Affected Product and Versions |
Remediation |
Advantage Navigator Energy & Sustainability:
All versions < 2021-12-13
|
Vulnerability CVE-2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Advantage Navigator Software Proxy V6:
All versions < V6.3
|
Update to V6.3 or later version
See further recommendations from section Workarounds and Mitigations
|
Building Operator Discovery Distribution for the Connect X200 Gateway:
All versions < V3.0.30
|
Update to V3.0.30 or later version
https://support.industry.siemens.com/cs/ww/en/view/109805593/
See further recommendations from section Workarounds and Mitigations
|
Building Operator Discovery Distribution for the Connect X300 Gateway:
All versions < V3.0.29
|
Update to V3.0.29 or later version
https://support.industry.siemens.com/cs/ww/en/view/109805593/
See further recommendations from section Workarounds and Mitigations
|
Building Twin - 360° Viewer:
All versions
|
Vulnerability CVE-2021-44228 fixed on central cloud service; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Capital V2019.1:
All versions >= V2019.1 SP1912 < V2019.1 SP2204 only if Teamcenter integration feature is used
|
Update to V2019.1 SP2204 or later version
https://support.sw.siemens.com/en-US/product/861057055/downloads
Find detailed mitigation steps at: https://support.sw.siemens.com/en-US/knowledge-base/MG618363
See further recommendations from section Workarounds and Mitigations
|
Capital V2020.1:
All versions < 2020.1 SP2202 only if Teamcenter integration feature is used
|
Update to V2020.1 SP2202 or later version
https://support.sw.siemens.com/en-US/product/861057055/downloads
Find detailed mitigation steps at: https://support.sw.siemens.com/en-US/knowledge-base/MG618363
See further recommendations from section Workarounds and Mitigations
|
Capital V2021.1:
All versions < V2021.1 SP2202 only if Teamcenter integration feature is used
|
Update to V2021.1 SP2202 or later version
https://support.sw.siemens.com/en-US/product/861057055/downloads
Find detailed mitigation steps at: https://support.sw.siemens.com/en-US/knowledge-base/MG618363
See further recommendations from section Workarounds and Mitigations
|
Cerberus DMS:
V5.0, V5.1 with Advanced Reporting EM installed
|
Remove the JndiLookup class from the classpath. Detailed instructions are available at https://support.industry.siemens.com/cs/ww/en/view/109805562/
See further recommendations from section Workarounds and Mitigations
|
COMOS:
All versions < V10.4.1 only if Teamcenter PDI feature is used
|
Update to V10.4.1 and consider the “Notes on using TCCS setup in COMOS 10.4.1.txt”
https://support.industry.siemens.com/cs/ww/en/view/109805632/
Uninstall “Teamcenter Client Communication System (TCCS)” or block both incoming and outgoing connections between the system and the Internet.
See further recommendations from section Workarounds and Mitigations
|
cRSP:
All versions < V13.17.2
|
Update to V13.17.2 was deployed on all cRSP services on 2021-12-21; no user actions necessary
Note: Earlier versions of the product contained a vulnerable version of log4j, but no risk for exploitation could be identified.
See further recommendations from section Workarounds and Mitigations
|
cRSP Operator Client Starter:
All versions < V1.7.18
|
Update to V1.7.18 or later version, as provided via cRSP V13.17.2 or later version
Note: Earlier versions of the product contained a vulnerable version of log4j, but no risk for exploitation could be identified.
See further recommendations from section Workarounds and Mitigations
|
Desigo CC:
V3.0, V4.0, V4.1, V4.2 with Advanced Reporting EM installed
|
Remove the JndiLookup class from the classpath. Detailed instructions are available at https://support.industry.siemens.com/cs/ww/en/view/109805562/
See further recommendations from section Workarounds and Mitigations
|
Desigo CC:
V5.0, V5.1 with Advanced Reporting or Info Center EM installed
|
Remove the JndiLookup class from the classpath. Detailed instructions are available at https://support.industry.siemens.com/cs/ww/en/view/109805562/
See further recommendations from section Workarounds and Mitigations
|
E-Car OC Cloud Application:
All versions < 2021-12-13
|
Vulnerability CVE-2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Energy Engage:
V3.1
|
Find detailed remediation and mitigation information on the EnergyIP docs portal at: https://docs.emeter.com/display/public/WELCOME/EnergyIP+Security+Advisory+for+Log4Shell+Vulnerability
See further recommendations from section Workarounds and Mitigations
|
EnergyIP:
V8.5, V8.6, V8.7, V9.0
|
Find detailed remediation and mitigation information on the EnergyIP docs portal at: https://docs.emeter.com/display/public/WELCOME/EnergyIP+Security+Advisory+for+Log4Shell+Vulnerability
Note: EnergyIP V8.5 and V8.6 applications are not directly affected, but CAS is.
See further recommendations from section Workarounds and Mitigations
|
EnergyIP Prepay:
All versions < V3.8.0.12
only affected by
CVE-2021-44228
|
Update to V3.8.0.12 or later version
See further recommendations from section Workarounds and Mitigations
|
Enlighted Amaze:
All versions < 2021-12-10
|
Vulnerabilities fixed on central cloud services starting 2021-12-10; no user actions necessary
For Comfy and Enlighted, see also chapter Additional Information below
See further recommendations from section Workarounds and Mitigations
|
Enlighted Where:
All versions < 2021-12-11
|
Vulnerabilities fixed on central cloud services starting 2021-12-11; no user actions necessary
For Comfy and Enlighted, see also chapter Additional Information below
See further recommendations from section Workarounds and Mitigations
|
Geolus Shape Search V10:
All versions >= V10.2
|
Remove the JndiLookup class from the classpath.
Find detailed remediation and mitigation information at: https://support.sw.siemens.com/en-US/knowledge-base/PL8601468
See further recommendations from section Workarounds and Mitigations
|
Geolus Shape Search V11:
All versions
|
Remove the JndiLookup class from the classpath.
Find detailed remediation and mitigation information at: https://support.sw.siemens.com/en-US/knowledge-base/PL8601468
See further recommendations from section Workarounds and Mitigations
|
GMA-Manager:
All versions >= V8.6.2j.398 < V8.6.2.472
|
Update to V8.6.2.472 or later version
https://support.industry.siemens.com/cs/ww/en/view/109805665/
See further recommendations from section Workarounds and Mitigations
|
HEEDS Connect:
All versions
|
HEEDS Connect team will contact all impacted customers to deploy a new log4j version. This action will secure your installation against Log4Shell vulnerability. For further information see: https://support.sw.siemens.com/en-US/knowledge-base/PL8601661
See further recommendations from section Workarounds and Mitigations
|
HES UDIS:
All versions
|
Specific fix versions based on V6.0.2 and V6.0.3 were released and deployed for all affected projects
See further recommendations from section Workarounds and Mitigations
|
Industrial Edge Hub:
All versions < 2021-12-13
|
Vulnerabilities fixed on central cloud service starting 2021-12-13; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Industrial Edge Management App (IEM-App):
All versions < V1.4.11
|
Update to V1.4.11 or later version
https://iehub.eu1.edge.siemens.cloud/
See further recommendations from section Workarounds and Mitigations
|
Industrial Edge Management OS (IEM-OS):
All versions < V1.4.0-42
|
Update to V1.4.0-42 or later version
https://iehub.eu1.edge.siemens.cloud/
See further recommendations from section Workarounds and Mitigations
|
jROS for Spectrum Power 4:
V4.70 SP9
|
Update to V4.70 SP9 Security Patch 1 or later version. Please contact your local Siemens representative.
See further recommendations from section Workarounds and Mitigations
|
jROS for Spectrum Power 7:
V21Q4
|
Apply the patch. Please contact your local Siemens representative.
See further recommendations from section Workarounds and Mitigations
|
Mendix Applications:
All versions
|
Although the Mendix runtime itself is not vulnerable to this exploit, we nevertheless recommend to upgrade log4j-core to the latest available version if log4j-core is part of your project. This advice is regardless of the JRE/JDK version the app runs on.
https://status.mendix.com/incidents/8j5043my610c
See further recommendations from section Workarounds and Mitigations
|
MindSphere App Management Cockpits (Developer& Operator):
All versions < 2021-12-16
|
Vulnerabilities fixed with update on 2021-12-16; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
MindSphere Asset Manager:
All versions < 2021-12-16
|
Vulnerabilities fixed with update on 2021-12-16; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Mindsphere Cloud Foundry:
All versions < 2021-12-14
|
Although the Cloud Foundry environment itself is not vulnerable to this exploit, we nevertheless recommend to upgrade log4j-core to the latest available version if log4j-core is part of your project. https://support.sw.siemens.com/en-US/product/268530510/knowledge-base/PL8600797
See further recommendations from section Workarounds and Mitigations
|
Mindsphere Cloud Platform:
All versions < 2021-12-11
|
Vulnerabilities fixed on central cloud service starting 2021-12-11; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
MindSphere IAM (User Management/ Settings):
All versions < 2021-12-16
|
Vulnerabilities fixed with update on 2021-12-16; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
MindSphere Integrated Data Lake:
All versions < 2021-12-16
|
Vulnerabilities fixed with update on 2021-12-16; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
MindSphere Notification Service:
All versions < 2021-12-16
|
Vulnerabilities fixed with update on 2021-12-16; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
MindSphere Predictive Learning:
All versions < 2021-12-23
|
Vulnerabilities fixed with update on 2021-12-23; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
MindSphere Usage Transparency Service:
All versions < 2021-12-16
|
Vulnerabilities fixed with update on 2021-12-16; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
MindSphere Visual Explorer:
All versions < 2021-12-21
|
Vulnerabilities fixed with update on 2021-12-21; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
NX 1953 Series:
All versions < V1973.4340
|
Update to V1973.4340 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600959
See further recommendations from section Workarounds and Mitigations
|
NX 1980 Series:
All versions < V2000.3400
|
Update to V2000.3400 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600959
See further recommendations from section Workarounds and Mitigations
|
NX 2007 Series:
All versions < V2008
|
Update to V2008 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600959
See further recommendations from section Workarounds and Mitigations
|
NXpower Monitor:
All versions < 2021-12-19
|
Vulnerabilities fixed on central cloud service starting 2021-12-19; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Opcenter EX CP Process Automation Control:
All versions >= V17.2.3 < V18.1
|
Update to V18.1 or later version to fix CVE-2021-44228
See further recommendations from section Workarounds and Mitigations
|
Opcenter Execution Core Process Automation Control:
All versions >= V17.2.3 < V18.1
|
Update to V18.1 or later version to fix CVE-2021-44228
See further recommendations from section Workarounds and Mitigations
|
Opcenter Intelligence:
All versions >= V3.2 < V3.5 only OEM version that ships Tableau
|
Update to V3.5 or later version
https://support.sw.siemens.com/
See further recommendations from section Workarounds and Mitigations
|
Operation Scheduler:
All versions >= V1.1.3
|
Update the UAA component to V75.8.3
https://support.industry.siemens.com/cs/ww/en/view/109805673/
See further recommendations from section Workarounds and Mitigations
|
SENTRON powermanager V4:
V4.1, V4.2
|
Remove the JndiLookup class from the classpath. Detailed instructions are available at https://support.industry.siemens.com/cs/ww/en/view/109805602/
See further recommendations from section Workarounds and Mitigations
|
SIGUARD DSA:
All versions >= 4.2 < 4.4.1
|
Update to V4.4.1 or later version
See further recommendations from section Workarounds and Mitigations
|
SIMATIC IPC647D:
All versions with affected Adaptec RAID
|
Follow the remediation steps documented at https://ask.adaptec.com/app/answers/detail/a_id/17527/
Stop and disable autostart for maxView Storage Manager WebServer. Note: This software is not required for the underlying RAID to workDisable ports 8080/tcp and 8443/tcp in the firewall configuration of the IPC
See further recommendations from section Workarounds and Mitigations
|
SIMATIC IPC647E:
All versions with affected Adaptec RAID
|
Update the driver for the SmartRAID controller to V2.6.6 or later version, available at https://storage.microsemi.com/en-us/support/raid/sas_raid/asr-3151-4i/
