Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack.
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sinumerik_integrate_access_mymachine/ethernet | Siemens | - (including) | - (including) |
Sinumerik_integrate_operate_client | Siemens | 2.0.3.00.016 (including) | 2.0.3.00.016 (including) |
Sinumerik_integrate_operate_client | Siemens | 3.0.4.00.032 (including) | 3.0.4.00.032 (including) |
Sinumerik_operate | Siemens | 4.5-sp6 (including) | 4.5-sp6 (including) |
Sinumerik_operate | Siemens | 4.7-sp2 (including) | 4.7-sp2 (including) |