CERT-In Advisory
CIAD-2024-0041
Multiple Vulnerabilities in Siemens Products
Original Issue Date: August 28, 2024
Severity Rating: High
Software Affected
- Siemens SCALANCE M-800 family Versions prior to V8.1
- Siemens NX All versions prior to V2406.3000
- Siemens INTRALOG WMS All versions prior to V4
- Siemens COMOS All versions prior to V10.5
- Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) All versions prior to V2.0
- Siemens Location Intelligence family All versions prior to V4.4
- Siemens SINEC NMS All versions prior to V3.0
- Siemens JT2Go All versions prior to V2312.0005
- Siemens Teamcenter Visualization V14.2 All versions prior to V14.2.0.12
- Siemens LOGO! versions prior to V8.3 BM (incl. SIPLUS variants)
Overview
Multiple vulnerabilities have been reported in Siemens Products which could allow an attacker to execute arbitrary code, escalate privileges, bypass security controls, disclose sensitive information or perform denial of service (DoS) condition on the targeted system.
Description
Multiple vulnerabilities have been reported in various Siemens products; details of which are provided below:
Solution
Apply appropriate fixes as mentioned in Siemens Security Advisory:
Vendor Information
Siemens
https://cert-portal.siemens.com/productcert/html/ssa-921449.html
https://cert-portal.siemens.com/productcert/html/ssa-856475.html
https://cert-portal.siemens.com/productcert/html/ssa-784301.html
https://cert-portal.siemens.com/productcert/html/ssa-720392.html
https://cert-portal.siemens.com/productcert/html/ssa-716317.html
https://cert-portal.siemens.com/productcert/html/ssa-659443.html
https://cert-portal.siemens.com/productcert/html/ssa-417547.html
https://cert-portal.siemens.com/productcert/html/ssa-357412.html
https://cert-portal.siemens.com/productcert/html/ssa-087301.html
References
Siemens
https://cert-portal.siemens.com/productcert/html/ssa-856475.html
https://cert-portal.siemens.com/productcert/html/ssa-784301.html
https://cert-portal.siemens.com/productcert/html/ssa-720392.html
https://cert-portal.siemens.com/productcert/html/ssa-716317.html
https://cert-portal.siemens.com/productcert/html/ssa-659443.html
https://cert-portal.siemens.com/productcert/html/ssa-921449.html
https://cert-portal.siemens.com/productcert/html/ssa-417547.html
https://cert-portal.siemens.com/productcert/html/ssa-357412.html
https://cert-portal.siemens.com/productcert/html/ssa-087301.html
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi - 110 003 India
|