Security Experts:

Connect with us

Hi, what are you looking for?



ICS Patch Tuesday: 100 Vulnerabilities Addressed by Siemens, Schneider Electric

Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.

Siemens and Schneider Electric have addressed a total of nearly 100 vulnerabilities with their February 2023 Patch Tuesday advisories. 


Siemens has published 13 new advisories covering a total of 86 vulnerabilities. 

The most significant vulnerability — based on its CVSS score of 10 — is a memory corruption issue that can lead to a denial-of-service (DoS) condition or arbitrary code execution in the Comos plant engineering software. 

This vulnerability was identified by Siemens’ own employees, which is not surprising. According to a recent report from industrial cybersecurity firm SynSaber, Siemens’ product security team self-reported 544 vulnerabilities in 2022, up from 230 in the previous year. It’s worth noting that many of the flaws addressed by Siemens in its products are actually introduced by third-party components. 

Siemens has patched roughly a dozen critical and high-severity vulnerabilities in its Brownfield Connectivity product. Exploitation of the flaws can lead to a DoS condition. 

Some of the high-severity flaws addressed by Siemens in its latest round of Patch Tuesday advisories are related to the BIOS, specifically vulnerabilities resolved by Intel and Insyde in November 2022, including issues related to a type of attack dubbed RingHopper

[ Read: Cyber Insights 2023 | ICS and Operational Technology ]

High-severity vulnerabilities that can be exploited for code execution and DoS attacks by tricking targeted users into processing specially crafted files have been patched in Tecnomatix Plant Simulation, JT Open Toolkit, JT Utilities, Parasolid, Solid Edge, and Simcenter Femap.

A security hole in SiPass integrated ACC that can be exploited to escalate privileges to root, and a DoS flaw in some Scalance switches have also been rated ‘high severity’.

For some of the impacted products, Siemens has yet to release fixes. 

Schneider Electric 

Schneider Electric has published three advisories covering 10 vulnerabilities. One advisory describes nine high- and medium-severity issues discovered in the company’s StruxureWare Data Center Expert monitoring software.

Exploitation of the vulnerabilities can lead to remote code/command execution or privilege escalation. 

Another advisory describes one high-severity improper authentication flaw affecting Merten KNX products. 

The third advisory informs Schneider Electric customers of a medium-severity issue in EcoStruxure Geo SCADA Expert that can allow hackers to falsify logs. 

Related: Siemens License Manager Vulnerabilities Allow ICS Hacking

Related: 2022 ICS Attacks: Fewer-Than-Expected on US Energy Sector, But Ransomware Surged

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...