Firma Siemens informuje o nowych podatnościach w swoich produktach-10-05-22

utworzone przez | maj 11, 2022 | ICS

10 maja 2022 firma Siemens opublikowała poradniki bezpieczeństwa dotyczące luk w następujących produktach:

IDScoreOpis
SSA-1626167.8File Parsing Vulnerabilities in Simcenter Femap before V2022.2
SSA-1650739.8Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices
SSA-2857956.5Denial of Service in OPC-UA in Industrial Products
SSA-3212927.5Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products
SSA-3631077.8An Improper Initialization Vulnerability Affects SIMATIC WinCC Kiosk Mode
SSA-4809377.4Denial of Service Vulnerability in CP 44x-1 RNA before V1.5.18
SSA-5530867.8Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization
SSA-6269689.0Multiple Webserver Vulnerabilities in Desigo PXC and DXR Devices
SSA-6626497.5Denial of Service Vulnerability in Desigo DXR and PXC Controllers
SSA-7322508.1Libcurl Vulnerabilities in Industrial Devices
SSA-7363856.2Memory Corruption Vulnerability in OpenV2G
SSA-7891627.8Vulnerabilities in Teamcenter
SSA-1022337.5SegmentSmack in VxWorks-based Industrial Devices
SSA-1145899.8Multiple Vulnerabilities in Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products
SSA-1625067.1DHCP Client Vulnerability in SIMOTICS CONNECT 400, Desigo PXC/PXM, APOGEE MEC/MBC/PXC, APOGEE PXC Series, and TALON TC Series
SSA-2449697.4OpenSSL Vulnerability in Industrial Products
SSB-439005n/aVulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
SSA-4620667.5Vulnerability known as TCP SACK PANIC in Industrial Products
SSA-5604659.8DHCP Client Vulnerability in VxWorks-based Industrial Products
SSA-6295127.8Local Privilege Escalation Vulnerability in TIA Portal
SSA-66124710Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) – Impact to Siemens Products
SSA-6789837.8Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020)
SSA-7566387.5Vulnerabilities in Third-Party Component Mbed TLS of LOGO! CMR Family and SIMATIC RTU 3000 Family
SSA-7722205.9OpenSSL Vulnerabilities in Industrial Products
SSA-7872927.5Denial of Service Vulnerability in SIMATIC RFID Readers
SSA-8401889.9Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products
SSA-9141686.3Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products