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-629512.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-661034", "title": "Incorrect Permission Assignment in Multiple SIMATIC Software Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661034.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661034.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661034.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Multiple SIMATIC software products are affected by a vulnerability\nthat could allow an attacker to change the content of certain\nmetafiles and subsequently manipulate parameters or behaviour\nof devices configured by the affected software products.

\n

Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-661034.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-661247", "title": "Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661247.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661247.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-661247.json.asc" } ], "published": "2021-12-13T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as \"Log4Shell\".

\n

On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) was published rendering the initial mitigations and fix in version 2.15.0 as incomplete under certain non-default configurations. Log4j versions 2.16.0 and 2.12.2 are supposed to fix both vulnerabilities.

\n

On 2021-12-17, CVE-2021-45046 was reclassified with an increased CVSS base score (from 3.7 to 9.0). The potential impact of CVE-2021-45046 now includes - besides denial of service - also information disclosure and local (and potential remote) code execution.

\n

Siemens is currently investigating to determine which products are affected and is continuously updating this advisory as more information becomes available. See section Additional Information for more details regarding the investigation status.

\n

Note: two additional vulnerabilities were published for Apache Log4j, the impact of which are documented in SSA-501673: https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf (CVE-2021-45105) and SSA-784507: https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf (CVE-2021-44832).

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-661247.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-669737", "title": "Improper Access Control Vulnerability in SICAM TOOLBOX II", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-669737.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-669737.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-669737.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

SICAM TOOLBOX II contains a vulnerability that could allow an attacker access through a circumventable access control.

\n

Siemens recommends countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-669737.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-732250", "title": "Libcurl Vulnerabilities in Industrial Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-732250.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-732250.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-732250.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Vulnerabilities in third-party component cURL could allow an attacker to interfere with the affected products in various ways.

\n

Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-732250.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-759952", "title": "Command Injection and Denial of Service Vulnerability in Teamcenter", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-759952.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-759952.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-759952.json.asc" } ], "published": "2022-08-09T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Teamcenter is affected by two security vulnerabilities in the File Service Cache service that could lead to command injection and denial of service issues.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-759952.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-789162", "title": "Vulnerabilities in Teamcenter", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789162.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789162.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789162.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Teamcenter is affected by XML External Entity Injection (XXE, CVE-2022-29801) and a stack based buffer overflow vulnerability (CVE-2022-24290). XXE impacts only Teamcenter versions before V13.1.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-789162.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-829738", "title": "Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-829738.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-829738.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-829738.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Siemens Teamcenter Visualization and JT2Go are affected by an out of bounds write vulnerability in APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-829738.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-841348", "title": "Multiple Vulnerabilities in the UMC Component", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-841348.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-841348.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-841348.json.asc" } ], "published": "2020-07-14T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

The products listed below contain two security vulnerabilities in the UMC component that could allow an attacker to cause a partial denial-of-service of the UMC component, or to locally escalate privileges from a user with administrative privileges to execute code with SYSTEM level privileges.

\n

Siemens has released updates for several affected products and recommends to update to the latest versions.\nSiemens recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-841348.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-914168", "title": "Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914168.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914168.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-914168.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2022-08-09T00:00:00Z", "summary": { "content": "

Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow attackers to retrieve and brute force password hashes and access other systems.

\n

Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-914168.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-348662", "title": "Multiple Vulnerabilities in SIMATIC MV500 Devices before V3.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-348662.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-348662.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-348662.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

SIMATIC MV500 devices before V3.3 are affected by multiple vulnerabilities that could allow attackers to hijack other users' web based management sessions (CVE-2022-33137) or access data on the device without prior authentication (CVE-2022-33138).

\n

Siemens has released an update for the SIMATIC MV500 devices and recommends to update to the latest version. Note that the update also contains additional fixes for vulnerabilities documented in Siemens Security Advisory SSA-712929.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-348662.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-414513", "title": "Information Disclosure Vulnerability in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-414513.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-414513.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-414513.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

An information disclosure vulnerability in Mendix applications was discovered. The vulnerability could allow to read sensitive data.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-414513.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-433782", "title": "Improper Access Control Vulnerability in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-433782.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-433782.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-433782.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

An improper access control vulnerability in Mendix applications was discovered. In case of access to an active user session, the vulnerability could allow to change that user\u2019s password bypassing password validations within a Mendix application.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-433782.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-439148", "title": "File Parsing Vulnerabilities in PADS Standard/Plus Viewer", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-439148.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-439148.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-439148.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

Siemens PADS Standard/Plus Viewer is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads files in PCB format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process

\n

Siemens recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-439148.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-474231", "title": "File Parsing Vulnerability in Simcenter Femap before V2022.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-474231.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-474231.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-474231.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

Siemens Simcenter Femap versions before V2022.2 are affected by an out of bounds write vulnerability that could be triggered when the application reads files in X_T format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.

\n

Siemens has released an update for the Simcenter Femap and recommends to update to the latest version.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-474231.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-491621", "title": "Denial of Service Vulnerability in CPC80 Firmware of SICAM A8000 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-491621.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-491621.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-491621.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

A vulnerability was identified in the CPC80 firmware of SICAM A8000 devices. It could allow an unauthenticated remote attacker to cause a permanent denial of service condition.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-491621.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-492173", "title": "Expression Injection Vulnerability in Mendix Applications", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-492173.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-492173.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-492173.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

An expression injection vulnerability was discovered in the Workflow processing of Mendix Runtime, that can affect the running applications. The vulnerability could allow a malicious user to leak sensitive information if the Workflow visual language of Mendix is used.

\n

Mendix has released updates for the affected product lines, recommends to update to the latest versions and to redeploy the applications.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-492173.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-557804", "title": "Mirror Port Isolation Vulnerability in SCALANCE X Switches", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-557804.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-557804.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-557804.json.asc" } ], "published": "2019-03-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

A vulnerability was identified in several SCALANCE X switches that could \nallow an attacker to feed information into a network via the mirror port \nwith the monitor barrier feature enabled.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-557804.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-599506", "title": "Command Injection Vulnerability in RUGGEDCOM ROX", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599506.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599506.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-599506.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

RUGGEDCOM ROX devices are affected by a command injection vulnerability that could allow an attacker with administrative privileges to gain root access.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-599506.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-610768", "title": "XML Entity Expansion Injection Vulnerability in Mendix Excel Importer Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-610768.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-610768.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-610768.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

The latest update of Mendix Excel Importer module fixes an XML Entity Expansion Injection vulnerability.

\n

Mendix has released an update for the Mendix Excel Importer module and recommends to update to the latest version.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-610768.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-711829", "title": "Denial of Service Vulnerability in TIA Administrator", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-711829.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-711829.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-711829.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

In conjunction with the installation of the affected products listed in the table below, a vulnerability in TIA Administrator occurs that could allow an unauthenticated attacker to perform a denial of service attack.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-711829.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-865333", "title": "Memory Corruption Vulnerability in EN100 Ethernet Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-865333.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-865333.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-865333.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

EN100 Ethernet module is affected by memory corruption vulnerability (CVE-2022-30938).

\n

Siemens has released an update for the EN100 Ethernet module IEC 61850 variant and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-865333.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-910883", "title": "DHCP Client Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-910883.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-910883.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-910883.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

Several models of SINAMICS PERFECT HARMONY GH180 Drives are affected by a DHCP client vulnerability (CVE-2021-29998) in the integrated SCALANCE X206-1 device. The vulnerability could allow an attacker to cause a heap-based buffer overflow on that device and use it to get access to the drive's internal network.

\n

The list of affected drive models can be found in the section \"Additional Information\" below.

\n

Recently manufactured drives are no longer affected. For older drives, Siemens provides detailed remediation advise via customer support.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-910883.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-944952", "title": "Authentication Bypass Vulnerability in Opcenter Quality", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-944952.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-944952.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-944952.json.asc" } ], "published": "2022-07-12T00:00:00Z", "updated": "2022-07-12T00:00:00Z", "summary": { "content": "

Siemens has released updates for Opcenter Quality to fix an authentication bypass vulnerability. This could allow unauthenticated access to the application or cause denial of service condition for existing users. The issue is based on rich client modules using IbsGailWrapper-interface. After issuing the record the authentication bypass vulnerability could take place on all modules.

\n

Siemens has released updates for the affected products and recommends to update to the latest versions.

" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-944952.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-111512", "title": "Client-side Authentication in SIMATIC WinCC OA", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-111512.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-111512.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-111512.json.asc" } ], "published": "2022-06-21T00:00:00Z", "updated": "2022-06-21T00:00:00Z", "summary": { "content": "SIMATIC WinCC OA implements client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.\n\nSiemens recommends to enable server-side authentication (SSA) or Kerberos authentication for all WinCC OA projects, as documented in the WinCC OA Security Guideline. In SIMATIC WinCC OA server-side authentication is available since V3.15 (and offered as the default configuration since V3.17). Additional information can be found at: ." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-111512.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-145224", "title": "Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145224.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145224.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145224.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "SCALANCE XM-400 and XR-500 devices contain a vulnerability in the OSPF protocol implementation that could allow an \nunauthenticated remote attacker to cause interruptions in the network.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-145224.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-148078", "title": "Multiple Vulnerabilities in APOGEE/TALON Field Panels", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-148078.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-148078.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-148078.json.asc" } ], "published": "2017-10-12T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "Multiple vulnerabilities in the APOGEE PXC and TALON TC series of products could allow unauthenticated attackers to download sensitive information through the integrated webserver.\r\n\r\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-148078.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-222547", "title": "Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222547.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222547.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-222547.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "Multiple vulnerabilities in the third-party components CivetWeb, Docker, Linux Kernel and systemd could allow an attacker to impact SCALANCE LPE9403 confidentiality, integrity and availability.\n\nSiemens has released an update for the SCALANCE LPE9403 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-222547.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-301589", "title": "Multiple File Parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-301589.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-301589.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-301589.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "Siemens has released updates for JT2Go, Solid Edge and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as PDF, DXF or PAR) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\n\nSiemens has released updates for some of the affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-301589.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-330556", "title": "PwnKit Vulnerability in SCALANCE LPE9403 and SINUMERIK Edge Products (CVE-2021-4034)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-330556.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-330556.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-330556.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "The products listed below contain a local privilege escalation vulnerability (CVE-2021-4034) found on polkit's pkexec utility, that could allow an unprivileged user to gain administrative rights.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-330556.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-388239", "title": "Default Password Leakage affecting the Component Shared HIS used in Spectrum Power Systems", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-388239.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-388239.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-388239.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "Siemens has been made aware of a default password leakage in the internet affecting the component Shared HIS (SHHIS) used in Spectrum Power systems.\n\nThe products listed below are affected by this default password leakage. This could allow an attacker to access the component Shared HIS of those products with administrative privileges by using an account with default credentials.\n\nSiemens offers configuration recommendations for the affected products in order to\nmitigate the issue." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-388239.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-401167", "title": "Cross-site scripting Vulnerability in Teamcenter Active Workspace", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-401167.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-401167.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-401167.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "Teamcenter Active Workspace is affected by a cross site scripting vulnerability. \nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-401167.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-535997", "title": "Cleartext Storage of Sensitive Information in Multiple SIMATIC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535997.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535997.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535997.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "A cleartext vulnerability was found in the SIMATIC communication processors CP 1543-1 and CP 1545-1 that could allow an attacker to read sensitive information.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-535997.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-626968", "title": "Multiple Webserver Vulnerabilities in Desigo PXC and DXR Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626968.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626968.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-626968.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "Desigo PXC3, PXC4, PXC5 and DXR2 devices contain multiple vulnerabilities in the webserver application that could allow an attacker to potentially intercept unencrypted transmission of sensitive information, cause a denial of service condition, or perform remote code execution.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-626968.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-662649", "title": "Denial of Service Vulnerability in Desigo DXR and PXC Controllers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-662649.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-662649.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-662649.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "A vulnerability in Desigo DXR and PXC controllers has been identified that could allow an attacker to disable and reset a device to factory state using a denial of service attack.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-662649.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-679335", "title": "Multiple Vulnerabilities in Embedded FTP Server of SIMATIC CP Modules", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-679335.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-679335.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-679335.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "SIMATIC CP 1543-1 and CP 1545-1 devices are affected by multiple vulnerabilities in ProFTPD, a third party \r\ncomponent, that could allow a remote attacker to access sensitive information and execute arbitrary code.\r\n\r\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-679335.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-693555", "title": "Memory Corruption Vulnerability in EN100 Ethernet Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693555.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693555.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-693555.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "EN100 Ethernet module is affected by memory corruption vulnerability (CVE-2022-30937). \n\nSiemens has released an update for the EN100 Ethernet module IEC 61850 variant and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-693555.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-740594", "title": "Privilege Escalation Vulnerability in Mendix SAML Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-740594.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-740594.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-740594.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "The latest updates of Mendix the SAML module fixes two vulnerabilities. One is an XML External Entity (XXE) attack that could allow an attacker to potentially disclose confidential data under certain circumstances the other is an Cross Site Scripting (XSS) attack allowing to execute malicious code by tricking users into accessing a malicious link .\n\nMendix has released an update for the Mendix SAML module and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-740594.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-911567", "title": "Missing HTTP headers in SINEMA Remote Connect Server before V3.0 SP2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-911567.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-911567.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-911567.json.asc" } ], "published": "2022-06-14T00:00:00Z", "updated": "2022-06-14T00:00:00Z", "summary": { "content": "SINEMA Remote Connect Server is missing HTTP security headers on the web server. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.\n \nSiemens has released an update for the SINEMA Remote Connect Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-911567.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-114589", "title": "Multiple Vulnerabilities in Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-114589.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-114589.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-114589.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "Multiple vulnerabilities (also known as \"NUCLEUS:13\") have been identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-044112: .\n\nThe products listed below use affected versions of the Nucleus software and inherently contain these vulnerabilities.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-114589.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-162616", "title": "File Parsing Vulnerabilities in Simcenter Femap before V2022.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162616.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162616.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-162616.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap versions before V2022.2 are affected by an out of bounds write vulnerability that could be triggered when the application reads files in .NEU format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.\n\nSiemens recommends to update to the latest version line of Simcenter Femap and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-162616.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-165073", "title": "Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-165073.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-165073.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-165073.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "Multiple vulnerabilities were identified in the webserver of SICAM P850 and SICAM P855 devices. These include unauthenticated access to web-interface functionality, missing HTTPS or impersonation as well as cross-site scripting related vulnerabilities. \n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-165073.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-480937", "title": "Denial of Service Vulnerability in CP 44x-1 RNA before V1.5.18", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480937.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480937.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-480937.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "Siemens has released a new version for the communication processor modules CP 44x-1 RNA that fixes a vulnerability that could allow an attacker to cause a denial of service condition.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-480937.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-553086", "title": "Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-553086.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-553086.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-553086.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "Siemens has released updates for JT2Go and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as CGM, TIFF or TG4) with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\n\nSiemens has released updates for some of the affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-553086.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-560465", "title": "DHCP Client Vulnerability in VxWorks-based Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-560465.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-560465.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-560465.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "Various industry products are affected by a DHCP client vulnerability in Wind River VxWorks, \nthat could allow an attacker to cause a heap-based buffer overflow.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-560465.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-736385", "title": "Memory Corruption Vulnerability in OpenV2G", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-736385.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-736385.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-736385.json.asc" } ], "published": "2022-05-10T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "The open source software OpenV2G contains a buffer overflow vulnerability that could allow an attacker to trigger a memory corruption. \n\nSiemens has released an update for the OpenV2G and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-736385.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-756638", "title": "Vulnerabilities in Third-Party Component Mbed TLS of LOGO! CMR Family and SIMATIC RTU 3000 Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-756638.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-756638.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-756638.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "Devices of the LOGO! CMR family and the SIMATIC RTU 3000 family are affected by several vulnerabilities in the third party component Mbed TLS. They could allow an attacker with access to any of the interfaces of an affected device to impact the availability or to communicate with invalid certificates.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-756638.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-787292", "title": "Denial of Service Vulnerability in SIMATIC RFID Readers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787292.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787292.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-787292.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2022-05-10T00:00:00Z", "summary": { "content": "The latest updates for SIMATIC RF products fix a vulnerability that could allow an unauthorized\nattacker to crash the OPC UA service of the affected devices.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-787292.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-273799", "title": "Message Integrity Protection Bypass Vulnerability in SIMATIC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-273799.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-273799.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-273799.json.asc" } ], "published": "2019-12-10T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "A message integrity protection bypass vulnerability has been identified in several SIMATIC products. The\nvulnerability could allow an attacker in a Man-in-the-Middle position to\nmodify network traffic exchanged on port 102/tcp to PLCs of the SIMATIC \nS7-1200, SIMATIC S7-1500 and SIMATIC SoftwareController CPU families.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-273799.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-316850", "title": "Unauthenticated File Access in SICAM A8000 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-316850.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-316850.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-316850.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "SICAM A8000 CP-8050 and CP-8031 devices contain vulnerabilities that could allow an attacker to access files without authentication.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-316850.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-348629", "title": "Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional and SIMATIC NET PC Software", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-348629.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-348629.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-348629.json.asc" } ], "published": "2018-03-27T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "A Denial-of-Service vulnerability has been identified in SIMATIC PCS 7,\nSIMATIC WinCC, SIMATIC WinCC Runtime Professional and SIMATIC NET\nPC-Software.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-348629.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-350757", "title": "Improper Access Control Vulnerability in TIA Portal Affecting S7-1200 and S7-1500 CPUs Web Server (Incl. Related ET200 CPUs and SIPLUS variants)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-350757.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-350757.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-350757.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "An attacker could achieve privilege escalation on the web server of certain devices configured by SIMATIC STEP 7 (TIA Portal) due to incorrect handling of the webserver's user management configuration during downloading. This only affects the S7-1200 and S7-1500 CPUs' (incl. related ET200 CPUs and SIPLUS variants) web server, when activated.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-350757.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-392912", "title": "Multiple Denial Of Service Vulnerabilities in SCALANCE W1700 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-392912.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-392912.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-392912.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "Vulnerabilities have been identified in devices of the SCALANCE W-1700 (11ac) family that could allow an attacker to cause various denial of service conditions.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-392912.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-535640", "title": "Vulnerability in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535640.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535640.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535640.json.asc" } ], "published": "2017-08-30T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "Various industrial products use the Discovery Service of the OPC UA protocol stack by the OPC foundation \n and could therefore be affected by the remote resource \nconsumption attacks (CVE-2017-12069)." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-535640.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-562051", "title": "Cross-Site Scripting Vulnerability in Polarion ALM", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-562051.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-562051.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-562051.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "The Subversion Webclient in Polarion ALM contains a cross-site scripting vulnerability, that could be triggered by an attacker by sending crafted links to an administrator user of Polarion ALM. \n\nSiemens has released an update for the Subversion Webclient in Polarion ALM and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-562051.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-655554", "title": "Multiple Vulnerabilities in SIMATIC Energy Manager before V7.3 Update 1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-655554.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-655554.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-655554.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "SIMATIC Energy Manager is affected by multiple vulnerabilities that could allow an attacker to gain local privilege escalation, local code execution or remote code execution.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-655554.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-672373", "title": "Vulnerabilities in CP 1543-1 before V2.0.28", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-672373.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-672373.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-672373.json.asc" } ], "published": "2016-11-18T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "SIMATIC CP 1543-1 devices before V2.0.28 contain two vulnerabilities that could allow authorized users to escalate their privileges on the CP or create a denial of service condition.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-672373.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-836527", "title": "Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836527.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836527.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-836527.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "Several SCALANCE X-300 switches contain multiple vulnerabilities. An unauthenticated attacker could reboot, cause denial of service conditions and potentially impact the system by other means through heap and buffer overflow vulnerabilities.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-836527.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-870917", "title": "Improper Access Control Vulnerability in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-870917.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-870917.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-870917.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "When querying the database, it is possible to sort the results using a protected field. With this an authenticated attacker could extract information about the contents of a protected field.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-870917.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-995338", "title": "Multiple Vulnerabilities in COMOS Web", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-995338.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-995338.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-995338.json.asc" } ], "published": "2022-01-11T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "Multiple vulnerabilities were identified in the web components of COMOS that could allow an attacker to conduct code injections, store data in undesired locations, execute arbitrary SQL statements, and run cross-site request forgery attacks.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-995338.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-998762", "title": "File Parsing Vulnerabilities in Simcenter Femap before V2022.1.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-998762.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-998762.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-998762.json.asc" } ], "published": "2022-04-12T00:00:00Z", "updated": "2022-04-12T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap versions before V2022.1.2 are affected by vulnerabilities that could be triggered when the application reads files in .NEU format.\nIf a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform remote code execution in the context of the current process.\n\nSiemens recommends to update to the latest version line of Simcenter Femap and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-998762.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-134279", "title": "Vulnerability in Mendix Forgot Password Appstore module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-134279.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-134279.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-134279.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Mendix Forgot Password Appstore module contains two vulnerabilities that could allow unauthorized users to take over accounts. \n\nMendix has released an update for the Mendix Forgot Password Appstore module and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-134279.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-155599", "title": "File Parsing Vulnerabilities in COMOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-155599.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-155599.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-155599.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "COMOS uses Drawings SDK from Open Design Alliance that is affected by multiple vulnerabilities that could be triggered when the application reads files in DGN, DXF or DWG file formats. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform remote code execution in the context of the current process. \n\nSiemens has released an update for the COMOS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-155599.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-166747", "title": "Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer before V2022.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-166747.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-166747.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-166747.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Siemens Simcenter STAR-CCM+ Viewer is affected by a memory corruption vulnerability that could be triggered when the application reads scene (.sce) files.\nIf a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system. \n\nSiemens has released an update for Simcenter STAR-CCM+ Viewer and recommends to update to the latest version to fix the vulnerability. Siemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-166747.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-223353", "title": "Multiple Vulnerabilities in Nucleus RTOS based SIMOTICS CONNECT 400", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-223353.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-223353.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-223353.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Multiple vulnerabilities (also known as \u201cNUCLEUS:13\u201d) have been identified in the Nucleus RTOS (real-time operating system), originally reported in the Siemens Security Advisory SSA-044112: . \n\nSIMOTICS CONNECT 400 devices are affected by some of the vulnerabilities as documented below.\n\nSiemens has released an update for the SIMOTICS CONNECT 400 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-223353.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-252466", "title": "Multiple Vulnerabilities in Climatix POL909 (AWM and AWB)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-252466.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-252466.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-252466.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Multiple vulnerabilities have been identified in the Climatix POL909 (AWM and AWB) that could allow an unauthenticated attacker to hijack and redirect users to a malicious webpage, or allow an authenticated attacker to access sensitive files. \n\nSiemens has released an update for the Climatix POL909 (AWM and AWB) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-252466.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-337210", "title": "Privilege Escalation Vulnerability in SINUMERIK MC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-337210.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-337210.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-337210.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "The NC plug-in card in SINUMERIK MC contains a privilege escalation vulnerability that could allow local attackers to escalate their privileges to root. This allows full access to the device, including read and modifying G code. \n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-337210.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-389290", "title": "Third-Party Component Vulnerabilities in SINEC INS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-389290.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-389290.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-389290.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "71 vulnerabilities in third-party components as Node.js, cURL, SQLite, CivetWeb and DNS(ISC BIND) could allow an attacker to interfere with the affected product in various ways. \n\nSiemens has released an update for SINEC INS and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-389290.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-406691", "title": "Buffer Vulnerabilities in DHCP function of RUGGEDCOM ROX products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-406691.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-406691.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-406691.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "A vulnerability in the RUGGEDCOM ROX devices' third party component, ISC DHCP, could allow an attacker to cause a buffer overrun due to a bug when reading a stored DHCP lease containing certain option information, eventually leading to a denial-of-service condition, or cause a remote-code execution.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-406691.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-415938", "title": "Improper Access Control Vulnerability in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-415938.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-415938.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-415938.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "A vulnerability in Mendix Studio Pro was discovered, that, if acted upon by a malicious user, could allow to retrieve the status of a job run by another user in certain cases.\n\nMendix has released updates for the affected product lines, recommends to update to the latest versions and to redeploy the applications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-415938.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-501073", "title": "Vulnerabilities in Controllers CPU 1518 MFP using Intel CPUs (November 2020)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501073.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501073.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501073.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Intel has published information on vulnerabilities in Intel products in [November 2020]().\nThis advisory lists the Siemens Controllers that are affected by these vulnerabilities.\n\nIn this advisory we take a representative CVE from each advisory:\n\n- \u201cIntel CSME, SPS, TXE, AMT and DAL Advisory\u201d Intel-SA-00391 is represented by CVE-2020-8744\n\n- \u201cBIOS Advisory\u201d Intel-SA-00358 is represented by CVE-2020-0591.\n\nSiemens is currently working on BIOS updates that include chipset microcode\nupdates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-501073.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-534763", "title": "Special Register Buffer Data Sampling (SRBDS) aka Crosstalk in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-534763.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-534763.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-534763.json.asc" } ], "published": "2020-09-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Security researchers published information on a vulnerability known as Crosstalk ([INTEL-SA-00320](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html)).\nThis vulnerability affects modern Intel processors to a varying degree.\n\n\nSeveral Siemens Industrial Products contain processors that are affected by\nthe vulnerability.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-534763.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-541018", "title": "Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SENTRON PAC / 3VA Devices (Part 2)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541018.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541018.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541018.json.asc" } ], "published": "2021-03-09T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Security researchers discovered and disclosed 33 vulnerabilities in several open-source TCP/IP stacks for embedded devices, also known as \"AMNESIA:33\" vulnerabilities.\n\nThis advisory describes the impact of two of these vulnerabilities (CVE-2020-13987, CVE-2020-17437) to Siemens products.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not available.\n\nThe impact of another \"AMNESIA:33\" vulnerability (CVE-2020-13988) is described in [Siemens Security Advisory SSA-541017](https://cert-portal.siemens.com/productcert/pdf/ssa-541017.pdf)." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-541018.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-594438", "title": "Remote Code Execution and Denial-of-Service Vulnerability in multiple RUGGEDCOM ROX products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594438.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594438.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594438.json.asc" } ], "published": "2022-03-08T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "A vulnerability in the RUGGEDCOM ROX devices' third party component, NSS, could allow an attacker to remotely execute code or cause a denial-of-service condition due to the way it verifies security certificates.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-594438.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-669158", "title": "DNS Client Vulnerabilities in SIMOTICS CONNECT 400", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-669158.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-669158.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-669158.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "SIMOTICS CONNECT 400 is affected by DNS Client vulnerabilities as initially \nreported in Siemens Security Advisory SSA-705111 () for the DNS Module in Nucleus RTOS.\n\nSiemens has released updates for the SIMOTICS CONNECT 400 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-669158.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-703715", "title": "Information Disclosure Vulnerability in Climatix POL909 (AWM and AWB)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-703715.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-703715.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-703715.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2022-03-08T00:00:00Z", "summary": { "content": "Climatix POL909 (AWM and AWB) contains an information disclosure vulnerability that could allow a man-in-the-middle attacker to read sensitive data, such as administrator credentials, or modify data in transit.\n\nSiemens has released an update for Climatix POL909 (AWM and AWB) and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-703715.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-455843", "title": "WIBU Systems CodeMeter Runtime Vulnerabilities in Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-455843.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-455843.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-455843.json.asc" } ], "published": "2020-09-08T00:00:00Z", "updated": "2022-02-17T00:00:00Z", "summary": { "content": "CISA and WIBU Systems disclosed six vulnerabilities in different versions of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management.\n\nThe vulnerabilities are described in the section \"Vulnerability Classification\" below and got assigned the CVE IDs CVE-2020-14509, CVE-2020-14513, CVE-2020-14515, CVE-2020-14517, CVE-2020-14519, and CVE-2020-16233.\nSuccessful exploitation of these vulnerabilities could allow an attacker to alter and forge a license file, cause a denial-of-service condition, attain remote code execution, or prevent normal operation of the Siemens software that depends on CodeMeter Runtime.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions.\nSiemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-455843.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-949188", "title": "File Parsing Vulnerabilities in Simcenter Femap before V2022.1.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-949188.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-949188.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-949188.json.asc" } ], "published": "2022-02-17T00:00:00Z", "updated": "2022-02-17T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap versions before V2022.1.1 are affected by vulnerabilities that could be triggered when the application reads files in .NEU or .BDF format.