Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Siemens Updates

41

Warning Date: 9 June, 2021

Severity Level ● High

Warning Number: 2021-3025

Target Sector: All

Description:

Siemens has released a security update to address a vulnerability in the following products:

  • Simcenter Femap 2020.2
    • All versions < V2020.2.MP3
  • Simcenter Femap 2021.1
    • All versions < V2021.2.MP3
  • SIMATIC TIM 1531 IRC (incl. SIPLUS NET variants)
    • All versions < V2.2
  • Solid Edge SE2020
    • All Versions < 2020MP14
  • Solid Edge SE2021
    • All Versions < SE2021MP5
  • SIMATIC NET CP 443-1 OPC UA
    • All versions
  • TIM 1531 IRC (incl. SIPLUS NET variants)
    • All versions < V2.2
  • Mendix SAML Module
    • All versions < V2.1.2
  • JT2Go
    • All versions < V13.1.0.3
  • Teamcenter Visualization
    • All versions < V13.1.0.3
  • SIMATIC RF166C
    • All versions > V1.1 and < V1.3.2
  • SIMATIC RF185C
    • All versions > V1.1 and < V1.3.2
  • SIMATIC RF186C
    • All versions > V1.1 and < V1.3.2
  • SIMATIC RF186CI
    • All versions > V1.1 and < V1.3.2
  • SIMATIC RF188C
    • All versions > V1.1 and < V1.3.2
  • SIMATIC RF188CI
    • All versions > V1.1 and < V1.3.2
  • SIMATIC RF360R
    • All versions
  • SIMATIC RF615R
    • All versions > V3.0
  • SIMATIC RF680R
    • All versions > V3.0
  • SIMATIC RF685R
    • All versions > V3.0

Threats:

Attacker could exploit this vulnerability by doing the following:

  • Elevate privileges OR Escalation of privilege
  • Execute arbitrary code
  • Bypass of a protection mechanism
  • Sensitive information disclosure
  • Buffer overflow
  • Denial of service attack (DoS)

Best practice and Recommendations:

The CERT team encourages users to review Siemens security advisory and apply the necessary updates:

Last updated at 9 June, 2021