Firma Siemens informuje o nowych podatnościach w swoich produktach-09-08-22

utworzone przez | sie 9, 2022 | ICS

W dniu 9 sierpnia 2022 r. firma Siemens opublikowała zalecenia dotyczące bezpieczeństwa dotyczące luk w zabezpieczeniach wielu produktów. Uwzględniono aktualizacje krytyczne.

Numer IDCVSS  Produkt/Opis
SA-9414269.8Multiple LLDP Vulnerabilities in Industrial Products
SSA-9141686.3Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products
SSA-8413486.7Multiple Vulnerabilities in the UMC Component
SSA-8408008.0Code Injection Vulnerability in RUGGEDCOM ROS
SSA-8297387.8Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go
SSA-7891627.8Vulnerabilities in Teamcenter
SSA-7722205.9OpenSSL Vulnerabilities in Industrial Products
SSA-7644176.7Weak Encryption Vulnerability in RUGGEDCOM ROS Devices
SSA-7599527.6Command Injection and Denial of Service Vulnerability in Teamcenter
SSA-7322508.1Libcurl Vulnerabilities in Industrial Devices
SSA-7129297.5Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products
SSA-7100089.1Multiple Web Vulnerabilities in SCALANCE Products
SSA-6697379.9Improper Access Control Vulnerability in SICAM TOOLBOX II
SSA-66124710Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) – Impact to Siemens Products
SSA-6610347.3Incorrect Permission Assignment in Multiple SIMATIC Software Products
SSA-6295127.8Local Privilege Escalation Vulnerability in TIA Portal
SSA-5920075.3Denial-of-Service Vulnerability in Industrial Products
SSA-5806937.1WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products
SSA-58012510Multiple Vulnerabilities in SIMATIC eaSie
SSA-5575417.5Denial-of-Service Vulnerability in SIMATIC S7-400 CPUs
SSA-5557075.3Information Disclosure Vulnerability in Simcenter STAR-CCM+
SSA-5394767.5Siemens SIMATIC NET CP, SINEMA and SCALANCE Products Affected by Vulnerabilities in Third-Party Component strongSwan
SSA-51737710Multiple Vulnerabilities in the SRCS VPN Feature in SIMATIC CP Devices
SSA-4928285.9Denial-of-Service Vulnerability in SIMATIC S7-300 CPUs and SINUMERIK Controller
SSA-4802307.5Denial of Service Vulnerability in Webserver of Industrial Products
SSA-4732457.5Denial-of-Service Vulnerability in Profinet Devices
SSA-4464485.3Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
SSB-439005Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
SSA-4316785.3Denial-of-Service Vulnerability in SIMATIC S7 CPU Families
SSA-4292047.8Open Design Alliance Drawings SDK Vulnerabilities in JT2Go and Teamcenter Visualization
SA-3249557.4SAD DNS Attack in Linux Based Products
SSA-3212927.5Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products
SSA-3095717.5IPU 2021.1 Vulnerabilities in Siemens Industrial Products using Intel CPUs (June 2021)
SSA-3073927.5Denial of Service in OPC UA in Industrial Products
SSA-3066548.4Insyde BIOS Vulnerabilities in Siemens Industrial Products
SSA-2857956.5Denial of Service in OPC-UA in Industrial Products
SSA-2449697.4OpenSSL Vulnerability in Industrial Products
SSA-2433177.8File Parsing Vulnerability in Simcenter Femap and Parasolid
SSA-2324185.3Vulnerabilities in SIMATIC S7-1200 and SIMATIC S7-1500 CPU Families
SSA-2205899.9Hard Coded Default Credential Vulnerability in Teamcenter
SSA-1856384.3Authentication Bypass Vulnerability in SICAM A8000 Web Server Module
SSA-1131318.2Denial of Service Vulnerabilities in SIMATIC S7-400 CPUs