Stop and disable autostart for maxView Storage Manager WebServer. Note: This software is not required for the underlying RAID to workDisable ports 8080/tcp and 8443/tcp in the firewall configuration of the IPC
See further recommendations from section Workarounds and Mitigations
|
SIMATIC IPC847D:
All versions with affected Adaptec RAID
|
Follow the remediation steps documented at https://ask.adaptec.com/app/answers/detail/a_id/17527/
Stop and disable autostart for maxView Storage Manager WebServer. Note: This software is not required for the underlying RAID to workDisable ports 8080/tcp and 8443/tcp in the firewall configuration of the IPC
See further recommendations from section Workarounds and Mitigations
|
SIMATIC IPC847E:
All versions with affected Adaptec RAID
|
Update the driver for the SmartRAID controller to V2.6.6 or later version, available at https://storage.microsemi.com/en-us/support/raid/sas_raid/asr-3151-4i/
Stop and disable autostart for maxView Storage Manager WebServer. Note: This software is not required for the underlying RAID to workDisable ports 8080/tcp and 8443/tcp in the firewall configuration of the IPC
See further recommendations from section Workarounds and Mitigations
|
SIMATIC IPC1047:
All versions with affected Adaptec RAID
|
Update the driver for the SmartRAID controller to V2.6.6 or later version, available at https://storage.microsemi.com/en-us/support/raid/sas_raid/asr-3151-4i/
Stop and disable autostart for maxView Storage Manager WebServer. Note: This software is not required for the underlying RAID to workDisable ports 8080/tcp and 8443/tcp in the firewall configuration of the IPC
See further recommendations from section Workarounds and Mitigations
|
SIMATIC IPC1047E:
All versions with affected Adaptec RAID
|
Update the driver for the SmartRAID controller to V2.6.6 or later version, available at https://storage.microsemi.com/en-us/support/raid/sas_raid/asr-3151-4i/
Stop and disable autostart for maxView Storage Manager WebServer. Note: This software is not required for the underlying RAID to workDisable ports 8080/tcp and 8443/tcp in the firewall configuration of the IPC
See further recommendations from section Workarounds and Mitigations
|
Simcenter 3D:
All versions < 2022.1-2008
|
Update to 2022.1-2008 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8603477
Find detailed remediation and mitigation information at: https://support.sw.siemens.com/en-US/knowledge-base/PL8601203
See further recommendations from section Workarounds and Mitigations
|
Simcenter Amesim:
All versions only if Teamcenter integration feature is used
|
Update Teamcenter to any fix version available for the different version lines of Teamcenter, see https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
https://support.sw.siemens.com/en-US/knowledge-base/PL8601572
See further recommendations from section Workarounds and Mitigations
|
Simcenter System Architect:
All versions only if Teamcenter integration feature is used
|
Update Teamcenter to any fix version available for the different version lines of Teamcenter, see https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
https://support.sw.siemens.com/en-US/knowledge-base/PL8601662
See further recommendations from section Workarounds and Mitigations
|
Simcenter System Simulation Client for Git:
All versions < V2021.2.2
|
Update to V2021.2.2 or later version
https://support.sw.siemens.com
Find detailed mitigation steps for both server and client installations at: https://support.sw.siemens.com/en-US/knowledge-base/PL8602538
See further recommendations from section Workarounds and Mitigations
|
Simcenter Testlab:
All versions >= 2021.1
|
Follow the remediation steps documented at: https://support.sw.siemens.com/en-US/knowledge-base/PL8602466
See further recommendations from section Workarounds and Mitigations
|
Simcenter Testlab Data Management:
All versions
|
Simcenter Testlab Data Management team will contact all impacted customer to deploy the mitigation measures. This action will secure your installation against Log4Shell vulnerability. For further information see: https://support.sw.siemens.com/en-US/knowledge-base/PL8601418
See further recommendations from section Workarounds and Mitigations
|
SiPass integrated V2.80:
All versions
|
Apply the patch
https://support.industry.siemens.com/cs/ww/en/view/109805711/
See further recommendations from section Workarounds and Mitigations
|
SiPass integrated V2.85:
All versions < V2.85.7.5
|
Update to V2.85.7.5 or later version
https://support.industry.siemens.com/cs/ww/en/view/109801507/
See further recommendations from section Workarounds and Mitigations
|
Siveillance Command:
All versions >= V4.16.2.1
|
Vulnerabilities fixed for Command installations on a project basis; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Siveillance Control Pro V2.1:
All versions
|
A hotfix is available; please contact customer support to receive the hotfix
