Home / Posts with tag "Siemens"


Much ado about the certificate: what one should know about Siemens SCALANCE X switch configuration to avoid MitM

02 February 2021

Siemens has released a security alert which describes some cases of SCALANCE X-200/X-200IRT/X-300 switches using hardcoded encryption keys, making them prone to man-in-the-middle attacks
A classic that needs updating: fresh vulnerabilities in the software of Siemens SCALANCE X switches

26 January 2021

DoS vulnerabilities have been disclosed in the integrated web server of Siemens SCALANCE X-200 / X-200IRT / X-300 switches. Measures proposed by the vendor do not prevent all possible attacks.
Dozens of Siemens industrial devices are affected by DoS vulnerabilities

17 April 2020

Siemens industrial solutions are affected by SegmentSmack and FragmentSmack vulnerabilities, which could lead to device denial of service
Multiple vulnerabilities in SPPA-T3000 components

18 December 2019

Vulnerabilities have been identified in SPPA-T3000 Application Server and MS3000 Migration Server. Some of the faults are critical and could allow attackers to execute arbitrary code on the server
Multiple vulnerabilities in Siemens products

17 December 2019

Vulnerable solutions include SiNVR 3, XHQ Operations Intelligence, RUGGEDCOM ROS, and Siemens EN100
Dangerous vulnerabilities in Siemens TIA Administrator, SIMATIC WinCC and PCS7

16 July 2019

Vulnerabilities can lead to a denial-of-service condition and command execution without proper authentication
Critical vulnerabilities identified by Kaspersky Lab have been corrected in Siemens SIMATIC WinCC and SIMATIC PCS 7

20 May 2019

Multiple vulnerabilities could lead to arbitrary code and command execution on a target system and a denial-of-service condition
Critical vulnerabilities in Siemens SINUMERIK controllers

14 December 2018

Exploitation of vulnerabilities in Siemens SINUMERIK controllers cold allow remote code execution, privilege escalation and device denial-of-service conditions
Web vulnerabilities in Siemens SIMATIC operator panels

16 November 2018

The most serious of the vulnerabilities could allow arbitrary files to be downloaded from the device
Vulnerabilities in Siemens industrial products

16 November 2018

The most dangerous of the vulnerabilities affect the SIMATIC S7-400 CPU family and the SIMATIC IT Production Suite software package. The vulnerabilities have been fixed for most of the affected products