Guidance

Read more about the article Siemens Solid Edge

Siemens Solid Edge

  • Post author:
  • Post category:

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Read, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following

Continue ReadingSiemens Solid Edge
Read more about the article Siemens RUGGEDCOM APE1808

Siemens RUGGEDCOM APE1808

  • Post author:
  • Post category:

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Vulnerabilities: Insufficiently Protected Credentials, Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privilege, gain unauthorized access, or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens

Continue ReadingSiemens RUGGEDCOM APE1808
Read more about the article Siemens PS/IGES Parasolid Translator Component

Siemens PS/IGES Parasolid Translator Component

  • Post author:
  • Post category:

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low Attack Complexity

Continue ReadingSiemens PS/IGES Parasolid Translator Component
Read more about the article Siemens SIMATIC RTLS Locating Manager

Siemens SIMATIC RTLS Locating Manager

  • Post author:
  • Post category:

1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC RTLS Locating Manager Vulnerabilities: Improper Input Validation, Improper Check for Unusual or Exceptional Conditions, Uncontrolled Resource Consumption, Excessive Iteration, Allocation of Resources Without Limits or Throttling, Heap-based Buffer Overflow, External Control of File Name or Path, Missing Encryption of Sensitive

Continue ReadingSiemens SIMATIC RTLS Locating Manager
Read more about the article Siemens SIMATIC CN 4100 Before V3.0

Siemens SIMATIC CN 4100 Before V3.0

  • Post author:
  • Post category:

1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CN 4100 Vulnerabilities: Use of Hard-coded Credentials, Use of Hard-coded Password, Missing Immutable Root of Trust in Hardware 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to compromise the device, gain root access of the device

Continue ReadingSiemens SIMATIC CN 4100 Before V3.0