Security News > 2021 > March > Siemens Releases Several Advisories for Vulnerabilities in Third-Party Components

Siemens Releases Several Advisories for Vulnerabilities in Third-Party Components
2021-03-09 14:44

Siemens on Tuesday published 12 new security advisories to inform customers about nearly two dozen vulnerabilities affecting its products.

Half of the new advisories cover vulnerabilities in third-party components.

Siemens has been publishing advisories to describe the impact of these flaws on its products, and the latest advisory focuses on the impact of two AMNESIA:33 denial-of-service flaws on SENTRON 3VA and PAC Meter products.

Two advisories are related to NUMBER:JACK, a set of TCP/IP stack vulnerabilities that were discovered even more recently.

The company has released yet another advisory for file parsing vulnerabilities in product development solutions - these types of advisories were also released in January and February.

The remaining advisories address a high-severity DoS vulnerability in SCALANCE and RUGGEDCOM devices, high-severity unauthorized access issues in SINEMA Remote Connect Server, a DoS vulnerability in LOGO! 8 BM, and DoS flaws in SIMATIC S7-PLCSIM. Siemens has released or plans on releasing updates for many of these vulnerabilities, but in some cases the company has advised customers to implement mitigations or workarounds to protect their systems or devices against potential attacks.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/v0ZN5H7CtIw/siemens-releases-several-advisories-vulnerabilities-third-party-components

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Siemens 1779 26 427 871 201 1525