The official site for Saudi CERT
Siemens Updates
3257
Warning Date
Severity Level
Warning Number
Target Sector
10 November, 2021
● Critical
2021-3833
All
Description:
Siemens has released security updates to address several vulnerabilities in the following products:
- APOGEE MBC (PPC) (BACnet)
- APOGEE MBC (PPC) (P2 Ethernet)
- APOGEE MEC (PPC) (BACnet)
- APOGEE MEC (PPC) (P2 Ethernet)
- APOGEE PXC Compact (BACnet)
- APOGEE PXC Compact (P2 Ethernet)
- APOGEE PXC Modular (BACnet)
- APOGEE PXC Modular (P2 Ethernet)
- Capital VSTAR
- Climatix POL909 (AWM module)
- Mendix Applications using Mendix 7
- Mendix Applications using Mendix 8
- Mendix Applications using Mendix 9
- Nucleus NET
- Nucleus ReadyStart V3
- Nucleus ReadyStart V4
- Nucleus Source Code
- NX 1953 Series
- NX 1980 Series
- PSS(R)CAPE
- PSS(R)E V34
- PSS(R)E V35
- PSS(R)ODMS V12
- SCALANCE W1750D
- SENTRON powermanager V3
- SICAM 230
- SIMATIC Information Server
- SIMATIC PCS 7 V8.2 and earlier
- SIMATIC PCS 7 V9.0
- SIMATIC PCS 7 V9.1
- SIMATIC PCS neo
- SIMATIC Process Historian (incl. Process Historian OPC UA Server)
- SIMATIC RTLS Locating Manager
- SIMATIC WinCC OA V3.17
- SIMATIC WinCC OA V3.18
- SIMATIC WinCC V15 and earlier
- SIMATIC WinCC V16
- SIMATIC WinCC V17
- SIMATIC WinCC V7.4 and earlier
- SIMATIC WinCC V7.5
- SIMIT Simulation Platform
- Siveillance Video DLNA Server
- TALON TC Compact (BACnet)
- TALON TC Modular (BACnet)
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Arbitrary File Deletion
- Execute arbitrary code
- Denial of service attack (DoS)
- Escalation of privilege
- Sensitive information disclosure
Best practice and Recommendations:
The CERT team encourages users to review Siemens security advisory and apply the necessary updates:
- https://cert-portal.siemens.com/productcert/txt/ssa-917476.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-840188.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-779699.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-755517.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-740908.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-703715.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-580693.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-537983.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-338732.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-328042.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-145157.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-114589.txt
- https://cert-portal.siemens.com/productcert/txt/ssa-044112.txt
Rate the content
Share the page