\nIf a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform remote code execution in the context of the current process.\n\nSiemens recommends to update to the latest version line of Simcenter Femap and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-949188.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-100232", "title": "Denial-of-Service vulnerability in SCALANCE X Switches", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-100232.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-100232.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-100232.json.asc" } ], "published": "2019-08-13T00:00:00Z", "updated": "2022-02-08T00:00:00Z", "summary": { "content": "A vulnerability in several SCALANCE X devices could allow an unauthenticated\nattacker with network access to an affected device to perform a denial-of-service.\n\nSiemens has released an update for SCALANCE X-200IRT and recommends to update to the latest version.\nSiemens recommends specific countermeasures for products where updates are not, or not yet available.\n" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-100232.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-211752", "title": "Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-211752.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-211752.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-211752.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2022-02-08T00:00:00Z", "summary": { "content": "All versions of the SIMATIC CP 443-1 OPC UA contain multiple vulnerabilities in the underlying third party component NTP.\n\nSiemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-211752.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-316383", "title": "NumberJack Vulnerability in LOGO! CMR and SIMATIC RTU 3000 devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-316383.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-316383.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-316383.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2022-02-08T00:00:00Z", "summary": { "content": "A vulnerability has been identified in the underlying TCP/IP stack of LOGO! CMR and SIMATIC RTU 3000 devices. It could allow an attacker with network access to the LAN interface of an affected device to hijack an ongoing connection or spoof a new one. The WAN interface, however, is not affected.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-316383.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-609880", "title": "File Parsing Vulnerabilities in Simcenter Femap before V2022.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-609880.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-609880.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-609880.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2022-02-08T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap is affected by multiple vulnerabilities that could be triggered when the application reads files in .NEU format.\nIf a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or potentially perform remote code execution in the context of the current process.\n\nSiemens recommends to update to the latest version line of Simcenter Femap and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-609880.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-654775", "title": "Open Redirect Vulnerability in SINEMA Remote Connect Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-654775.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-654775.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-654775.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2022-02-08T00:00:00Z", "summary": { "content": "An open redirect vulnerability in SINEMA Remote Connect Server could allow an attacker to steal logon credentials with a specially crafted malicious link.\n\nSiemens has released software update for the SINEMA Remote Connect Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-654775.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-675303", "title": "WIBU Systems CodeMeter Runtime Vulnerabilities in Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-675303.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-675303.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-675303.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2022-02-08T00:00:00Z", "summary": { "content": "WIBU Systems published information about two vulnerabilities and an associated fix release version of CodeMeter Runtime,\na product provided by WIBU Systems and used in several Siemens products for license management.\n\nThe vulnerabilities are described in the section \"Vulnerability Classification\" below and got assigned the CVE IDs CVE-2021-20093 and CVE-2021-20094.\nSuccessful exploitation of these vulnerabilities could allow an attacker to read data from the heap of the CodeMeter Runtime network server, or crash the CodeMeter Runtime Server (i.e., CodeMeter.exe).\n\nSiemens has released updates for several affected products and recommends to update to the latest versions.\nSiemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-675303.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-831168", "title": "Cross-Site Scripting Vulnerability in Spectrum Power 4", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-831168.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-831168.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-831168.json.asc" } ], "published": "2022-02-08T00:00:00Z", "updated": "2022-02-08T00:00:00Z", "summary": { "content": "A Cross-Site Scripting (XSS) vulnerability is found in the integrated web application \"Online Help\" of Spectrum Power 4.\n\nSiemens has released an update for the Spectrum Power 4 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-831168.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-173318", "title": "Unquoted Search Path Vulnerability in SICAM PQ Analyzer", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173318.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173318.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173318.json.asc" } ], "published": "2022-01-11T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "SICAM PQ Analyzer uses an unquoted registry entry and is thus vulnerable to an unquoted search path vulnerability.\n\nSiemens has released an update for the SICAM PQ Analyzer and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-173318.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-185699", "title": "Out of Bounds Write Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-185699.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-185699.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-185699.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as \u201cNAME:WRECK\u201d vulnerabilities. The vulnerabilities described in this advisory are from this set.\n\nThe DNS client of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains two out of bounds write vulnerabilities in the handling of DNS responses that could allow an attacker to cause a denial-of-service condition or to remotely execute code.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions.\nSiemens recommends specific countermeasures for products where updates are not available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-185699.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-201384", "title": "Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201384.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201384.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-201384.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as \u201cNAME:WRECK\u201d vulnerabilities. The vulnerability described in this advisory is from this set.\n\nThe DNS client of of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability related to the handling of UDP port numbers in DNS requests that could allow an attacker to poison the DNS cache or spoof DNS resolving.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions.\nSiemens recommends specific countermeasures for products where updates are not available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-201384.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-324998", "title": "Multiple Vulnerabilities in SICAM A8000", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-324998.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-324998.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-324998.json.asc" } ], "published": "2022-01-11T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "SICAM A8000 devices are impacted by two vulnerabilities. The first one could allow a privileged user to enable a debug port with default credentials. The second vulnerability could allow unauthenticated access to certain previously created log files.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-324998.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-439673", "title": "Information Disclosure Vulnerability in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-439673.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-439673.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-439673.json.asc" } ], "published": "2022-01-11T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "An information disclosure vulnerability in SIPROTEC 5 products could allow an unauthenticated attacker to read device information. \n\nOnly devices with the hardware variants CP050, CP100 and CP300 are affected. The DIGSI engineering tool can be used to identify the hardware version of your devices.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-439673.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-705111", "title": "Multiple Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-705111.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-705111.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-705111.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as \u201cNAME:WRECK\u201d vulnerabilities. The vulnerabilities described in this advisory are from this set.\n\nThe DNS client of affected products contains multiple vulnerabilities related to the handling of DNS responses and requests.\nThe most severe could allow an attacker to manipulate the DNS responses and cause a denial-of-service condition.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-705111.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-766247", "title": "Authentication Vulnerability in SIMATIC Process Historian", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-766247.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-766247.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-766247.json.asc" } ], "published": "2021-10-12T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "The latest update for SIMATIC Process Historian (PH) fixes\nan authentication vulnerability in the configuration interface \nof redundant PH instances that could enable the execution\nof admin operations on the database.\n\nThe related vulnerable interface is restricted to local access on\nrecent versions starting from SIMATIC Process Historian 2020.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-766247.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-789208", "title": "Multiple Vulnerabilities (INFRA:HALT) in Interniche IP-Stack based Low Voltage Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789208.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789208.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-789208.json.asc" } ], "published": "2021-08-04T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "Security researchers discovered and disclosed 14 vulnerabilities in the Interniche IP stack, also known as \"INFRA:HALT\" vulnerabilities [0].\nThis advisory describes the impact to Siemens low voltage products, which are only affected by four out of the 14 vulnerabilities.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.\n\n[0] [https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/](https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/)" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-789208.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-845392", "title": "Multiple Vulnerabilities in Nucleus RTOS based Siemens Energy PLUSCONTROL 1st Gen Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-845392.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-845392.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-845392.json.asc" } ], "published": "2022-01-11T00:00:00Z", "updated": "2022-01-11T00:00:00Z", "summary": { "content": "Multiple vulnerabilities (also known as \"NUCLEUS:13\") have been identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-044112: .\n\nPLUSCONTROL 1st Gen devices are affected by some of the vulnerabilities as documented below.\n\nSiemens Energy recommends specific countermeasures for products where updates are not available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-845392.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-784507", "title": "Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784507.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784507.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-784507.json.asc" } ], "published": "2021-12-28T00:00:00Z", "updated": "2021-12-28T00:00:00Z", "summary": { "content": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) contain a vulnerability (CVE-2021-44832) that could allow an attacker with permission to modify the logging configuration file to execute arbitrary code, when the JDBC Appender is used [1].\n\nThis advisory informs about the impact of CVE-2021-44832 to Siemens products and the corresponding remediation and mitigation measures.\nThe vulnerability is different from other JNDI lookup vulnerabilities, the impact of which is documented in SSA-661247 [2].\n\nCurrently, no products vulnerable to CVE-2021-44832 have been identified.\n\nSiemens is investigating to determine which products are affected and is continuously updating this advisory as more information becomes available. See section Additional Information for more details regarding the investigation status.\n\n[1] \n\n[2] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-784507.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-479842", "title": "Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platform, Basic and Advanced)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-479842.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-479842.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-479842.json.asc" } ], "published": "2021-12-21T00:00:00Z", "updated": "2021-12-23T00:00:00Z", "summary": { "content": "On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as \"Log4Shell\".\n\nOn 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) was published rendering the initial mitigations and fix in version 2.15.0 as incomplete under certain non-default configurations. Log4j versions 2.16.0 and 2.12.2 are supposed to fix both vulnerabilities.\n\nOn 2021-12-17, CVE-2021-45046 was reclassified with an increased CVSS base score (from 3.7 to 9.0). The potential impact of CVE-2021-45046 now includes - besides denial of service - also information disclosure and local (and potential remote) code execution. Furthermore, one additional denial of service vulnerability, CVE-2021-45105, was disclosed.\n\nThe Siemens Energy Sensformer / Sensgear cloud service was affected by these vulnerabilities and has remediated them. No user actions are necessary." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-479842.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-397453", "title": "Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Energy TraceAlertServerPLUS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-397453.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-397453.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-397453.json.asc" } ], "published": "2021-12-20T00:00:00Z", "updated": "2021-12-20T00:00:00Z", "summary": { "content": "On 2021-12-09, a vulnerability in Apache Log4j (a logging library used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as \"Log4Shell\".\n\nOn 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) was published rendering the initial mitigations and fix in version 2.15.0 as incomplete under certain non-default configurations. Log4j versions 2.16.0 and 2.12.2 are supposed to fix both vulnerabilities.\n\nOn 2021-12-17, CVE-2021-45046 was reclassified with an increased CVSS base score (from 3.7 to 9.0). The potential impact of CVE-2021-45046 now includes - besides denial of service - also information disclosure and local (and potential remote) code execution.\n\nSiemens Energy is preparing updates and recommends specific countermeasures for TraceAlertServerPLUS." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-397453.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-501673", "title": "Apache Log4j Denial of Service Vulnerability (CVE-2021-45105) - Impact to Siemens Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501673.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501673.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-501673.json.asc" } ], "published": "2021-12-19T00:00:00Z", "updated": "2021-12-19T00:00:00Z", "summary": { "content": "Apache Log4j2 versions 2.0-alpha1 through 2.16.0 contain a vulnerability (CVE-2021-45105) that could allow attackers to cause a denial of service condition in affected applications [1].\n\nThis advisory informs about the impact of CVE-2021-45105 to Siemens products and the corresponding remediation and mitigation measures.\nThe vulnerability is different from the JNDI lookup vulnerabilities, the impact of which is documented in SSA-661247 [2].\n\nCurrently, no products vulnerable to CVE-2021-45105 have been identified.\n\nSiemens is investigating to determine which products are affected and is continuously updating this advisory as more information becomes available. See section Additional Information for more details regarding the investigation status.\n\n[1] \n\n[2] " }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-501673.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-714170", "title": "Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to SPPA-T3000", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-714170.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-714170.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-714170.json.asc" } ], "published": "2021-12-16T00:00:00Z", "updated": "2021-12-16T00:00:00Z", "summary": { "content": "On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as \"Log4Shell\".\n\nOn 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) was published rendering the initial mitigations and fix in version 2.15.0 as incomplete under certain non-default configurations. Log4j versions 2.16.0 and 2.12.2 are supposed to fix both vulnerabilities.\n\nSiemens Energy is preparing updates and recommends specific countermeasures." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-714170.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-044112", "title": "Multiple Vulnerabilities (NUCLEUS:13) in the TCP/IP Stack of Nucleus RTOS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-044112.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-044112.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-044112.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "The TCP/IP stack and related services (FTP, TFTP) of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contain several vulnerabilities, also known as \"NUCLEUS:13\" and as documented below.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-044112.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-133772", "title": "Zip Path Traversal Vulnerability in Teamcenter Active Workspace", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-133772.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-133772.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-133772.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "A zip path traversal vulnerability in Teamcenter Active Workspace could allow an attacker to achieve remote code execution.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-133772.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-160202", "title": "Multiple Access Control Vulnerabilities in SiPass Integrated", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-160202.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-160202.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-160202.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "SiPass integrated contains multiple vulnerabilities that could allow an unauthenticated remote attacker to access or modify several internal application resources.\n\nSiemens has released a tool, \"SiPass integrated Component Manager\", to remediate the vulnerabilities on all maintained and supported versions of SiPass integrated and recommends to apply this tool." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-160202.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-161331", "title": "Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer before V2021.3.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-161331.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-161331.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-161331.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "Siemens Simcenter STAR-CCM+ Viewer is affected by a vulnerability that could be triggered when the application reads scene (.sce) files.\nIf a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system.\n\nSiemens has released an update for Simcenter STAR-CCM+ Viewer and recommends to update to the latest version to fix the vulnerability. Siemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-161331.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-199605", "title": "Arbitrary File Download Vulnerability in SIMATIC eaSie PCS 7 Skill Package", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-199605.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-199605.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-199605.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "SIMATIC eaSie PCS 7 Skill Package contains a path traversal vulnerability that could allow an authenticated remote attacker to read arbitrary files for the application server.\n\nSiemens has released an update for the SIMATIC eaSie PCS 7 Skill Package and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-199605.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-352143", "title": "Multiple File Parsing Vulnerabilities in JTTK before V11.0.3.0 and JT Utilities before V13.0.3.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-352143.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-352143.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-352143.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "JT Open Toolkit (JTTK) before V11.0.3.0 contains multiple vulnerabilities that could be triggered when the affected product reads a maliciously crafted JT file. These vulnerabilities also affects JT Utilities before V13.0.3.0. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-352143.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-390195", "title": "LibVNC Vulnerabilities in SIMATIC ITC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-390195.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-390195.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-390195.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "Multiple LibVNC vulnerabilities in the affected products listed below could\nallow remote code execution, information disclosure and Denial-of-Service attacks under certain conditions.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-390195.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-396621", "title": "Multiple File Parsing Vulnerabilities in JTTK before V10.8.1.1 and JT Utilities before V12.8.1.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-396621.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-396621.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-396621.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "JT Open Toolkit (JTTK) before V10.8.1.1 contains multiple vulnerabilities that could be triggered when it reads a maliciously crafted JT file. These vulnerabilities also affects JT Utilities before V12.8.1.1. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-396621.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-463116", "title": "Multiple Access Control Vulnerabilities in Siveillance Identity before V1.6.284.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-463116.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-463116.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-463116.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "Siveillance Identity contains multiple vulnerabilities that could allow an unauthenticated remote attacker to access or modify several internal application resources.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-463116.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-496292", "title": "Remote Code Execution Vulnerability in POWER METER SICAM Q100", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-496292.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-496292.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-496292.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "POWER METER SICAM Q100 contains a vulnerability that could allow an attacker to remotely execute code.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-496292.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-523250", "title": "Improper Certificate Validation Vulnerability in SINUMERIK Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-523250.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-523250.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-523250.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "A vulnerability was found in SINUMERIK Edge that could allow an attacker to spoof a trusted entity by interfering in the communication path between the client and the intended server.\n\nSiemens has released an update for the SINUMERIK Edge and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-523250.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-595101", "title": "Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.5", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-595101.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-595101.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-595101.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "Siemens has released version V13.2.0.5 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities\nthat could be triggered when the products read maliciously crafted files in different file formats (PDF, JT, TIFF, CGM and TIF). If a user is tricked to open\na malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown\nsources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-595101.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-802578", "title": "Multiple File Parsing Vulnerabilities in JTTK before V11.1.1.0 and JT Utilities before V13.1.1.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-802578.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-802578.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-802578.json.asc" } ], "published": "2021-12-14T00:00:00Z", "updated": "2021-12-14T00:00:00Z", "summary": { "content": "JT Open Toolkit (JTTK) before V11.1.1.0 contains multiple vulnerabilities that could be triggered when it reads a maliciously crafted JT file. These vulnerabilities also affects JT Utilities before V13.1.1.0. If a user is tricked to open a malicious JT file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-802578.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-145157", "title": "Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V2.12", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145157.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145157.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-145157.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-11-09T00:00:00Z", "summary": { "content": "SIMATIC RTLS Locating Manager before V2.12 contains multiple vulnerabilities that could allow an attacker to read sensitive data or trigger a denial-of-service condition of the application service.\n\nSiemens has released an update for the SIMATIC RTLS Locating Manager and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-145157.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-328042", "title": "File Parsing Vulnerabilities in OBJ Translator in NX", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-328042.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-328042.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-328042.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-11-09T00:00:00Z", "summary": { "content": "Siemens NX is affected by two vulnerabilities that could be triggered when the application reads OBJ files. \nIf a user is tricked to open a malicious file with the affected application, this could lead to an access violation, \nand potentially also to arbitrary code execution on the target host system.\n\nSiemens has released updates for the NX and recommends to update to the latest version.\nSiemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-328042.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-338732", "title": "Information Disclosure Vulnerability in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-338732.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-338732.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-338732.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-11-09T00:00:00Z", "summary": { "content": "Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache.\n\nMendix has released updates for the affected product lines, recommends to update to the latest versions and to redeploy the applications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-338732.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-537983", "title": "Local Code Execution Vulnerability in SENTRON powermanager V3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-537983.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-537983.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-537983.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-11-09T00:00:00Z", "summary": { "content": "SENTRON powermanager V3 is affected by a vulnerability that could allow \na local attacker to inject arbitrary code and escalate privileges.\n\nSiemens has released a security patch for SENTRON powermanager V3.6 HF1 and recommends to update to the latest version and apply this patch." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-537983.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-740908", "title": "File Parsing Vulnerabilities in JT Translator in NX", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-740908.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-740908.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-740908.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-11-09T00:00:00Z", "summary": { "content": "Siemens NX is affected by two vulnerabilities that could be triggered when the application reads JT files. \nIf a user is tricked to open a malicious file with the affected application, this could lead to an access violation, \nand potentially also to arbitrary code execution on the target host system.\n\nSiemens has released an update for the NX 1980 Series and recommends to update to the latest version.\nSiemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-740908.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-755517", "title": "Path Traversal Vulnerability in Siveillance Video DLNA Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-755517.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-755517.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-755517.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-11-09T00:00:00Z", "summary": { "content": "Siemens has released hotfixes for Siveillance Video DLNA Server, which fix a path traversal vulnerability that could allow an authenticated remote attacker to access sensitive information on the DLNA server.\n\nSiemens has released updates for the DLNA server and recommends to apply the update on all installations where DLNA server used." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-755517.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-779699", "title": "Two Incorrect Authorization Vulnerabilities in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-779699.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-779699.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-779699.json.asc" } ], "published": "2021-11-09T00:00:00Z", "updated": "2021-11-09T00:00:00Z", "summary": { "content": "Applications built with affected versions of Mendix Studio Pro do not properly control read or write access for certain client actions. This could allow authenticated attackers to manipulate the content of System.FileDocument objects or to retrieve the changedDate attribute of arbitrary objects.\n\nMendix has released updates for the affected product lines, recommends to update to the latest versions and to redeploy the applications." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-779699.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-150692", "title": "SSA-150692: Multiple Vulnerabilities in RUGGEDCOM ROX", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-150692.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-150692.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-150692.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "Multiple vulnerabilities in RUGGEDCOM ROX devices have been detected, ranging from command injection to filesystem traversal. An attacker could exploit these to gain root access to the affected devices.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-150692.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-163251", "title": "SSA-163251: Multiple Vulnerabilities in SINEC NMS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-163251.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-163251.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-163251.json.asc" } ], "published": "2021-10-12T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "The latest update for SINEC NMS fixes multiple vulnerabilities. The most severe could allow an authenticated remote attacker to execute arbitrary code on the system, with system privileges, under certain conditions.\n\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-163251.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-173565", "title": "SSA-173565: Denial-of-Service Vulnerability in RUGGEDCOM ROX Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173565.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173565.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173565.json.asc" } ], "published": "2021-10-12T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "The latest update for RUGGEDCOM ROX devices fixes a vulnerability that could allow an unauthenticated attacker to cause a permanent Denial-of-Service condition under certain conditions.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-173565.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-178380", "title": "SSA-178380: Denial-of-Service Vulnerability in SINUMERIK Controllers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-178380.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-178380.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-178380.json.asc" } ], "published": "2021-10-12T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "A Denial-of-Service vulnerability found in SINUMERIK Controllers could allow an unauthenticated attacker with network access to the affected devices to cause system failure with total loss of availability.\n\nSiemens has released an update for the SINUMERIK 828D and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-178380.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-500748", "title": "SSA-500748: Denial-of-Service Vulnerabilities in SIPROTEC 5 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-500748.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-500748.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-500748.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "The latest update for SIPROTEC 5 family devices fixes a vulnerability in the web interface which could allow unauthorized users to cause a Denial-of-Service situation by sending maliciously crafted web requests.\n\nSiemens has released an update for the SIPROTEC 5 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-500748.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-538778", "title": "SSA-538778: SmartVNC Vulnerabilities in SIMATIC HMI/WinCC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-538778.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-538778.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-538778.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "Multiple SmartVNC vulnerabilities in the affected products listed below could allow remote code execution and Denial-of-Service attacks under certain conditions.\n\nSiemens has released updates for the affected products and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-538778.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-723417", "title": "SSA-723417: Multiple Vulnerabilities in SCALANCE W1750D", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-723417.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-723417.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-723417.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "The Scalance W1750D device contains multiple vulnerabilities that could allow an attacker to inject commands or trigger buffer overflows.