[Control systems] Siemens security advisory (AV25-272)

Serial number: AV25-272
Date: May 14, 2025

On May 13, 2025, Siemens published advisories to address vulnerabilities in multiple products. Included were updates for the following:

  • Desigo CC – all versions
  • INTRALOG WMS – versions prior to V5
  • OZW672 – multiple models and versions
  • RUGGEDCOM ROX II family – multiple models and versions
  • SCALANCE LPE9403(6GK5998-3GS00-2AC2) – all versions
  • SIMATIC IPC RS-828A – all versions
  • SIMATIC PCS neo – versions V4.1 and V5.0
  • SINEC NMS – versions prior to V2.15.1.1
  • SINEMA Remote Connect – versions prior to UMC V2.15.1.1
  • SIRIUS 3RK3 Modular Safety System (MSS) – all versions
  • SIRIUS Safety Relays 3SK2 – all versions
  • Teamcenter Visualization – multiple models and versions
  • Totally Integrated Automation Portal (TIA Portal) – versions prior to UMCV2.15.1.1
  • User Management Component (UMC) – versions prior to UMC V2.15.1.1
  • VersiCharge AC Series – multiple models and versions

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

Date modified: