Siemens SINUMERIK Integrate Operate Client

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : SINUMERIK Integrate Operate Client Vulnerability : Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to spoof any SSL server...

Siemens OpenSSL Vulnerability in Industrial Products (Update E)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : Industrial Products Vulnerability : Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-18-226-02 Siemens...

Siemens SINUMERIK Integrate Operate Clients Man-in-the-Middle Security Bypass Vulnerability

Siemens SINUMERIK Integrate Operate Clients is a standard HMI system client for SINUMERIK digital controls from Siemens. A man-in-the-middle security bypass vulnerability exists in Siemens SINUMERIK Integrate Operate Clients. An attacker could use this vulnerability to conduct a man-in-the-middle...

CVE-2017-2685

Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 including and 2.0.6 excluding and between 3.0.4.00.032 including and 3.0.6 excluding contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle MITM attack...

Code injection

Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 including and 2.0.6 excluding and between 3.0.4.00.032 including and 3.0.6 excluding contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle MITM attack...