Serial number: AV24-643
Date: November 12, 2024
On November 12, 2024, Siemens published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- Mendix Runtime V8, V9, V10, V10.6 and V10.12 – multiple versions
- OZW671 and OZW772 – versions prior to V5.2
- RUGGEDCOM CROSSBOW Station Access Controller – versions prior to V5.6
- SCALANCE M-800 family – versions prior to V8.2
- SIMATIC CP 1543-1 V4.0 – versions prior to V4.0.50
- SIMATIC S7-PLCSIM V16 and V17 – all versions
- SINEC INS – versions prior to V1.0 SP2 Update 3
- SINEC NSM – versions prior to V3.0 SP1
- SIPORT – versions prior to V3.4.0
- Solid Edge Se2024 – versions prior to V224.0 Update 9
- Spectrum Power 7 – versions prior to V24Q3
- TeleControl Server Basic V3.1 – versions prior to V3.1.2.1
- Totally Integrated Automation Portal
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.