See further recommendations from section Workarounds and Mitigations
|
Siveillance Control Pro V2.2:
All versions < V2.2.7
|
Update to V2.2.7 or later version; please contact customer support to receive the latest version
See further recommendations from section Workarounds and Mitigations
|
Siveillance Control Pro V2.3:
All versions < V2.3.2
|
Update to V2.3.2 or later version; please contact customer support to receive the latest version
See further recommendations from section Workarounds and Mitigations
|
Siveillance Identity V1.5:
All versions
|
Update to V1.5 SP4 and apply the patch
https://support.industry.siemens.com/cs/ww/en/view/109805657/
See further recommendations from section Workarounds and Mitigations
|
Siveillance Identity V1.6:
All versions
|
Update to V1.6 SP1 and apply the patch
https://support.industry.siemens.com/cs/ww/en/view/109805657/
See further recommendations from section Workarounds and Mitigations
|
Siveillance Vantage:
All versions
|
Vulnerabilities fixed for Vantage installations on a project basis; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Solid Edge CAM Pro:
All versions < V2008
|
Update to V2008 or later version
https://support.sw.siemens.com/
See further recommendations from section Workarounds and Mitigations
|
Solid Edge Wiring and Harness Design:
All versions >= V2020 SP2002 < V2022 SP2202 only if Teamcenter integration feature is used
|
Update to V2022 SP2202 or later version
https://support.sw.siemens.com/en-US/product/246738425/downloads
Find detailed mitigation steps at: https://support.sw.siemens.com/en-US/knowledge-base/MG618363
See further recommendations from section Workarounds and Mitigations
|
Spectrum Power 4:
All versions >= V4.70 SP8 < V4.70 SP9 Security Patch 1
|
Update to V4.70 SP9 and apply Security Patch 1. Please contact your local Siemens representative.
See further recommendations from section Workarounds and Mitigations
|
Spectrum Power 7:
All versions >= V2.30 SP2
|
Update to V21Q4 and apply the patch. Please contact your local Siemens representative.
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Active Workspace V4.3:
All versions < V4.3.13
|
Update to V4.3.13 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Active Workspace V5.0:
All versions < V5.0.11
|
Update to V5.0.11 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Active Workspace V5.1:
All versions < V5.1.8
|
Update to V5.1.8 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Active Workspace V5.2:
All versions < V5.2.6
|
Update to V5.2.6 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Deployment Center V4.0:
All versions < V4.0.3
|
Update to V4.0.3 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Deployment Center V4.1:
All versions < V4.1.1.1
|
Update to V4.1.1.1 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Deployment Center V4.2:
All versions < V4.2.0.2
|
Update to V4.2.0.2 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter EDA V5.1:
All versions < V5.1.5
|
Update to V5.1.5 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter EDA V5.2:
All versions < V5.2.3
|
Update to V5.2.3 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Integration for CATIA:
All versions < 13.0.1.2
|
Update to V13.0.1.2 or later version
https://support.sw.siemens.com/knowledge-base/PL8602463
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Integration Framework V3.3:
All versions <= V3.3.0.7
|
Update to V3.3.0.7 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Integration Framework V4.0:
All versions <= V4.0.0.2
|
Update to V4.0.0.2 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Integration Framework V13.0:
All versions <= V13.0.0.2
|
Update to V13.0.0.2 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Integration Framework V13.1:
All versions <= V13.1.0.1
|
Update to V13.1.0.1 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Integration Framework V13.2:
All versions <= V13.2.0.1
|
Update to V13.2.0.1 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter MBSE Gateway V4.1:
All versions < V4.1.2
|
Update to V4.1.2 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter MBSE Gateway V4.2:
All versions < V4.2.3
|
Update to V4.2.3 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter MBSE Gateway V4.3:
All versions < V4.3.3
|
Update to V4.3.3 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter MBSE Gateway V5.0:
All versions < V5.0.6
|
Update to V5.0.6 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter MBSE Gateway V5.1:
All versions < V5.1.5
|
Update to V5.1.5 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter MBSE Gateway V5.2:
All versions < V5.2.4
|
Update to V5.2.4 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Microservices Framework V5.1:
All versions < V5.1.8
|
Update to V5.1.8 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Microservices Framework V5.2:
All versions < V5.2.6
|
Update to V5.2.6 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Reporting and Analytics V11:
All versions >= V11.3
|
Remove the JndiLookup class from the classpath.
