NCSC | Security Advisories
Bekijk RSS-feed

Security Advisories

Download

Security Advisory; NCSC-2026-0229 [1.0.0]

Security Advisory
NCSC-2026-0229 [1.0.0]
Publicatie
14-07-2026 15:45 (Europe/Amsterdam)
Prioriteit
Normaal
Betreft
Kwetsbaarheden verholpen in Siemens producten

Kenmerken

  • Improper Input Validation
  • Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Stack-based Buffer Overflow
  • Heap-based Buffer Overflow
  • Out-of-bounds Read
  • Integer Overflow or Wraparound
  • Observable Discrepancy
  • Observable Timing Discrepancy
  • Insecure Inherited Permissions
  • Authentication Bypass by Capture-replay
  • Cryptographic Issues
  • Reusing a Nonce, Key Pair in Encryption
  • Improper Verification of Cryptographic Signature
  • Covert Timing Channel
  • Detection of Error Condition Without Action
  • Double Free
  • Untrusted Search Path
  • Use of Cache Containing Sensitive Information
  • Integer Overflow to Buffer Overflow
  • Allocation of Resources Without Limits or Throttling
  • Out-of-bounds Write
  • Access of Resource Using Incompatible Type ('Type Confusion')
  • Missing Authorization
  • Incorrect Authorization
  • Improper Enforcement of Message Integrity During Transmission in a Communication Channel
  • Incorrect Bitwise Shift of Integer

Omschrijving

Siemens heeft kwetsbaarheden verholpen in diverse producten als CADRA, IAM, Mendix, OpCenter, RUGGEDCOM, SIDIS en SIMATIC.

De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:

  • Denial-of-Service (DoS)
  • Cross-Site Scripting
  • Manipulatie van gegevens
  • Omzeilen van een beveiligingsmaatregel
  • (Remote) code execution (SYSTEM rechten)
  • (Remote) code execution (Gebruikersrechten)
  • Toegang tot gevoelige gegevens
  • Verhogen van rechten

De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.

Oplossingen

Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.

