Security
Headlines
HeadlinesLatestCVEs

Source

us-cert

Siemens Desigo PXC and DXR Devices

This advisory contains mitigations for an Uncaught Exception vulnerability in the Siemens Desigo DXR and PXC controllers.

us-cert
Open in Source
#vulnerability
Siemens SIMATIC CP 44x-1 RNA

This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability in the Siemens SIMATIC CP 44x-1 RNA.

Siemens Industrial Products

This advisory contains mitigations for an Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the OPC Foundation Local Discovery Server in multiple Siemens industrial products.

Siemens Industrial Devices using libcurl

This advisory contains mitigations for a Use After Free vulnerability in Siemens Industrial Devices using libcurl.

Siemens Simcenter Femap

This advisory contains mitigations for an Out-of-bounds Write vulnerability in the Siemens Simcenter Femap advanced simulation application.

Siemens OpenV2G

This advisory contains mitigations for a Classic Buffer Overflow vulnerability in the open-source implementation of the ISO/IEC vehicle-to-grid communication interface (V2G CI) standard.

Siemens Teamcenter

This advisory contains mitigations for Stack-based Buffer Overflow, and Improper Restriction of XML External Entity Reference vulnerabilities in the Siemens Teamcenter product lifecycle management software.

Siemens OpenSSL Vulnerabilities in Industrial Products (Update A)

This updated advisory is a follow-up to the original advisory titled ICSA-22-104-05 Siemens OpenSSL Vulnerabilities in Industrial Products that was published April 14, 2022, on the ICS webpage at cisa.gov/ics. This advisory contains mitigations for a NULL Pointer Dereference vulnerability in the Siemens OpenSSL.

Mitsubishi Electric GT25-WLAN (Update A)

This updated advisory is a follow-up to the original advisory titled ICSA-22-102-04 Mitsubishi Electric GT25-WLAN that was published April 12, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Improper Removal of Sensitive Information Before Storage or Transfer, Inadequate Encryption Strength, Missing Authentication for Critical Function, Injection, and Improper Input Validation vulnerabilities in Mitsubishi Electric GT25-WLAN wireless communication units.

Siemens SIMATIC WinCC and PCS (Update B)

This updated advisory is a follow-up to the advisory update titled ICSA-22-041-02 Siemens SIMATIC WinCC and PCS (Update A) that was published April 14, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Siemens SIMATIC WinCC and PCS industrial automation products.