SIEMENS-SSA-400332
·
Published 2022-11-08
·
View on Siemens ProductCERT ↗
SSA-400332 V1.1 (Last Update: 2022-11-08): Insufficient Design IP Protection in IEEE 1735 Recommended Practice - Impact to Questa and ModelSim
CVSS N/A
MEDIUM
Risk Summary
<p>A security research [1] identified weaknesses in the IEEE 1735 recommended practice for encryption of Design IP, which could allow a sophisticated attacker access to unencrypted Design IP data in IEEE 1735-compliant products. This advisory addresses the specific details for the affected Siemens software products: Questa and ModelSim simulators.</p> <p>Siemens is preparing updates and recommends specific countermeasures for Questa and ModelSim.</p> <p>[1] <a href="https://arxiv.org/abs/2112.04838" class="uri">https://arxiv.org/abs/2112.04838</a></p>
Remediations
- Refer to Siemens ProductCERT advisory for patch and remediation guidance.
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
SSA-400332 V1.1 (Last Update: 2022-11-08): Insufficient Design IP Protection in IEEE 1735 Recommended Practice - Impact to Questa and ModelSim
See advisory
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more