CVEs (3)
Remediations
- Restrict access to the affected systems, especially to port 443/tcp, to trusted IP addresses only
- Currently no fix is planned
- Update to V1.0.3 or later version
- Update to V2.0 or later version
- CVE-2022-25311: If SSO was established and user is authenticated in both Control and Operation, it is recommended to logout explicitly in both Control and Operation to avoid privilege escalation
Affected Vendors
Siemens
Affected Products (3)
Siemens
·
SINEC NMS
<V1.0.3
Siemens
·
SINEC NMS
>=V1.0.3<V2.0
Siemens
·
SINEMA Server V14
vers:all/*
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more