SSA-413565 V1.1 (Last Update: 2023-03-14): Multiple Vulnerabilities in SCALANCE Products | allinfosecnews.com

March 14, 2023, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

Multiple SCALANCE devices are affected by several vulnerabilities that could allow an attacker to inject code, retrieve data as debug information as well as user CLI passwords or set the CLI to an irresponsive state.

Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates are not, or not yet available.

attacker cli code data debug devices information inject latest passwords products siemens ssa state update updates vulnerabilities

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-750274 V1.0: Impact of CVE-2024-3400 on RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual … 2 weeks, 5 days ago | cert-portal.siemens.com

addresses advisory alto countermeasures +22

SSA-222019 V1.0: X_T File Parsing Vulnerabilities in Parasolid 4 weeks, 1 day ago | cert-portal.siemens.com

application applications attacker code +12

SSA-885980 V1.0: Multiple Vulnerabilities in Scalance W1750D 4 weeks, 1 day ago | cert-portal.siemens.com

attacker buffer buffer overflow code +16

SSA-822518 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 … 4 weeks, 1 day ago | cert-portal.siemens.com

advisory alto countermeasures customers +18

SSA-455250 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices 4 weeks, 1 day ago | cert-portal.siemens.com

advisory alto countermeasures customers +18

SSA-265688 V1.0: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 4 weeks, 1 day ago | cert-portal.siemens.com

countermeasures fix fixes gnu +7

SSA-730482 V1.0: Denial of Service Vulnerability in SIMATIC WinCC 4 weeks, 1 day ago | cert-portal.siemens.com

attacker box denial of service dialog +14

SSA-556635 V1.0: Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0 4 weeks, 1 day ago | cert-portal.siemens.com

1.2.0 basic fixes server +4

SSA-128433 V1.0: Multiple Vulnerabilities in SINEC NMS before V2.0 SP2 4 weeks, 1 day ago | cert-portal.siemens.com

latest nms siemens sinec +4

Senior PAM Security Engineer

@ Experian | Hyderabad, India

View on infosec-jobs.com

Cybersecurity Analyst II

@ Spry Methods | Washington, DC (Hybrid)

View on infosec-jobs.com

Cyber Security Engineer

@ Expleo | Gothenburg, AC, Sweden

View on infosec-jobs.com

Cybersecurity – Information System Security Manager (ISSM)

@ Boeing | USA - Albuquerque, NM

View on infosec-jobs.com

Senior Security Engineer - Canada

@ DataVisor | Ontario, Canada - Remote

View on infosec-jobs.com

Cybersecurity Architect

@ HARMAN International | JP Tokyo 3-5-7 Ariake Koto-ku

View on infosec-jobs.com