all InfoSec news
SSA-772220 V2.2 (Last Update: 2023-03-14): OpenSSL Vulnerabilities in Industrial Products
Siemens ProductCERT Security Advisories cert-portal.siemens.com
OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent.
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products where updates are not, or not yet available.
[0] https://www.openssl.org/news/secadv/20210325.txt
1.1.1 advisory attacker dos industrial latest message openssl openssl vulnerabilities products security security advisory service siemens ssa unauthenticated update updates vulnerabilities vulnerability