SecurityWeek reports that Siemens and Schneider Electric have addressed a total of 59 security flaws in their respective Patch Tuesday security advisories for this month.
Nineteen security advisories issued by Siemens detail 46 security vulnerabilities, with two advisories describing critical bugs. Siemens' SIMATIC CP 1543-1 communicator processor is being impacted by three critical and high-severity flaws, which could be exploited to achieve arbitrary code execution.
Threat actors could also remotely abuse a critical flaw and a high-severity bug in its SIMATIC eaSie digital assistant to facilitate arbitrary request delivery and a denial-of-service condition.
Numerous vulnerabilities in SCALANCE X switches could also be leveraged in DoS or brute-force attacks.
Meanwhile, Schneider Electric detailed 13 bugs, one of which is a high-severity SpaceLogic C-Bus Home Controller OS command injection flaw. Three high-severity vulnerabilities in some Schneider Electric OPC UA and X80 advanced RTU communication modules could also be leveraged in DoS attacks, according to the company.