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-723417.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-847986", "title": "SSA-847986: Denial-of-Service Vulnerabilities in SIPROTEC 5 relays", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-847986.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-847986.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-847986.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-10-12T00:00:00Z", "summary": { "content": "The latest update for SIPROTEC 5 relays fixes two vulnerabilities that could allow a remote attacker to cause a denial-of-service or potentially trigger a remote code execution under certain circumstances.\n\nSiemens has released an update for SIPROTEC 5 relays and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-847986.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-728618", "title": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-728618.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-728618.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-728618.json.asc" } ], "published": "2021-09-28T00:00:00Z", "updated": "2021-09-28T00:00:00Z", "summary": { "content": "Siemens has released a new version for Solid Edge that fixes multiple file parsing vulnerabilities which could be triggered when the application reads files in IFC, JT or OBJ formats.\n\nIf a user is tricked to opening a malicious file using the affected application this could lead the application to crash, or potentially arbitrary code execution on the target host system.\n\nSiemens recommends to update to the latest version and to limit opening of files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-728618.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-109294", "title": "SSA-109294: Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-109294.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-109294.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-109294.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Siemens Simcenter STAR-CCM+ Viewer is affected by a vulnerability that could be triggered when the application reads scene (.sce) files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system.\n\nSiemens has released an update for Simcenter STAR-CCM+ Viewer and recommends to update to the latest version to fix the vulnerability. Siemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-109294.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-139628", "title": "SSA-139628: Vulnerabilities in Web Server for Scalance X Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-139628.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-139628.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-139628.json.asc" } ], "published": "2021-01-12T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Several SCALANCE X switches contain vulnerabilities in the web server of the affected devices.\n\nAn unauthenticated attacker could reboot, cause denial-of-service conditions and potentially impact the system by other means through heap and buffer overflow vulnerabilities.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-139628.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-187092", "title": "SSA-187092: Several Buffer-Overflow Vulnerabilities in Web Server of SCALANCE X-200", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-187092.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-187092.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-187092.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Several SCALANCE X-200 switches contain buffer overflow vulnerabilities in the web server.\n\nIn the most severe case an attacker could potentially remotely execute code.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-187092.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-208530", "title": "SSA-208530: File parsing vulnerabilities in IFC adapter in NX", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-208530.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-208530.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-208530.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Siemens NX is affected by two vulnerabilities that could be triggered when the application reads ifc files. If a user is tricked to open a malicious file with the affected application, this could lead to an access violation, and potentially also to arbitrary code execution on the target host system.\n\nSiemens has released updates for NX and recommends to update to the latest version to fix the vulnerabilities. Siemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-208530.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-288459", "title": "SSA-288459: Heap Overflow Vulnerability in RFID terminals", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-288459.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-288459.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-288459.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "A heap overflow vulnerability in dhclient of the affected products, which has been published alongside other vulnerabilities as part of NAME:WRECK could allow an attacker to potentially remotely execute code.\n\nSiemens recommends specific countermeasures for products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-288459.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-330339", "title": "SSA-330339: Web Vulnerabilities in SINEC NMS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-330339.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-330339.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-330339.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "A recent update for SINEC NMS fixed multiple vulnerabilities. The most severe of these vulnerabilities could allow an attacker to manipulate the SINEC NMS configuration by tricking an admin to click on a malicious link.\n\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-330339.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-334944", "title": "SSA-334944: Vulnerability in SINEMA Remote Connect Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-334944.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-334944.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-334944.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Multiple vulnerabilities in SINEMA Remote Connect Server could allow an unauthorized remote attacker to retrieve or manipulate sensitive information from the affected software. In addition, the attacker could also cause a Denial-of-Service condition in devices controlled by the affected software.\n\nSiemens has released an update for the SINEMA Remote Connect Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-334944.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-413407", "title": "SSA-413407: Path Traversal Vulnerability in Teamcenter Active Workspace", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-413407.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-413407.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-413407.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Teamcenter Active Workspace contains a path traversal vulnerability that could lead to access control violations.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-413407.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-428051", "title": "SSA-428051: Privilege Escalation Vulnerability in TIA Administrator", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-428051.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-428051.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-428051.json.asc" } ], "published": "2021-02-09T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "The latest update for TIA Administrator, installed together with TIA Portal and PCS neo, fixes a privilege escalation vulnerability that could allow local users to escalate privileges and execute code as local SYSTEM user.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-428051.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-434534", "title": "SSA-434534: Memory Protection Bypass Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434534.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434534.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434534.json.asc" } ], "published": "2021-05-28T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "SIMATIC S7-1200 and S7-1500 CPU products contain a memory protection bypass vulnerability that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.\n\nSiemens has released updates for several affected products and strongly recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-434534.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-434535", "title": "SSA-434535: Memory Protection Bypass Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434535.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434535.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434535.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Several models of SINAMICS PERFECT HARMONY GH180 Drives are affected by a memory protection bypass vulnerability in the integrated S7-1500 or S7-1200 CPU that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks on the CPU.\n\nSiemens provides new drives with the fix included and recommends specific countermeasures for older drives. The list of affected drive models can be found in the section \"Additional Information\"." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-434535.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-434536", "title": "SSA-434536: Memory Protection Bypass Vulnerability in SINUMERIK ONE and SINUMERIK MC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434536.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434536.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-434536.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "SINUMERIK ONE and SINUMERIK MC products are affected by a memory protection bypass vulnerability in the integrated S7-1500 CPU that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks on the CPU.\n\nSiemens has released updates for the affected products and recommends that customers update to the new version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-434536.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-453715", "title": "SSA-453715: Deserialization Vulnerability in CCOM Communication Component of Desigo CC Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-453715.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-453715.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-453715.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Desigo CC, Desigo CC Compact and Cerberus DMS that use CCOM communication component hosted in IIS contain a deserialisation vulnerability that could allow an unauthenticated attacker to perform remote code execution. Only those systems that use Windows App and/or IE XBAP Web Client are affected. Regular installed clients and the new HTML5 Flex Clients are not impacted by this vulnerability.\n\nNote that the risk of this vulnerability being exploited is particularly high for any Desigo CC system that is connected directly to the Internet. For systems not accessible directly from the Internet, an attacker would need to have access to the local network to exploit this vulnerability.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-453715.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-535380", "title": "SSA-535380: Command Injection Vulnerability in Siveillance OIS Affecting Several Building Management Systems", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535380.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535380.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-535380.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "The Siveillance Open Interface Services (OIS) application used for integration of different subsystems to several Siemens building management systems contains a command injection vulnerability that could allow a remote unauthenticated attacker to execute code on the affected system with root privileges.\n\nSiemens has released patches and updates for Siveillance OIS to apply to the products that incorporate the OIS service, and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-535380.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-692317", "title": "SSA-692317: Authorization Bypass Vulnerability in Industrial Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-692317.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-692317.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-692317.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "The latest update for Industrial Edge fixes a vulnerability that could allow an unauthenticated attacker to change the password of any user in the system. With this an attacker could impersonate any valid user on an affected system.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-692317.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-756744", "title": "SSA-756744: OS Command Injection Vulnerability in SINEC NMS", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-756744.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-756744.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-756744.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "The latest update for SINEC NMS fixes a vulnerability that could allow an authenticated remote attacker to execute arbitrary code on the system, with system privileges, under certain conditions.\n\nSiemens has released an update for SINEC NMS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-756744.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-830194", "title": "SSA-830194: Missing Authentication Vulnerability in S7-1200 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-830194.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-830194.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-830194.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "SIMATIC S7-1200 PLC, version V4.5.0 fails to authenticate against configured passwords when the affected device was provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC.\n\nSiemens has released an update for SIMATIC S7-1200 and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-830194.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-835377", "title": "SSA-835377: Missing Authentication Vulnerability in SINEMA Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-835377.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-835377.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-835377.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "The latest update for SINEMA Server fixes a vulnerability that could allow an unauthenticated attacker to obtain encoded system configuration backup files under certain conditions.\n\nSiemens has released an update for the SINEMA Server and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-835377.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-865327", "title": "SSA-865327: Incorrect Authorization Vulnerability in Industrial Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-865327.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-865327.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-865327.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "The latest updates for the below mentioned products fix a vulnerability that allows an unauthenticated attacker to read PLC variables from affected devices without proper authentication under certain circumstances.\n\nSiemens has released updates for some of the affected products, is working on updates for the remaining affected products and recommends specific countermeasures until fixes are available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-865327.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-936080", "title": "SSA-936080: Multiple Vulnerabilities in Third-Party Component libcurl", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-936080.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-936080.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-936080.json.asc" } ], "published": "2021-03-09T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "SIMATIC CM 1542-1, SCALANCE SC600 family and SIMATIC CP 343-1 Advanced devices are vulnerable to a vulnerability in the third party component libcurl that could allow an attacker to cause a Denial-of-Service condition on the affected devices.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.\n\nThe impact of additional libcurl vulnerabilities is described in Siemens Security Advisory SSA-436177." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-936080.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-938030", "title": "SSA-938030: DGN and PAR File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-938030.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-938030.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-938030.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Siemens has released version V13.2.0.2 for JT2Go and Teamcenter Visualization to fix three vulnerabilities that could be triggered while parsing DGN or PAR files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potential arbitrary code execution.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products.\n\nNote:\n\n- This advisory also covers security vulnerabilities recently disclosed by Open Design Alliance [0]\n\n[0] https://www.opendesign.com/security-advisories" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-938030.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-944498", "title": "SSA-944498: Buffer Overflow Vulnerability in Web Server of APOGEE and TALON Automation Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-944498.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-944498.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-944498.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "A buffer overflow vulnerability in the integrated web server of multiple APOGEE and TALON automation devices could allow a remote attacker to execute arbitrary code on the devices with root privileges.\n\nAffected devices include the APOGEE MBC/MEC/PXC P2 Ethernet devices with Power Open Processors (PPC), APOGEE PXC BACnet devices, and TALON TC BACnet devices.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-944498.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-987403", "title": "SSA-987403: Multiple Vulnerabilities in Teamcenter", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-987403.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-987403.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-987403.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Teamcenter is affected by three vulnerabilities namely incorrect privilege assignment, Insecure Direct Object Reference (IDOR) and XML External Entity Injection (XXE).