Siemens Updates
2166Warning Date
Severity Level
Warning Number
Target Sector
9 June, 2021
● High
2021-3025
All
Description:
Siemens has released a security update to address a vulnerability in the following products:
- Simcenter Femap 2020.2
- All versions < V2020.2.MP3
- Simcenter Femap 2021.1
- All versions < V2021.2.MP3
- SIMATIC TIM 1531 IRC (incl. SIPLUS NET variants)
- All versions < V2.2
- Solid Edge SE2020
- All Versions < 2020MP14
- Solid Edge SE2021
- All Versions < SE2021MP5
- SIMATIC NET CP 443-1 OPC UA
- All versions
- TIM 1531 IRC (incl. SIPLUS NET variants)
- All versions < V2.2
- Mendix SAML Module
- All versions < V2.1.2
- JT2Go
- All versions < V13.1.0.3
- Teamcenter Visualization
- All versions < V13.1.0.3
- SIMATIC RF166C
- All versions > V1.1 and < V1.3.2
- SIMATIC RF185C
- All versions > V1.1 and < V1.3.2
- SIMATIC RF186C
- All versions > V1.1 and < V1.3.2
- SIMATIC RF186CI
- All versions > V1.1 and < V1.3.2
- SIMATIC RF188C
- All versions > V1.1 and < V1.3.2
- SIMATIC RF188CI
- All versions > V1.1 and < V1.3.2
- SIMATIC RF360R
- All versions
- SIMATIC RF615R
- All versions > V3.0
- SIMATIC RF680R
- All versions > V3.0
- SIMATIC RF685R
- All versions > V3.0
Threats:
Attacker could exploit this vulnerability by doing the following:
- Elevate privileges OR Escalation of privilege
- Execute arbitrary code
- Bypass of a protection mechanism
- Sensitive information disclosure
- Buffer overflow
- Denial of service attack (DoS)
Best practice and Recommendations:
The CERT team encourages users to review Siemens security advisory and apply the necessary updates:
- https://cert-portal.siemens.com/productcert/pdf/ssa-133038.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-208356.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-522654.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-645530.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf