Bulletins

Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user’s session even after logout. Siemens has released new versions for several affected products and recommends to update to …

SIMATIC S7-1200 CPU family before V4.7 is affected by two denial of service vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.

Note: The CVEs in this advisory are unrelated to vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivanti’s Connect Secure, Policy Secure and ZTA Gateways. For more information on mitigating CVE -2025-0282 and CVE-2025-0283, see Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways. Summary The Cybersecurity and Infrastructure Security …

BOSCH-SA-904062-BT: An unquoted service path enumeration vulnerability on SMCWatchDog agent has been found affecting the DIVAR IP all-in-one 7000 (DIP-72xx) devices. This vulnerability can allow a local attacker to gain elevated privileges.

Several camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions. Siemens has released an update of the Device Pack and recommends to …

SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities. Siemens has released a new version for SCALANCE W-700 IEEE 802.11ax family and recommends to update to the latest version. Siemens recommends countermeasures for vulnerabilities where fixes are not, or not yet available.

Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the …