Yesterday Siemens published two control system security advisories and five updates just nine days after their regular 2nd Tuesday publication of advisories and updates.
Siemens Advisory #1 - Siemens published an
advisory discussing the Wibu Systems CodeMeter
vulnerabilities in their Energy Products.
Siemens Advisory #2 - Siemens published an
advisory describing two vulnerabilities in their Simcenter Femap advanced
simulation application.
Siemens Update #1 - Siemens published an update
for their OpenSSL advisory that was originally
reported on July 13th, 2021 and most
recently updated on February 8th, 2022.
Siemens Update #2 - Siemens published an update
for their SPPA-T3000 advisory that was originally
published on December 17th, 2019 and most
recently updated on March 10th, 2020.
NOTE: NCCIC-ICS did not update their advisory (ICSA-19-351-02)
for these changes.
Siemens Update #3 - Siemens published an update
for their Wibu Systems CodeMeter Advisory that was originally
published in 2018 and most
recently updated on March 13th, 2021
NOTE: NCCIC-ICS did not update their advisory (ICSA-20-203-01)
for these changes.
Siemens Update #4 - Siemens published an update
for their Ripple20 advisory
that was originally
published on July 14th, 2020.
Siemens Update #5 - Siemens published an update
for their OpenSSL in Industrial Products advisory that was originally
published on December 10th, 2019 and most
recently updated on February 8th, 2022.
NOTE: NCCIC-ICS did not update their advisory (ICSA-19-099-06)
for these changes.
For more details about these advisories and updates, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/siemens-publishes-out-of-zone-advisories
- subscription required.
Posts
No comments:
Post a Comment