Latest News

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SICAM Q100, SICAM Q200 Vulnerabilities: Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated local attacker to extract the SMTP account password and use the configured SMTP service for arbitrary purposes. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the following products are affected: Siemens POWER METER SICAM Q100 (7KG9501-0AA01-0AA1): Versions 2.60 up to but not including 2.62 Siemens POWER METER SICAM Q100 (7KG9501-0AA01-2AA1): Versions 2.60 up to but not including 2.62 Si...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Action Manager Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local unauthenticated attacker to listen to communications and manipulate the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of FactoryTalk Action Manager, a software management platform, are affected: FactoryTalk Action Manager: Version 1.0.0 to 1.01 3.2 VULNERABILITY OVERVIEW 3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200 A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcast over a WebSocket and can be intercepted by any local client listening on the connection. CVE-2025-7532 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calcul...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable from a local network Vendor: Rockwell Automation Equipment: Studio 5000 Logix Designer Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the device or execute malicious code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Studio 5000 Logix Designer, a centralized control system management software, are affected: Studio 5000 Logix Designer: Version 36.00.02 to 37.00.02 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER INPUT VALIDATION CWE-20 A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; however, it may be possible to execute malicious code without triggering a crash. CVE-2025-7971 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string i...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ControlLogix Ethernet Modules Vulnerability: Initialization of a Resource with an Insecure Default 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to perform memory dumps, modify memory, and control execution flow. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation ControlLogix Ethernet Modules are affected: 1756-EN2T/D: Version 11.004 or below 1756-EN2F/C: Version 11.004 or below 1756-EN2TR/C: Version 11.004 or below 1756-EN3TR/B: Version 11.004 or below 1756-EN2TP/A: Version 11.004 or below 3.2 VULNERABILITY OVERVIEW 3.2.1 Initialization of a Resource with an Insecure Default CWE-1188 Rockwell Automation ControlLogix Ethernet Modules are vulnerable to a security issue where the web-based debugger agent is enabled by default on released devices. If a specific IP addres...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM CROSSBOW Station Access Controller (SAC) Vulnerabilities: Heap-Based Buffer Overflow, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or create a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: RUGGEDCOM CROSSBOW Station Access Controller (SAC): Versions prior to V5.7 3.2 VULNERABILITY OVERVIEW 3.2.1 HEAP-BASED BUFFER OVERFLOW CWE-122 An integer overflow can be trig...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated administrator to execute unauthorized arbitrary OS commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: RUGGEDCOM APE1808: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS C...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC S7-PLCSIM Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SIMATIC S7-PLCSIM V17: All versions SIMOCODE ES V17: All versions SIMOCODE ES V18: All versions SIMOCODE ES V19: All versions SIMOCODE ES V20: All versions SIMOTION SCOUT TIA V5.4: All versions SIMOTION SCOUT TIA V5.5: All versions SIMOTIO...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC 4 Compact Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SIPROTEC 4 6MD61: All versions SIPROTEC 4 7SJ62: All versions SIPROTEC 4 7SJ63: All versions SIPROTEC 4 7SJ64: All versions SIPROTEC 4 7SJ66: All versions SIPROTEC 4 7SS52: All versions SIPROTEC 4 7ST6: All...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 2.4 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIPROTEC 5 Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SIPROTEC 5 6MD84 (CP300): Versions prior to V10.0 SIPROTEC 5 7SD82 (CP150): Versions prior to V10.0 SIPRO...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: Wibu CodeMeter Vulnerability: Least Privilege Violation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local user to navigate from Import License to a privileged instance of Windows Explorer. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens SIMATIC Information Server 2020: All versions Siemens SIMATIC WinCC OA V3.20: All versions prior to V3.20 P008 Siemens SIMATIC Information Server 2022: All versions Siemens SIMATIC Information Server 2024: All versions Siemens SIMATIC PDM Maintenanc...