\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-987403.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-997732", "title": "SSA-997732: Modfem File Parsing Vulnerability in Simcenter Femap before V2021.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-997732.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-997732.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-997732.json.asc" } ], "published": "2021-09-14T00:00:00Z", "updated": "2021-09-14T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap is affected by a vulnerability that could be triggered when the application reads modfem files. If a user is tricked to open a malicious file with the affected application, an attacker could leverage this vulnerability to leak information in the context of the current process.\n\nSiemens recommends to update to the latest version line of Simcenter Femap (2021.2), which is not affected by this type of vulnerabilities. Siemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-997732.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-816035", "title": "SSA-816035: Code Execution Vulnerability in SINEMA Remote Connect Client", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-816035.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-816035.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-816035.json.asc" } ], "published": "2021-08-19T00:00:00Z", "updated": "2021-08-19T00:00:00Z", "summary": { "content": "The latest update for SINEMA Remote Connect Client fixes a vulnerability that could allow a local attacker to escalate privileges or even allow remote code execution under certain circumstances.\n\nSiemens has released a firmware update for SINEMA Remote Connect Client and proposes mitigations if an update is not possible." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-816035.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-158827", "title": "SSA-158827: Denial-of-Service Vulnerability in Automation License Manager", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-158827.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-158827.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-158827.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-08-10T00:00:00Z", "summary": { "content": "A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system.\n\nSiemens has released an update for the Automation License Manager 6 and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-158827.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-286838", "title": "SSA-286838: Multiple Vulnerabilities in SINAMICS Medium Voltage Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-286838.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-286838.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-286838.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-08-10T00:00:00Z", "summary": { "content": "SINAMICS medium voltage products, with Sm@rtServer enabled on SIMATIC comfort HMI Panels, are affected by multiple vulnerabilities that could allow an attacker, under certain conditions, to gain full remote access to the HMI. Note that by default Sm@rtServer is disabled, but it can be enabled by the system integrator on request.\n\nSiemens has released updates for the affected products, and recommends to update them to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-286838.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-365397", "title": "SSA-365397: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365397.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365397.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-365397.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-08-10T00:00:00Z", "summary": { "content": "Siemens has released version V13.2.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (CGM, DGN, DXF, and DWG). If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially arbitrary code execution.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products.\n\nNote:\n\n- This advisory also covers security vulnerabilities recently disclosed by Open Design Alliance [0]\n\n[0] https://www.opendesign.com/security-advisories" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-365397.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-553445", "title": "SSA-553445: DNS \u201cName:Wreck\u201d Vulnerabilities in Multiple Siemens Energy AGT and SGT solutions", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-553445.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-553445.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-553445.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-08-10T00:00:00Z", "summary": { "content": "One of the DNS-related vulnerabilities that were reported as \u201cName:Wreck\u201d may affect the following Siemens Energy products:\n\n- Industrial Gas Turbines SGT-100, SGT-200, SGT-300 and SGT-400 with Allen Bradley control systems\n- Aeroderivative Gas Turbines SGT-A20, SGT-A35 and SGT-A65 with FT125 control systems" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-553445.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-752103", "title": "SSA-752103: Telnet Authentication Vulnerability in SINAMICS Medium Voltage Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-752103.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-752103.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-752103.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-08-10T00:00:00Z", "summary": { "content": "SINAMICS medium voltage products, with telnet enabled on SIMATIC comfort HMI Panels, are affected by a remote access vulnerability that could allow an attacker, under certain conditions, to gain full remote access to the HMI. Note that by default telnet is disabled, but it can be enabled by the system integrator on request.\n\nSiemens has released updates for the affected products, and recommends to update them to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-752103.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-818688", "title": "SSA-818688: Multiple Vulnerabilities in Solid Edge before SE2021MP7", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-818688.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-818688.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-818688.json.asc" } ], "published": "2021-08-10T00:00:00Z", "updated": "2021-08-10T00:00:00Z", "summary": { "content": "Siemens has released a new version for Solid Edge that fixes three vulnerabilities - an XML external entity (XXE) injection, and two file parsing issues which could be triggered when the application reads OBJ files.\n\nIf a user is tricked to opening a malicious file using the affected application this could lead the application to crash, or potentially arbitrary code execution and data extraction on the target host system.\n\nSiemens recommends to update to the latest version and to limit opening of files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-818688.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-173615", "title": "SSA-173615: Multiple PAR and ASM File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173615.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173615.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-173615.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "Siemens has released version SE2021MP5 for Solid Edge to fix multiple heap based buffer overflow vulnerabilities that could be triggered when the application read files in PAR or ASM file formats. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution.\n\nSiemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-173615.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-203306", "title": "SSA-203306: Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-203306.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-203306.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-203306.json.asc" } ], "published": "2018-03-08T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.\n\nSiemens has released updates for several affected products, and recommends specific countermeasures for the remaining products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-203306.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-209268", "title": "SSA-209268: Multiple JT File Parsing Vulnerabilities in JT Utilities before V13.0.2.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-209268.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-209268.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-209268.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "Siemens has released version V13.0.2.0 for JT Utilities to \ufb01x multiple vulnerabilities that could be triggered when reading JT \ufb01les.\n\nSiemens recommends to update to the latest version, which contains solutions to all the vulnerabilities listed in this advisory. Standing recommendation is to avoid opening of untrusted \ufb01les from unknown sources in the affected product, as this generally mitigates the risk of exploitation of this class of vulnerabilities for any product release." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-209268.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-352521", "title": "SSA-352521: Access Check Bypass Vulnerability in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-352521.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-352521.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-352521.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "An incorrect authorization check in Mendix applications could allow an attacker to bypass write permissions to attributes of objects under certain circumstances.\n\nMendix has released an update for Mendix and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-352521.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-448291", "title": "SSA-448291: Denial-of-Service Vulnerability in ARP Protocol of RWG Universal Controllers", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-448291.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-448291.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-448291.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "A Denial-of-Service vulnerability was found affecting the ARP protocol on RWG Universal Controller devices.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-448291.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-483182", "title": "SSA-483182: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-483182.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-483182.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-483182.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "Siemens has released version V13.2 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (GIF, TIFF, BMP, J2K, JT, SGI, PDF, PCT, PCX, PAR and ASM ). If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution on the target host system.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-483182.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-622535", "title": "SSA-622535: Multiple Vulnerabilities in Teamcenter Active Workspace", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-622535.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-622535.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-622535.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "Multiple vulnerabilities affecting Teamcenter Active Workspace could lead to sensitive information disclosure and reflected cross site scripting.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-622535.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-641963", "title": "SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-641963.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-641963.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-641963.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "Multiple SIMATIC Software products are affected by a vulnerability that could allow an attacker to manipulate project files and remotely execute code.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-641963.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-729965", "title": "SSA-729965: TLS Certificate Validation Vulnerability in SINUMERIK Integrate Operate Client", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-729965.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-729965.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-729965.json.asc" } ], "published": "2021-07-13T00:00:00Z", "updated": "2021-07-13T00:00:00Z", "summary": { "content": "The latest update for SINUMERIK Integrate Operate Client fixes a vulnerability that could allow an attacker to spoof any SSL server certificate and conduct man-in-the-middle attacks.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-729965.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-133038", "title": "SSA-133038: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-133038.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-133038.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-133038.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "Siemens Simcenter Femap is affected by two vulnerabilities that could be triggered when the application reads modfem files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system.\n\nSiemens has released updates for Simcenter Femap and recommends to update to the latest version to fix the vulnerabilities. Siemens recommends to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-133038.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-200951", "title": "SSA-200951: Multiple Vulnerabilities in Third-Party Component libcurl of TIM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-200951.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-200951.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-200951.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "SIMATIC TIM 1531 IRC devices are vulnerable to multiple vulnerabilities in the third party component libcurl that could allow an attacker to extract sensitive information and pass a revoked certificate as valid.\n\nSiemens has released an update for SIMATIC TIM 1531 IRC and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-200951.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-208356", "title": "SSA-208356: DFT File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-208356.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-208356.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-208356.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "Siemens has released a new version for Solid Edge to fix two vulnerabilities that could be triggered when the application read files in DFT file format. If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution on the target host system.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-208356.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-419820", "title": "SSA-419820: Denial-of-Service Vulnerability in TIM 1531 IRC", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-419820.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-419820.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-419820.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "The latest update for TIM 1531 IRC fixes a vulnerability that could allow a remote attacker to cause a denial-of-service under certain circumstances.\n\nSiemens has released an update for the TIM 1531 IRC and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-419820.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-522654", "title": "SSA-522654: Privilege Escalation Vulnerability in Mendix SAML Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-522654.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-522654.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-522654.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "The latest update of Mendix SAML module fixes a privilege escalation vulnerability.\n\nMendix has released an update for the Mendix SAML module and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-522654.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-542525", "title": "SSA-542525: Authentication Vulnerabilities in SIMATIC HMI Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-542525.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-542525.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-542525.json.asc" } ], "published": "2020-09-08T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "SIMATIC HMI Products are affected by two vulnerabilities that could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions. Siemens also suggests following the listed mitigations for the Unified Comfort Panels." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-542525.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-574442", "title": "SSA-574442: Multiple PAR and DFT File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-574442.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-574442.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-574442.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "Siemens has released a new version for Solid Edge to fix multiple vulnerabilities that could be triggered when the application reads files in different file formats (PAR, DFT extensions). If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-574442.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-645530", "title": "SSA-645530: TIFF File Parsing Vulnerability in JT2Go and Teamcenter Visualization before V13.1.0.3", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-645530.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-645530.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-645530.json.asc" } ], "published": "2021-06-08T00:00:00Z", "updated": "2021-06-08T00:00:00Z", "summary": { "content": "Siemens has released version V13.1.0.3 for JT2Go and Teamcenter Visualization to fix a vulnerability that could be triggered when the products read files in TIFF file format. If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-645530.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-119468", "title": "SSA-119468: Luxion KeyShot Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-119468.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-119468.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-119468.json.asc" } ], "published": "2021-05-25T00:00:00Z", "updated": "2021-05-25T00:00:00Z", "summary": { "content": "The Solid Edge installation package includes a specific version of the third-party product KeyShot from Luxion, which may not contain the latest security fixes provided by Luxion.\n\nSiemens recommends to update KeyShot according to the information in the Luxion Security Advisory LSA-394129." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-119468.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-622830", "title": "SSA-622830: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-622830.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-622830.