Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

● High

Zoom Update

● Critical

Security issues in the Mail App on iPhone and iPad

● Critical

Cisco’s Webex Phishing Campaigns

● Critical

Microsoft Updates

● High

Apple Updates

● Critical

Siemens Updates

89

Warning Date: 13 January, 2021

Severity Level ● Critical

Warning Number: 2021-2314

Target Sector: Manufacturing - Other

Description:

Siemens has released security updates to address multiple vulnerabilities in the following products:

  • SCALANCE X-200 switch family (incl. SIPLUS NET variants)
    • All versions
  • SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
    • All versions
  • SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)
    • All versions < V4.1.0
  • JT2Go
    • All Versions <= V13.1.0
  • Teamcenter Visualization
    • All Versions <= V13.1.0
  • Solid Edge
    • All Versions < SE2021MP2

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Denial of service (DoS)
  • Sensitive information disclosure - remotely
  • Buffer overflow
  • Arbitrary code execution

Best practice and Recommendations:

The CERT team encourages users to review Siemens security advisory and apply the necessary updates:

Last updated at 13 January, 2021