Endpoint/Device Security, Vulnerability Management

Siemens, Schneider Electric address several security vulnerabilities

SecurityWeek reports that more than 140 security vulnerabilities have been collectively addressed by Siemens and Schneider Electric in their respective products as part of this month's Patch Tuesday. Siemens has issued 20 advisories detailing fixes for nearly 140 security flaws, with the most severe advisory concerning over 80 OpenSSH and OpenSSL bugs in its Scalance X-200RNA switches. Six other high- and medium-severity flaws impacting Scalance X-200RNA switches that could be leveraged to facilitate denial-of-service and cross-site scripting attacks, as well as session hijacking, have also been addressed. Fixes have also been released for high-severity bugs in Apogee/Talon, Sicam PAS, TeamCenter Visualization, Mendix, Simatic, Parasolid, Reggedcom, JT2Go, Scalance, and Simcenter STAR-CCM+ offerings. On the other hand, Schneider Electric has released fixes for six vulnerabilities, including four critical and high-severity bugs in its APC Easy UPS online monitoring software, which could be exploited to execute remote code, escalate privileges, and evade authentication.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.