Industrial leaders Siemens, Schneider Electric, Rockwell Automation, and Phoenix Contact release Patch Tuesday advisories revealing critical and high-severity vulnerabilities in their ICS/OT products. These flaws enable remote code execution, DoS, and man-in-the-middle attacks, threatening critical infrastructure security. #SiemensVulnerabilities #OTSecurity
Keypoints
- Siemens released 14 advisories, with three rated as critical for dozens of third-party components.
- Vulnerabilities in products like Comos, Sicam T, Ruggedcom, and Sinec Security Monitor could lead to arbitrary code execution and other attacks.
- Schneider Electric reported vulnerabilities affecting its EcoStruxure Foxboro DCS due to WSUS and ZombieLoad exploits.
- Rockwell Automation identified high-severity DoS and SQL injection issues impacting their GuardLink EtherNet/IP interface and FactoryTalk DataMosaix.
- Phoenix Contact disclosed multiple security flaws such as XSS, DoS, and authentication issues in its FL SWITCH 2xxx series switches.
Read More: https://www.securityweek.com/ics-patch-tuesday-vulnerabilities-fixed-by-siemens-rockwell-schneider/