Find detailed remediation and mitigation information at: https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Reporting and Analytics V12.2:
All versions < V12.2.8
|
Update to V12.2.8 or later version
https://support.sw.siemens.com/enUS/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Reporting and Analytics V12.3:
All versions < V12.3.11
|
Update to V12.3.11 or later version
https://support.sw.siemens.com/enUS/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Reporting and Analytics V12.4:
All versions < V12.4.1
|
Update to V12.4.1 or later version
https://support.sw.siemens.com/enUS/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Reporting and Analytics V13:
All versions < V13.2.1.1
|
Update to V13.2.1.1 or V13.3.0.0 or later version
https://support.sw.siemens.com/enUS/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter Technical Publishing:
All versions >= V2.10 < V13.0.1
|
Update to V13.0.1 or later version
https://support.sw.siemens.com/knowledge-base/PL8612040
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V12.1:
All versions < V12.1.0.14
|
Update to V12.1.0.14 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V12.2:
All versions < 12.2.0.18
|
Update to V12.2.0.18 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V12.3:
All versions < V12.3.0.15
|
Update to V12.3.0.15 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V12.4:
All versions < V12.4.0.12
|
Update to V12.4.0.12 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V13.0:
All versions < V13.0.0.9
|
Update to V13.0.0.9 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V13.1:
All versions < V13.1.0.8
|
Update to V13.1.0.8 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V13.2:
All versions < V13.2.0.6
|
Update to V13.2.0.6 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Teamcenter V13.3:
All versions < V13.3.0.1
|
Update to V13.3.0.1 or later version
https://support.sw.siemens.com/en-US/knowledge-base/PL8600700
See further recommendations from section Workarounds and Mitigations
|
Tecnomatix eBOP Manager Server:
V14.1, V15.0, V15.1, V15.1.2, V16.0, V16.0.1, V16.0.2, V16.1, V16.1.1, V16.1.2
|
Apply the hotfix
https://support.sw.siemens.com/en-US/knowledge-base/PL8602057
See further recommendations from section Workarounds and Mitigations
|
Tecnomatix Intosite:
All versions
|
Vulnerabilities fixed on central cloud service; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Tecnomatix Plant Simulation:
V15.0, V16.0, V16.1 only if TCCS is installed
|
Download and install the updated TCCS setup from the Siemens Support Center; for details see https://support.sw.siemens.com/knowledge-base/PL8615527
See further recommendations from section Workarounds and Mitigations
|
Tecnomatix Process Designer:
All versions >= V14.1
|
Apply the hotfix, available for versions V14.1, V15.0, V15.1, V15.1.2, V16.0, V16.0.1, V16.0.2, V16.1, V16.1.1, V16.1.2
https://support.sw.siemens.com/en-US/knowledge-base/PL8602057
See further recommendations from section Workarounds and Mitigations
|
Tecnomatix Process Simulate:
All versions >= V14.1
|
Apply the hotfix, available for versions V14.1, V15.0, V15.1, V15.1.2, V16.0, V16.0.1, V16.0.2, V16.1, V16.1.1, V16.1.2
https://support.sw.siemens.com/en-US/knowledge-base/PL8602057
See further recommendations from section Workarounds and Mitigations
|
Tecnomatix Process Simulate VCLite:
All versions >= V14.1
|
Apply the hotfix, available for versions V14.1, V15.0, V15.1, V15.1.2, V16.0, V16.0.1, V16.0.2, V16.1, V16.1.1, V16.1.2
https://support.sw.siemens.com/en-US/knowledge-base/PL8602057
See further recommendations from section Workarounds and Mitigations
|
Tecnomatix RobotExpert:
All versions >= V14.1
|
Apply the hotfix, available for versions V14.1, V15.0, V15.1, V15.1.2, V16.0, V16.0.1, V16.0.2, V16.1, V16.1.1, V16.1.2
https://support.sw.siemens.com/en-US/knowledge-base/PL8602057
See further recommendations from section Workarounds and Mitigations
|
Valor Parts Library - VPL Direct:
V6.0, V6.1
|
Vulnerabilities fixed on remote VPL server; no user actions necessary
See further recommendations from section Workarounds and Mitigations
|
Valor Parts Library - VPL Server or Service:
V6.0, V6.1
|
Remove the JndiLookup class from the classpath.
Find detailed remediation and mitigation information at: https://support.sw.siemens.com/knowledge-base/MG618362
See further recommendations from section Workarounds and Mitigations
|
VeSys V2019.1:
All versions >= 2019.1 SP1912 only if Teamcenter integration feature is used
|
Currently no fix is planned
Find detailed mitigation steps at: https://support.sw.siemens.com/en-US/knowledge-base/MG618363
See further recommendations from section Workarounds and Mitigations
|
VeSys V2020.1:
All versions < V2020.1 SP2202 only if Teamcenter integration feature is used
|
Update to V2020.1 SP2202 or later version
https://support.sw.siemens.com/en-US/product/852852123/downloads
Find detailed mitigation steps at: https://support.sw.siemens.com/en-US/knowledge-base/MG618363
See further recommendations from section Workarounds and Mitigations
|
VeSys V2021.1:
All versions < V2021.1 SP2202 only if Teamcenter integration feature is used
|
Update to V2021.1 SP2202 or later version
https://support.sw.siemens.com/en-US/product/852852123/downloads
Find detailed mitigation steps at: https://support.sw.siemens.com/en-US/knowledge-base/MG618363
See further recommendations from section Workarounds and Mitigations
|
Xpedition Enterprise (XCR) VX.2.10:
All versions < VX.2.10 Update 4
|
Update to VX.2.10 Update 4 or later version
https://support.sw.siemens.com/en-US/product/1644094854/download/202201034
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition Enterprise VX.2.6:
All versions
|
Apply the hotfix
https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition Enterprise VX.2.7:
All versions < VX.2.7 Update 19
|
Update to VX.2.7 Update 19 or later version
https://support.sw.siemens.com/en-US/product/852852130/download/202201039
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition Enterprise VX.2.8:
All versions < VX.2.8 Update 13
|
Update to VX.2.8 Update 13 or later version
https://support.sw.siemens.com/en-US/product/852852130/download/202201037
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition Enterprise VX.2.10:
All versions < VX.2.10 Update 4
|
Update to VX.2.10 Update 4 or later version
https://support.sw.siemens.com/en-US/product/852852130/download/202201033
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition IC Packaging (XCR) VX.2.10:
All versions < VX.2.10 Update 4
|
Update to VX.2.10 Update 4 or later version
https://support.sw.siemens.com/en-US/product/1644094857/download/202201036
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition IC Packaging VX.2.6:
All versions
|
Apply the hotfix
https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition IC Packaging VX.2.7:
All versions < VX.2.7 Update 19
|
Update to VX.2.7 Update 19 or later version
https://support.sw.siemens.com/en-US/product/1091814625/download/202201040
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition IC Packaging VX.2.8:
All versions < VX.2.8 Update 13
|
Update to VX.2.8 Update 13 or later version
https://support.sw.siemens.com/en-US/product/1091814625/download/202201038
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|
Xpedition IC Packaging VX.2.10:
All versions < VX.2.10 Update 4
|
Update to VX.2.10 Update 4 or later version
https://support.sw.siemens.com/en-US/product/1091814625/download/202201035
Additional information is available at https://support.sw.siemens.com/en-US/product/1644094854/knowledge-base/MG618343
See further recommendations from section Workarounds and Mitigations
|