Firma Siemens informuje o nowych podatnościach w swoich produktach-09-11-22

utworzone przez | lis 10, 2022 | ICS

8 listopada 2022 firma Siemens opublikowała zalecenia dotyczące bezpieczeństwa dotyczące luk w następujących produktach:

IDCVSSOpis
SSA-8530377.8File Parsing Vulnerabilities in Parasolid
SSA-7879415.3Denial of Service Vulnerability in RUGGEDCOM ROS V4
SSA-7644176.7Weak Encryption Vulnerability in RUGGEDCOM ROS Devices
SSA-6386527.4Authentication Bypass Vulnerability in Mendix SAML Module
SSA-6202888.2Multiple Vulnerabilities (NUCLEUS:13) in CAPITAL VSTAR
SSA-5875477.6Unencrypted Storage of User Credentials in QMS Automotive
SSA-5702949.9Multiple Vulnerabilities in SICAM Q100 Before V2.50
SSA-5684289.3Weak Key Protection Vulnerability in SINUMERIK ONE and SINUMERIK MC
SSA-5527028.8Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products
SSA-5065699.8Multiple Vulnerabilities in SCALANCE W1750D
SSA-5018919.6Cross-Site Scripting Vulnerability in SCALANCE X-200 and X-200IRT Families
SSA-4789606.5Missing CSRF Protection in the Web Server Login Page of Industrial Controllers
SSA-4596435.3Denial of Service Vulnerability in RUGGEDCOM ROS before V5.6.0
SSA-4003329.0Insufficient Design IP Protection in IEEE 1735 Recommended Practice – Impact to Questa and ModelSim
SSA-3717616.6Arbitrary Code Execution Vulnerability in the Logback Component of SINEC NMS before V1.0.3
SSA-3621646.5Predictable Initial Sequence Numbers in the TCP/IP Stack of Nucleus RTOS
SSA-1203787.8Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go