Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



ICS Patch Tuesday: Siemens, Schneider Electric Address 59 Vulnerabilities

Industrial giants Siemens and Schneider Electric have released their Patch Tuesday security advisories for July 2022, with a total of 13 advisories describing 59 vulnerabilities.


Industrial giants Siemens and Schneider Electric have released their Patch Tuesday security advisories for July 2022, with a total of 13 advisories describing 59 vulnerabilities.


Siemens has released 19 new advisories that describe 46 vulnerabilities affecting the company’s products. Two advisories are for flaws that have been rated “critical” with a CVSS score of 10.

As a sidenote, CVSS scores are often misleading in the case of vulnerabilities found in industrial control systems (ICS), but vendors often highlight the CVSS score so this summary will also focus on the security holes with the highest scores. Industrial organizations should check all advisories from the two vendors and assess the risks for their specific environment.

One of the advisories describes three critical and high-severity vulnerabilities in the SIMATIC CP 1543-1 communication processor. Siemens says exploitation of the flaws can lead to arbitrary code execution with elevated privileges, but attacks can only be launched if the Remote Connect Server (SRCS) VPN feature is used — the feature is not enabled by default.

The second advisory describes one critical and one high-severity vulnerability in the SIMATIC eaSie digital assistant. The bugs can be exploited remotely to send arbitrary requests to the system and cause a DoS condition.

Another critical vulnerability addressed in Siemens’ latest round of advisories is a DHCP issue that affects older SINAMICS Perfect Harmony GH180 drives and can allow access to the drive’s internal network.

Advertisement. Scroll to continue reading.

The company has also informed customers about a critical authentication bypass vulnerability in the Opcenter Quality quality management system.

SCALANCE X switches are affected by several critical and high-severity flaws that can be exploited for DoS attacks or brute force attacks that can lead to session hijacking.

Ten advisories describe high-severity vulnerabilities. One of them covers 20 vulnerabilities in the company’s PADS Viewer product, which can be exploited for remote code execution by tricking the targeted user into opening a specially crafted file.

Learn more about vulnerabilities in industrial systems at

SecurityWeek’s ICS Cyber Security Conference

Other high-severity advisories describe issues in EN100 Ethernet modules, RUGGEDCOM ROS and ROX devices, SIMATIC MV500 devices, Simcenter Femap and Parasolid design tools, JT2Go and Teamcenter visualization products, and SICAM A8000 devices. They include command injection, DoS, remote code execution, and authentication issues.

Medium-severity vulnerabilities have been found in Mendix applications and SICAM GridEdge software.

Siemens has started releasing patches, but fixes may not yet be available for certain products. Until these patches do become available, the vendor recommends mitigations and workarounds.

Schneider Electric

Schneider Electric has released four new advisories that describe 13 vulnerabilities. One of them describes a high-severity OS command injection issue in the SpaceLogic C-Bus Home Controller product.

Schneider has also informed customers that some of its OPC UA and X80 advanced RTU communication modules are affected by three high-severity vulnerabilities that can be exploited for DoS attacks, as well as four medium-severity bugs that could allow an attacker to load an unauthorized firmware image.

The company has also released an advisory for high- and medium-severity flaws in Easergy P5 protection relays that could allow an attacker to cause a DoS condition, obtain a device’s credentials, or gain full control of a relay.

One medium-severity vulnerability that can be leveraged to gain access to other devices on the network has been found in Schneider’s Acti9 PowerTag Link C energy monitoring product.

The vendor has released patches and/or mitigations for these vulnerabilities.

Related: ICS Patch Tuesday: Siemens, Schneider Electric Address Over 80 Vulnerabilities

Related: ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...