Today, CISA’s NCCIC-ICS published 12 control system security advisories for products from Siemens.
Advisory
RUGGEDCOM Advisory #1
- This advisory
describes an incorrect provision of specific functionality vulnerability in the
Siemens RUGGEDCOM products.
RUGGEDCOM Advisory #2
- This advisory
describes an allocation of resources without limits or throttling vulnerability
in the Siemens RUGGEDCOM products.
RUGGEDCOM Advisory #3
- This advisory
discusses five vulnerabilities in the Siemens RUGGEDCOM CROSSBOW product.
Solid Edge Advisory
#1 - This advisory
describes nine vulnerabilities in the Siemens Solid Edge products. The
vulnerabilities were self-reported.
Solid Edge Advisory
#2 - This advisory
describes three vulnerabilities in the Siemens Solid Edge, JT2Go, and
Teamcenter Visualization products.
SICAM Advisory - This
advisory
describes two vulnerabilities in the Siemens SICAM TOOLBOX II. The vulnerabilities
are self-reported.
OpenSSL Advisory -
This advisory
discusses an inadequate encryption strength vulnerability in the Siemens SIMATIC,
SIPLUS products.
SIMATIC Advisory -
This advisory
discusses an improper input validation vulnerability in the Siemens SIMATIC,
SIPLUS.
Parasolid Advisory #1
- This advisory
discusses nine vulnerabilities in the Siemens Parasolid and Teamcenter
Visualization products.
Parasolid Advisory #2
- This advisory
discusses an incorrect permission assignment for critical resource vulnerability
in the Siemens Parasolid installer.
Software Center
Advisory - This advisory
discusses two vulnerabilities in the Siemens Software Center.
JT Open Advisory -
This advisory
describes two vulnerabilities in the Siemens JT Open, JT Utilities, and
Parasolid products.
For more details about the these advisories, including links
to 3rd party vulnerabilities, researcher reports, and exploits, see
my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/12-advisories-published-8-10-23
- subscription required.
Posts
No comments:
Post a Comment