SSA-566773 (Last Update: 2018-06-12): Vulnerabilities in Building Technologies Products

Published

2018-06-12 00:00:00

Summary

The License Management System (LMS), which is used by multiple Siemens' building automation products, includes a vulnerable version of Gemalto Sentinel LDK RTE. Gemalto Sentinel LDK RTE is affected by two vulnerabilities that could allow denial-of-service and a cross-site-scripting vulnerability.

Siemens recommends updating the affected dongle driver.