Number: AV22-061
Date: 8 February 2022
On 8 February 2022 Siemens published Security Advisories to address vulnerabilities in the following products:
- JT2Go – all versions
- RUGGEDCOM – multiple products and versions
- SCALANCE – multiple products and versions
- SICAM TOOLBOX II – all versions
- SINEMA Remote Connect Server – versions prior to v2.0
- SINEMA Server V14 – all versions
- SIMATIC – multiple products and versions
- Simcenter Femap v2020.2 and v2021.1 - all versions
- SINEC NMS – all versions
- SINUMERIK Operate – all versions
- SIPLUS – multiple products and versions
- Solid Edge SE2021 – versions prior to SE2021MP9
- Solid Edge SE2022 – versions prior to SE2022MP1
- Spectrum Power 4 – versions prior to v4.70 SP9 Security Patch 1
- Teamcenter Visualization – multiple versions
- TIA Administrator – all versions
- TIM 1531 IRC (including SIPLUS NET variants) – versions prior to v2.2
Exploitation of these vulnerabilities could lead to denial of service, arbitrary code execution, disclosure of sensitive information or authentication bypass.
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.