Serial number: AV24-385
Date: July 11, 2024
On July 9, 2024, Siemens published security advisories to address vulnerabilities in the following products:
- JT Open – versions prior to V11.5
- JT2Go – versions prior to V14.3.0.8
- Mendix Encryption – versions V10.0.0 and V10.0.1
- JT Open – versions prior to V11.5
- PLM XML SDK – versions prior to V7.1.0.014
- RUGGEDCOM APE1808 (configured with Palo Alto Networks Virtual NGFW) – all versions
- RUGGEDCOM APE1808 (configured with Fortigate NGFW) – all versions
- RUGGEDCOM CROSSBOW – all versions
- RUGGEDCOM ROS V4.x, V5.x and II Families – multiple versions
- SCALANCE Family Devices – multiple versions and platforms
- SIMATIC Energy Manager Basic – versions prior to V7.5
- SIMATIC Energy Manager PRO – versions prior to V7.5
- SIMATIC IPC DiagBase – all versions
- SIMATIC IPC DiagMonitor – all versions
- SIMATIC WinCC Runtime Professional V19 – versions prior to V19 Update 1
- SIMATIC WinCC Runtime Professional V18 – all versions
- SIMATIC WinCC V7.4 – versions prior to V7.4 SP1 Update 23
- SIMATIC WinCC V7.5 – versions prior to V7.5 SP2 Update 16
- SIMATIC WinCC V8.0 – versions prior to V8.0 Update 5
- Simcenter Femap – versions prior to V2406
- SIMIT V10 – all versions
- SIMIT V11 – all versions
- SINEC INS (with RADIUS Server feature enabled) – all versions
- SINEMA Remote Connect Server – versions prior to V3.2 SP1
- SINEMA Remote Connect Client – versions prior to V3.2 HF1
- SIPROTEC 5 CPxxx Devices – multiple versions and platforms
- SIPROTEC 5 Communication Modules – multiple versions and platforms
- Teamcenter Visualization V14.1 – versions prior to V14.1.0.14
- Teamcenter Visualization V14.2 – versions prior to V14.2.0.10
- Teamcenter Visualization V14.3 – versions prior to V14.3.0.8
- Teamcenter Visualization V2312 – versions prior to V2312.0002
- Totally Integrated Automation Portal (TIA Portal) – multiple versions
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.