CISA has released an advisory on an incorrect privilege assessment vulnerability in Siemens SINEMA Server. All versions prior to Version 14.0 SP2 Update 1 are affected. Successful exploitation of this vulnerability could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. Siemens recommends users of the affected product update to a new version and has identified workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
You are here
Related Resources
May 22, 2025 in Cybersecurity, in Security Preparedness
May 22, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
May 22, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness