SIEMENS-SSA-183963
·
Published 2025-07-18
·
View on Siemens ProductCERT ↗
SSA-183963 V1.1 (Last Update: 2025-07-18): Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11
CVSS N/A
MEDIUM
Risk Summary
<p>During establishment of a https connection to the TLS server of a managed device, SICAM TOOLBOX II improperly validates that device’s certificate. This could allow an attacker to execute an on-path network (MitM) attack.</p> <p>Siemens has released a new version for SICAM TOOLBOX II and recommends to update to the latest version.</p> <p>The chapter “Additional Information” provides additional guidance how to prevent on-path network attacks.</p>
Remediations
- Refer to Siemens ProductCERT advisory for patch and remediation guidance.
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
SSA-183963 V1.1 (Last Update: 2025-07-18): Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11
See advisory
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more