The official site for Saudi CERT
Siemens Alert
2603
Warning Date
Severity Level
Warning Number
Target Sector
11 May, 2022
● High
2022-4806
All
Siemens has released security alerts to address several vulnerabilities in the following products:
- Simcenter Femap
- SICAM P850
- SIMATIC NET PC Software
- SITOP Manager
- TeleControl Server
- SIMATIC Process Historian OPC UA Server
- SIMATIC PCS 7
- SIMATIC WinCC Runtime Professiona
- SIMATIC WinCC
- SIMATIC CP 442-1 RNA (6GK7442-1RX00- 0XE0)
- SIMATIC CP 443-1 RNA (6GK7443-1RX00- 0XE0):
- JT2Go
- Teamcenter Visualization
- Desigo DXR2
- Desigo PXC3
- Desigo PXC4
- Desigo PXC5
- LOGO! CMR family
- RUGGEDCOM RM1224 LTE(4G) EU (6GK6108- 4AM00-2BA2)
- RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
- SCALANCE M804PB (6GK5804-0AP00-2AA2)
- SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)
- OpenV2G
- Teamcenter
Attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code remotely
- Denial of service attack (DoS)
- Information disclosure
- Cross-site scripting (XSS)
The CERT team encourages users to review the following links:
- https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-480937.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-736385.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf
Rate the content
Share the page
