SIEMENS CERT
05/13/2025
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
SIEMENS CERT
05/13/2025
Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or …
SIEMENS CERT
05/13/2025
INTRALOG WMS before V5 is affected by multiple vulnerabilities in the Microsoft .NET implementation as described below. Siemens has released a new version for INTRALOG WMS and recommends to update to the latest version. Please approach your INTRALOG WMS contact to resolve the reported vulnerabilities for your solution. When contacting …
SIEMENS CERT
05/13/2025
MS/TP Point Pickup Module devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device’s normal operation. Siemens recommends countermeasures for products where …
SIEMENS CERT
05/13/2025
Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link. Siemens …
SIEMENS CERT
05/13/2025
BACnet ATEC devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device’s normal operation. Siemens recommends countermeasures for products where fixes are …
SIEMENS CERT
05/13/2025
Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user’s session even after logout. Siemens has released new versions for the affected products and recommends to update to …
SIEMENS CERT
05/13/2025
A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system. Siemens has released new versions for several affected products and recommends to …