Siemens Industrial Products

🗓️ 14 May 2024 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 75 Views

As of January 10, 2023, CISA will no longer update ICS security advisories for Siemens Industrial Products. Vulnerability in various Siemens products could allow attacker to cause a Blue Screen of Death crash

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	Siemens network software vulnerabilities related to memory-walking, which allow attackers to cause service failures.	29 May 202400:00	–	bdu_fstec
Circl	CVE-2023-46280	14 Nov 202412:00	–	circl
CNNVD	Siemens多款产品缓冲区错误漏洞	14 May 202400:00	–	cnnvd
CNVD	Siemens Industrial Products Out-of-Bounds Read Vulnerability	16 May 202400:00	–	cnvd
CVE	CVE-2023-46280	14 May 202410:01	–	cve
Cvelist	CVE-2023-46280	14 May 202410:01	–	cvelist
EUVD	EUVD-2023-50505	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Siemens products	14 May 202400:00	–	ncsc
NCSC	Vulnerabilities fixed in Siemens products	13 Aug 202409:21	–	ncsc
NCSC	Vulnerabilities fixed in Siemens products	12 Nov 202414:19	–	ncsc

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/csaf/ssa-962515.json
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-962515.html
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-137-13.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-24-137-13
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf
cisa	www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B

14 May 2024 00:00Current

7High risk

Vulners AI Score7

CVSS 3.16.5

CVSS 48.2

EPSS0.00049

SSVC