VDB

ICSA-21-194-04

ICSA-21-194-04 PUBLISHED CVSS 7.400000095367432 HIGH

The latest update for SINUMERIK Integrate Operate Client fixes a vulnerability that could allow an attacker to spoof any SSL server certificate and conduct man-in-the-middle attacks. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available

Risk Scores

CVSS v3.1
7.400000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C

Affected Products

VendorProductVersions
SINUMERIK Integrate Client 04
SINUMERIK Optimize MyProgramming /NX-Cam Editor
SINUMERIK Integrate for Production 5.1
SINUMERIK Manage MyPrograms
SINUMERIK Integrate for Production 4.1
SINUMERIK Operate V4.94
SINUMERIK Analyze MyPerformance
SINUMERIK Manage MyResources /Programs
SINUMERIK Manage MyMachines
SINUMERIK Operate V4.93
SINUMERIK Analyze MyPerformance /OEE-Tuning
SINUMERIK Analyze MyPerformance /OEE-Monitor
SINUMERIK Analyse MyCondition
SINUMERIK Manage MyMachines /Remote
SINUMERIK Manage MyTools
SINUMERIK Operate V4.8
SINUMERIK Integrate Client 02
SINUMERIK Manage MyMachines /Spindel Monitor
SINUMERIK Integrate Client 03
SINUMERIK Manage MyResources /Tools

Timeline

  • Jul 13, 2021 CVE Published
  • May 6, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›