[Control systems] Siemens security advisory (AV24-719)

Serial number: AV24-719
Date: December 16, 2024

On December 16, 2024, Siemens published a security advisory to address a critical vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the following products:

• Opcenter Execution Foundation – all versions
• Opcenter Intelligence – all versions
• Opcenter Quality – all versions
• Opcenter RDL – all versions
• SIMATIC PCS neo
• SINEC NMS – all versions
• Totally Integrated Automation Portal

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.

• SSA-928984: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)
• Siemens Security Advisories