You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
siemens advisories
About this tag
Siemens advisories on WindowsForum.com cover critical security updates for industrial products like RUGGEDCOM CROSSBOW and Desigo CC. Recent threads detail CVE-2026-27668, an incorrect privilege assignment in RUGGEDCOM CROSSBOW Secure Access Manager (CVSS 8.8) affecting versions before V5.8, and CVE-2023-38545, a heap-based buffer overflow in CodeMeter Runtime impacting Desigo CC and SENTRON Powermanager. These advisories emphasize the importance of patching management-plane and third-party component vulnerabilities in industrial environments.
Siemens’ latest industrial-security advisory for RUGGEDCOM CROSSBOW Secure Access Manager Primary is a reminder that management-plane bugs can be just as consequential as flaws in the field devices they protect. The issue, tracked as CVE-2026-27668, carries a CVSS 3.1 score of 8.8 and affects...
Siemens’ ProductCERT has republished a high‑risk advisory: a heap‑based buffer overflow in the third‑party WIBU Systems CodeMeter Runtime (root cause: a vulnerable libcurl SOCKS5 handshake, CVE‑2023‑38545) is present inside several Desigo CC product family builds and the Desigo CC‑based SENTRON...
Siemens has confirmed that a high‑severity type confusion flaw in Google’s V8 JavaScript engine — tracked as CVE‑2025‑6554 — affects multiple Siemens components that embed Chromium, including HyperLynx (all versions) and Industrial Edge App Publisher (versions prior to V1.23.5). The upstream bug...