← Back to home
SIEMENS-SSA-332410  ·  Published 2023-01-10  ·  View on Siemens ProductCERT ↗

SSA-332410 V1.0: Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 1

CVSS N/A MEDIUM

Risk Summary

<p>Siemens has released a new version for SINEC INS that fixes multiple vulnerabilities that could allow an attacker to read and write arbitrary files from the file system of the affected component and to ultimately execute arbitrary code on the device. In addition, this version also contains fixes for multiple vulnerabilities in underlying third party components.</p> <p>Siemens has released an update for SINEC INS and recommends to update to the latest version.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-332410 V1.0: Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 1 See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more