January 9, 2024 at 12:54PM
On the first Patch Tuesday of 2024, Siemens and Schneider Electric released a total of seven security advisories, fixing 22 vulnerabilities. Siemens addressed critical vulnerabilities in Simatic IPCs, CN 4100, Solid Edge 2023, Teamcenter Visualization, JT2Go, Spectrum Power 7, and Sicam A8000 devices. Schneider Electric addressed a high-severity Easergy Studio vulnerability.
From the meeting notes, it is clear that Siemens and Schneider Electric released a total of seven new security advisories addressing 22 vulnerabilities on the first Patch Tuesday of 2024.
Siemens has addressed several critical vulnerabilities, including a CVSS score of 10 vulnerability in Simatic IPCs, a high-severity vulnerability in Simatic CN 4100, and a medium-severity issue in Sicam A8000 devices.
Furthermore, Siemens has fixed vulnerabilities in products such as Solid Edge 2023, Teamcenter Visualization, JT2Go, and Spectrum Power 7, addressing issues related to PAR and CGM files, arbitrary code execution, and root access.
On the other hand, Schneider Electric has released a single advisory regarding a high-severity Easergy Studio vulnerability that could allow attackers to gain higher privileges.
These actions demonstrate the proactive approach of both companies in addressing potential security risks in their industrial products.