Referenties

CVE's

Producten

Siemens
CADRA
COMOS V10.4.5
COMOS V10.6
Cpu 1518F-4 Pn/Dp Mfp Firmware
Designcenter NX
Mendix Runtime
Opcenter X
RUGGEDCOM APE1808
RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
RUGGEDCOM ROX MX5000
RUGGEDCOM ROX MX5000 FIRMWARE
RUGGEDCOM ROX MX5000RE
RUGGEDCOM ROX RX1400
RUGGEDCOM ROX RX1400 FIRMWARE
RUGGEDCOM ROX RX1500
RUGGEDCOM ROX RX1500 FIRMWARE
RUGGEDCOM ROX RX1501
RUGGEDCOM ROX RX1510
RUGGEDCOM ROX RX1510 FIRMWARE
RUGGEDCOM ROX RX1511
RUGGEDCOM ROX RX1511 FIRMWARE
RUGGEDCOM ROX RX1512
RUGGEDCOM ROX RX1512 FIRMWARE
RUGGEDCOM ROX RX1524
RUGGEDCOM ROX RX1524 Firmware
RUGGEDCOM ROX RX1536
RUGGEDCOM ROX RX1536 Firmware
RUGGEDCOM ROX RX5000
RUGGEDCOM RST2428P
RUGGEDCOM RST2428P (6GK6242-6PA00)
Ruggedcom Rox Mx5000Re Firmware
Ruggedcom Rox Rx1501 Firmware
Ruggedcom Rox Rx5000 Firmware
SCALANCE M804PB (6GK5804-0AP00-2AA2)
SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)
SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)
SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)
SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)
SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)
SCALANCE M874-2 (6GK5874-2AA00-2AA2)
SCALANCE M874-3 (6GK5874-3AA00-2AA2)
SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2)
SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)
SCALANCE M876-4 (6GK5876-4AA10-2BA2)
SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)
SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)
SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)
SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)
SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)
SCALANCE S615 (6GK5615-0AA00-2AA2)
SCALANCE S615 EEC (6GK5615-0AA01-2AA2)
SCALANCE S615 Firmware
SCALANCE SC622-2C (6GK5622-2GS00-2AC2)
SCALANCE SC622-2C Firmware
SCALANCE SC626-2C (6GK5626-2GS00-2AC2)
SCALANCE SC626-2C Firmware
SCALANCE SC632-2C
SCALANCE SC632-2C (6GK5632-2GS00-2AC2)
SCALANCE SC632-2C Firmware
SCALANCE SC636-2C (6GK5636-2GS00-2AC2)
SCALANCE SC636-2C Firmware
SCALANCE SC642-2C (6GK5642-2GS00-2AC2)
SCALANCE SC642-2C Firmware
SCALANCE SC646-2C
SCALANCE SC646-2C (6GK5646-2GS00-2AC2)
SCALANCE SC646-2C Firmware
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0)
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0)
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
SCALANCE WUM763-1
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0)
SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0)
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family
SCALANCE XCH328
SCALANCE XCH328 (6GK5328-4TS01-2EC2)
SCALANCE XCM324
SCALANCE XCM324 (6GK5324-8TS01-2AC2)
SCALANCE XCM328
SCALANCE XCM328 (6GK5328-4TS01-2AC2)
SCALANCE XCM332
SCALANCE XCM332 (6GK5332-0GA01-2AC2)
SCALANCE XRH334 (24 V DC, 8xFO, CC)
SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)
SCALANCE XRM334 (230 V AC, 12xFO)
SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)
SCALANCE XRM334 (230 V AC, 8xFO)
SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)
SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)
SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)
SCALANCE XRM334 (24 V DC, 12xFO)
SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)
SCALANCE XRM334 (24 V DC, 8xFO)
SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)
SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)
SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)
SCALANCE XRM334 (2x230 V AC, 12xFO)
SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)
SCALANCE XRM334 (2x230 V AC, 8xFO)
SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)
SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)
SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)
SIDIS Prime
SIDIS Secured SmartPlug
SIMATIC CN 4100
SIMATIC MV540 H (6GF3540-0GE10)
SIMATIC MV540 H Firmware
SIMATIC MV540 S (6GF3540-0CD10)
SIMATIC MV540 S Firmware
SIMATIC MV550 H (6GF3550-0GE10)
SIMATIC MV550 H Firmware
SIMATIC MV550 S (6GF3550-0CD10)
SIMATIC MV560 U (6GF3560-0LE10)
SIMATIC MV560 U Firmware
SIMATIC MV560 X (6GF3560-0HE10)
SIMATIC MV560 X Firmware
SIMATIC S7
SIMATIC S7 CPU 1500 firmware
SIMATIC S7-1500
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
SIMATIC S7-1500 TM MFP - GNU/Linux subsystem
SIMATIC S7-PLCSIM Advanced
SINAMICS PERFECT HARMONY GH180 6SR5
SINEC PNI
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
Scalance Sc622-2C Firmware
Scalance Sc632-2C Firmware
Scalance Sc646-2C Firmware
Scalance W700 Ieee 802.11Ax Firmware
Scalance Wam763-1
Scalance Wam766-1
Scalance Wam766-1 Eec
Scalance Wum766-1
Simatic Mv550 S Firmware
Simcenter 3D
Simcenter Femap V2506
Simcenter Femap V2512
Simcenter Nastran
Simcenter STAR-CCM+
Sinamics Perfect Harmony Gh180 Firmware
Sinec Pni
Solid Edge SE2025
Solid Edge SE2026
Teamcenter Visualization V2412
Teamcenter Visualization V2506
Teamcenter Visualization V2512
Tecnomatix Plant Simulation V2404
Tecnomatix Plant Simulation V2504
Tecnomatix Process Simulate
scalance_sc622-2c
scalance_sc626-2c
scalance_sc626-2c_firmware
scalance_sc636-2c
scalance_sc636-2c_firmware
scalance_sc642-2c
scalance_sc642-2c_firmware

Disclaimer

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.