Over 200 vulnerabilities addressed by Siemens, Schneider Electric

More than 200 security vulnerabilities have been collectively fixed by Siemens and Schneider Electric in their own industrial offerings as part of this month's Patch Tuesday, reports SecurityWeek. Twelve new advisories involving nearly 200 security bugs have been issued by Siemens, which alerted customers regarding nearly 108 Linux kernel flaws and 54 BIOS vulnerabilities impacting its Simatic S7-1500 offering. Critical vulnerabilities enabling remote code execution in Simatic Step 7 and Sicam Q200 have also been addressed. Siemens has also patched high-severity bugs in Sicam A8000, Simatic WinCC, Teamcenter Visualization and JT2Go, and Solid Edge, which could be exploited to facilitate arbitrary code execution, as well as medium-severity vulnerabilities in Simatic WinCC, TIA Portal, and Simotion. On the other hand, five security flaws have been resolved by Schneider Electric, two of which are high-severity bugs impacting its Foxboro distributed control system. Other fixed vulnerabilities affect its Foxboro SCADA, EcoStruxure Operator Terminal Expert, Pro-face BLUEm and Interactive Graphical SCADA System offerings.