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-622830.json.asc" } ], "published": "2021-01-12T00:00:00Z", "updated": "2021-05-17T00:00:00Z", "summary": { "content": "Siemens has released version V13.1.0 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (JT, XML, CG4, CGM, PDF, RGB, SGI, TGA, PAR, PCX). If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products. Please refer to SSA-663999 [0] and SSA-695540 [1] for further information regarding later version updates.\n\nNote: Previous versions of this advisory also contained the vulnerabilities CVE-2020-26989, CVE-2020-26990, and CVE-2020-28383 (now addressed in [0]) and CVE-2020-26991 (now addressed in [1]).\n\n[0] https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf\n\n[1] https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-622830.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-663999", "title": "SSA-663999: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0.1", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-663999.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-663999.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-663999.json.asc" } ], "published": "2021-02-09T00:00:00Z", "updated": "2021-05-17T00:00:00Z", "summary": { "content": "Siemens has released version V13.1.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (BMP, TIFF, CGM, TGA, PCT, HPG, PLT, RAS, PAR, ASM, DXF, DWG). If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products.\n\nNotes:\n\n- Previous versions of this advisory incorrectly listed the following vulnerabilities as being fixed in V13.1.0.1: CVE-2020-26991, CVE-2020-26998, CVE-2020-26999, CVE-2020-27001 and CVE-2020-27002. Those were fixed in V13.1.0.2 and are therefore addressed in advisory SSA-695540 [0]\n\n- The vulnerability CVE-2020-28383 was incorrectly listed in SSA-622830 [1] as being fixed in V13.1.0.0. This was fixed in V13.1.0.1 and therefore added here\n\n- The Open Design Alliance [2] recently disclosed an additional vulnerability (CVE-2021-31784) which is also covered in this advisory\n\n[0] https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf\n\n[1] https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf\n\n[2] https://www.opendesign.com/security-advisories" }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-663999.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-695540", "title": "SSA-695540: ASM and PAR File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0.2", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-695540.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-695540.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-695540.json.asc" } ], "published": "2021-05-17T00:00:00Z", "updated": "2021-05-17T00:00:00Z", "summary": { "content": "Siemens has released version V13.1.0.2 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in ASM and PAR file formats. If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-695540.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-116379", "title": "SSA-116379: Denial-of-Service Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116379.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116379.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-116379.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "SCALANCE XM-400 and XR-500 devices contain a vulnerability in the OSPF protocol implementation that could allow an unauthenticated remote attacker to create a permanent denial-of-service condition.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-116379.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-478893", "title": "SSA-478893: TightVNC Vulnerabilities in Industrial Products (Revoked)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478893.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478893.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-478893.json.asc" } ], "published": "2020-12-08T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "Multiple TightVNC (V1.x) vulnerabilities could allow remote code execution and Denial-of-Service attacks under certain conditions.\n\nSiemens has previously released this advisory containing a set of products that were considered to be affected. Through Siemens\u2019 continuous investigation processes it was identified that all products previously advised are not affected by any vulnerability listed in this advisory." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-478893.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-594364", "title": "SSA-594364: Denial-of-Service Vulnerability in SNMP Implementation of WinCC Runtime", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594364.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594364.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-594364.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "A denial-of-service vulnerability in WinCC Runtime could allow an unauthenticated attacker with network access to cause a denial-of-service condition in the SNMP service by sending crafted SNMP packets to port 161/udp.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-594364.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-646763", "title": "SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-646763.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-646763.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-646763.json.asc" } ], "published": "2021-01-19T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "Security researchers discovered and disclosed seven vulnerabilities in the open-source DNS component \u201cdnsmasq\u201d, also known as \u201cDNSpooq\u201d vulnerabilities (CVE-2020-25681 through CVE-2020-25687). Three vulnerabilities (CVE-2020-25684 through CVE-2020-25686) affect the validation of DNS responses and impact several SCALANCE and RUGGEDCOM devices as listed below.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-646763.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-676775", "title": "SSA-676775: Denial-of-Service Vulnerability in SIMATIC NET CP 343-1 Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-676775.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-676775.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-676775.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "A vulnerability in SIMATIC CP343-1 devices could allow an attacker to cause a Denial-of-Service condition on TCP port 102 of the affected devices by sending specially crafted packets.\n\nSiemens recommends specific countermeasures for products where updates are not, or not yet available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-676775.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-794542", "title": "SSA-794542: Insecure Folder Permissions in SIMARIS Configuration", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794542.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794542.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-794542.json.asc" } ], "published": "2021-02-09T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "The installation of SIMARIS configuration causes insecure folder permissions that could allow vertical privilege escalation.\n\nSiemens has released an update for SIMARIS and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-794542.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-854248", "title": "SSA-854248: Information Disclosure Vulnerability in Mendix Excel Importer Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-854248.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-854248.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-854248.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "The latest update of Mendix Excel Importer module fixes an infomation disclosure vulnerability.\n\nMendix has released an update for the Mendix Excel Importer module and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-854248.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-919955", "title": "SSA-919955: Information Disclosure Vulnerability in Mendix Database Replication Module", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-919955.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-919955.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-919955.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "The latest update of Mendix Database Replication module fixes a infomation disclosure vulnerability.\n\nMendix has released an update for the Mendix Database Replication module and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-919955.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-940818", "title": "SSA-940818: UltraVNC Vulnerabilities in SIMATIC HMIs/WinCC Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-940818.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-940818.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-940818.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "UltraVNC vulnerabilities in the affected products listed below could allow remote code execution, information disclosure and Denial-of-Service attacks under certain conditions.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-940818.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-983548", "title": "SSA-983548: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-983548.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-983548.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-983548.json.asc" } ], "published": "2021-05-11T00:00:00Z", "updated": "2021-05-11T00:00:00Z", "summary": { "content": "Siemens Tecnomatix Plant Simulation has released an update for version V16.0 that fixes multiple vulnerabilities that could be triggered when the application reads SPP files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-983548.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-875726", "title": "SSA-875726: Privilege Escalation Vulnerability in Mendix", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-875726.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-875726.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-875726.json.asc" } ], "published": "2021-04-14T00:00:00Z", "updated": "2021-04-14T00:00:00Z", "summary": { "content": "The latest updates for Mendix fix a vulnerability in Mendix Applications that could allow malicious authorized users to escalate their privileges.\n\nMendix has released an update for Mendix and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-875726.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-163226", "title": "SSA-163226: CELL File Parsing Vulnerability in Tecnomatix RobotExpert", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-163226.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-163226.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-163226.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Siemens Tecnomatix RobotExpert version V16.1 fixes a vulnerability that could be triggered when the application reads CELL files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-163226.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-292794", "title": "SSA-292794: Multiple Denial-of-Service Vulnerabilities in SINEMA Remote Connect Server", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292794.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292794.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-292794.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "The latest update for SINEMA Remote Connect Server fixes two Denial-of-Service vulnerabilities in the underlying third-party XML parser.\n\nSiemens has released updates for the affected product and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-292794.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-296266", "title": "SSA-296266: Denial-of-Service Vulnerability in SCALANCE and RUGGEDCOM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-296266.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-296266.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-296266.json.asc" } ], "published": "2021-03-09T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Some firmware versions of the SCALANCE and RUGGEDCOM devices listed below are affected by a vulnerability in the SSH authentication that could allow an attacker to cause a Denial-of-Service under certain conditions.\n\nSiemens has released updates for the affected products and recommends to update to the latest version." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-296266.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-541017", "title": "SSA-541017: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SIRIUS 3RW5 Modbus TCP and SENTRON PAC / 3VA Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541017.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541017.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-541017.json.asc" } ], "published": "2020-12-08T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Security researchers discovered and disclosed 33 vulnerabilities in several open-source TCP/IP stacks for embedded devices, also known as \u201cAMNESIA:33\u201d vulnerabilities.\n\nThis advisory describes the impact of one of these vulnerabilities (CVE-2020-13988) to Siemens products. Siemens has released updates for the affected products and recommends to update to the latest versions.\n\nThe impact of additional \u201cAMNESIA:33\u201d vulnerabilities is described in Siemens Security Advisory SSA-541018." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-541017.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-591405", "title": "SSA-591405: Web Vulnerabilities in SCALANCE S-600 Family", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-591405.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-591405.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-591405.json.asc" } ], "published": "2020-02-11T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "The firmware for SCALANCE S-600 family devices contains multiple web vulnerabilities. The vulnerabilities could allow an remote attacker to conduct Denial-of-Service attacks or perform Cross-Site Scripting attacks.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions, or to upgrade to a successor product." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-591405.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-689942", "title": "SSA-689942: Denial-of-Service and DLL Hijacking Vulnerabilities in Multiple SIMATIC Software Products", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-689942.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-689942.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-689942.json.asc" } ], "published": "2020-06-09T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Multiple SIMATIC Software products are affected by two vulnerabilities that could allow an attacker to manipulate project files that may lead to Remote Code Execution or Denial-of-Service attacks.\n\nSiemens has released updates to some of the affected products and recommends that customers update to the latest version. Siemens is preparing further updates and recommends specific workarounds and mitigations until patches are available." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-689942.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-715184", "title": "SSA-715184: Multiple File Parsing Vulnerabilities in Solid Edge", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-715184.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-715184.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-715184.json.asc" } ], "published": "2021-03-09T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Siemens has released new versions for Solid Edge to fix multiple vulnerabilities that could be triggered when the application reads files in different file formats (PAR, DFT, XML extensions). If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources. Please refer to SSA-574442 for further information regarding latest version update." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-715184.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-788287", "title": "SSA-788287: Disclosure of Private Data", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-788287.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-788287.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-788287.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Due to SmartClient Installation technology (ClickOnce) a customer/integrator needs to create a customer specific Smartclient installer. The mentioned products delivered a trusted but yet expired codesigning certificate.\n\nAn attacker could have exploited the vulnerability by spoofing the code-signing certificate and signing a malicious executable resulting in having a trusted digital signature from a trusted provider.\n\nThe certificate was revoked immediately." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-788287.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-853866", "title": "SSA-853866: User Credentials Disclosure Vulnerability in Siveillance Video Open Network Bridge (ONVIF)", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-853866.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-853866.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-853866.json.asc" } ], "published": "2021-04-13T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Siemens has released hotfixes for Siveillance Video Open Network Bridge (ONVIF) which fix a security vulnerability related to unsecure storage of ONVIF user credentials. The vulnerability could allow an authenticated remote attacker to retrieve and decrypt all user credentials stored on the ONVIF server.\n\nSiemens recommends to apply the hotfixes at the earliest opportunity. See also the chapter Additional Information, how to apply the hotfix." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-853866.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } }, { "id": "SSA-979775", "title": "SSA-979775: Stack Overflow Vulnerability in SCALANCE and RUGGEDCOM Devices", "link": [ { "rel": "self", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-979775.json" }, { "rel": "hash", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-979775.json.sha512" }, { "rel": "signature", "href": "https://cert-portal.siemens.com/productcert/csaf/ssa-979775.json.asc" } ], "published": "2021-03-09T00:00:00Z", "updated": "2021-04-13T00:00:00Z", "summary": { "content": "Several firmware versions of the SCALANCE and RUGGEDCOM devices listed below are affected by a vulnerability in the passive listening feature that could allow an attacker to cause a reboot or, under specific circumstances, attain remote code execution of the affected devices.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions." }, "content": { "type": "application/json", "src": "https://cert-portal.siemens.com/productcert/csaf/ssa-979775.json" }, "format": { "schema": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", "version": "2.0" } } ] } }