all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SSA-558014 V1.0: Third-Party Component Vulnerabilities in SCALANCE XCM332 before V2.2

Add to bookmarks
April 11, 2023, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

Multiple vulnerabilities in the third-party components cURL, BusyBox, libtirpc, Expat as well as in the Linux Kernel could allow an attacker to impact the SCALANCE XCM332 device’s confidentiality, integrity and availability.


Siemens has released an update for the SCALANCE XCM332 and recommends to update to the latest version.

availability busybox component vulnerabilities confidentiality curl device expat impact integrity kernel latest linux linux kernel party siemens ssa third third-party update version vulnerabilities

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-923361 V1.0: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0011 2 weeks, 5 days ago | cert-portal.siemens.com
application arbitrary code arbitrary code execution code +9
SSA-871704 V1.0: Multiple Vulnerabilities in SICAM Products 2 weeks, 5 days ago | cert-portal.siemens.com
code code execution device escalation +14
SSA-925850 V1.0: Improper Access Control in Polarion ALM 2 weeks, 5 days ago | cert-portal.siemens.com
access access control access controls apache +11
SSA-976324 V1.0: Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component before V27.1.215 2 weeks, 5 days ago | cert-portal.siemens.com
application crash file files +6
SSA-953710 V1.0: Vulnerabilities in the Network Communication Stack in Desigo Fire Safety UL and Cerberus … 2 weeks, 5 days ago | cert-portal.siemens.com
access attacker buffer buffer overflow +17
SSA-916916 V1.0: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5 2 weeks, 5 days ago | cert-portal.siemens.com
application arbitrary files attacker attacks +18
SSA-935500 V1.1 (Last Update: 2024-05-14): Denial of Service Vulnerability in FTP Server of Nucleus RTOS … 2 weeks, 5 days ago | cert-portal.siemens.com
countermeasures fix fixes latest +6
SSA-962515 V1.0: Out of Bounds Read Vulnerability in Industrial Products 2 weeks, 5 days ago | cert-portal.siemens.com
attacker blue bsod crash +13
SSA-661579 V1.0: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go 2 weeks, 5 days ago | cert-portal.siemens.com
application crash file files +7

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com