Firma Siemens informuje o nowych podatnościach w swoich produktach-11-10-22

cert.pse-online.pl 2 lat temu

W dniu 11 października 2022 r. Siemens opublikował porady bezpieczeństwa w celu rozwiązania problemów w lukach w wielu produktach.

ID	Krytyczność	Produkt/Opis
SSA-955858	9.8	Multiple Vulnerabilities in LOGO! 8 BM Devices
SSA-935500	7.5	Denial of Service Vulnerability in FTP Server of Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products
SSA-928782	6.1	Firmware Authenticity Vulnerability in LOGO! 8 BM Devices
SSA-917476	9.8	Multiple Vulnerabilities in SCALANCE W1750D
SSB-898115		Remarks Regarding SSA-568427 (Weak Key Protection Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families)
SSA-836027	9.8	Client-side Authentication in Desigo CC and Cerberus DMS
SSA-712929	7.5	Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products
SSA-697140	8.6	Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM Products
SSA-685781	9.8	Multiple Vulnerabilities in Apache HTTP Server Affecting Siemens Products
SSA-649853	7.4	Improper Certificate Validation Vulnerability in Industrial Edge Management
SSA-611756	7.8	JT File Parsing Vulnerability in JTTK and Simcenter Femap
SSA-572005	9.8	Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices
SSA-552702	8.8	Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products
SSA-501891	7.3	Cross-Site Scripting Vulnerability in SCALANCE X-200 and X-200IRT Families
SSA-446448	5.3	Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
SSB-439005		Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
SSA-384224	7.5	Denial of Service Vulnerability in SIMATIC HMI Panels
SSA-360783	8.8	Multiple Webserver Vulnerabilities in Desigo PXM Devices
SSA-313313	7.5	Denial of Service Vulnerability in the FTP Server of Nucleus RTOS
SSA-306654	8.4	Insyde BIOS Vulnerabilities in Siemens Industrial Products
SSA-285795	6.5	Denial of Service in OPC-UA in Industrial Products
SSA-280624	9.8	Multiple Vulnerabilities in SCALANCE W1750D
SSA-258115	7.8	DWG File Parsing Vulnerability in Solid Edge before SE2022MP9
SSA-254054	9.8	Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) – Impact to Siemens Products
SSA-250085	7.3	Multiple Vulnerabilities in SINEC NMS
SSA-244969	7.4	OpenSSL Vulnerability in Industrial Products