Multiple Siemens Products ICSA-19-043-05 Multiple Security Vulnerabilities

Multiple Siemens Products are prone to the following security vulnerabilities:

1. Multiple stack-based buffer-overflow vulnerabilities
2. A denial-of-service vulnerability
3. A side channel attack information disclosure vulnerability

Attackers can exploit these issues to execute arbitrary code within the context of an affected device or obtain sensitive information or cause a denial-of-service condition.

The following Siemens products are affected:

SIMATIC FieldPG M5 All versions prior to 22.01.06,
SIMATIC IPC427E All versions prior to 21.01.09,
SIMATIC IPC477E All versions prior to 21.01.09,
SIMATIC IPC547E All versions prior to R1.30.0,
SIMATIC IPC547G All versions prior to R1.23.0,
SIMATIC IPC627D All versions prior to 19.02.11,
SIMATIC IPC647D All versions prior to 19.01.14,
SIMATIC IPC677D All versions prior to 19.02.11,
SIMATIC IPC827D All versions prior to 19.02.11,
SIMATIC IPC847D All versions prior to 19.01.14, and
SIMATIC ITP1000 All versions prior to 23.01.04


 

Privacy Statement
Copyright 2010, SecurityFocus