SIEMENS CERT
06/10/2025
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. [1] https://security.paloaltonetworks.com/
SIEMENS CERT
06/10/2025
Siemens Energy Services (previously known as Managed Applications and Services), sell solutions using Elspec G5 Digital Fault Recorder which contains default credentials with admin privileges. A client configuration with remote access could allow an attacker to gain remote control of the G5DFR component and tamper outputs from the device.
SIEMENS CERT
06/10/2025
A vulnerability in SIRIUS 3RV2921-5M could allow an attacker to cause a denial of service condition. Siemens has released a new version for SIRIUS 3RV2921-5M and recommends to update to the latest version.
SIEMENS CERT
06/10/2025
SENTRON Powercenter devices are not affected by a denial of service vulnerability that can be triggered during BLE (Bluetooth Low Energy) pairing. Note: Unlike stated in the initial version of this security advisory from 2024-12-10, detailed analysis has shown that SENTRON Powercenter devices are not affected by this vulnerability.
SIEMENS CERT
06/10/2025
Palo Alto Networks has published [1] information on cross-site scripting vulnerability in PAN-OS. This advisory lists the related Siemens Industrial products affected by this vulnerability. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement …
SIEMENS CERT
06/10/2025
TIM 4R-IE devices contain multiple vulnerabilities in the integrated NTP component as listed below. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
06/10/2025
Several Industrial Communication Devices based on SINEC OS before V3.2 contain multiple vulnerabilities that could allow an attacker to circumvent authorization checks and perform actions that exceed the permissions of the “guest” role. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
06/10/2025
The SSO login service in Teamcenter contains an open redirect vulnerability that could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. Siemens has released new versions for the affected products and recommends to update to the latest versions.