BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·44d ago

Siemens TPM 2.0

p a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-01.json" strong View CSAF /strong /a /p h2 Summary /h2 p strong The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. /strong /p p The following versions of Siemens TPM 2.0 are affected: /p ul li SIMATIC CN 4100 vers:all/* (CVE-2025-2884) /li li SIMATIC Field PG M5 vers:all/* (CVE-2025-2884) /li li SIMATIC Field PG M6 vers:all/* (CVE-2025-2884) /li li SIMATIC IPC BX-32A vers:intdot/ lt;29.01.09 (CVE-2025-2884) /li li SIMATIC IPC BX-39A vers:intdot/ lt;29.01.09 (CVE-2025-2884) /li li SIMATIC IPC BX-56A vers:intdot/ lt;32.01.09 (CVE-2025-2884) /li li SIMATIC IPC BX-59A vers:intdot/ lt;32.01.09 (CVE-2025-2884) /li li SIMATIC IPC MD-57A vers:intdot/ lt;30.01.10 (CVE-2025-2884) /li li SIMATIC IPC PX-32A vers:intdot/ lt;29.01.09 (CVE-2025-2884) /li li SIMATIC IPC PX-39A vers:intdot/ lt;29.01.09 (CVE-2025-2884) /li li SIMATIC IPC PX-39A PRO vers:intdot/ lt;29.01.09 (CVE-2025-2884) /li li SIMATIC IPC RW-528A vers:intdot/ lt;34.01.02 (CVE-2025-2884) /li li SIMATIC IPC RW-548A vers:intdot/ lt;34.01.02 (CVE-2025-2884) /li li SIMATIC IPC227E vers:all/* (CVE-2025-2884) /li li SIMATIC IPC277E vers:all/* (CVE-2025-2884) /li li SIMATIC IPC427E vers:intdot/ lt;21.01.20 (CVE-2025-2884) /li li SIMATIC IPC477E vers:intdot/ lt;21.01.20 (CVE-2025-2884) /li li SIMATIC IPC477E PRO vers:intdot/ lt;21.01.20 (CVE-2025-2884) /li li SIMATIC IPC627E vers:all/* (CVE-2025-2884) /li li SIMATIC IPC647E vers:all/* (CVE-2025-2884) /li li SIMATIC IPC677E vers:all/* (CVE-2025-2884) /li li SIMATIC IPC847E vers:all/* (CVE-2025-2884) /li li SIMATIC ITP1000 vers:all/* (CVE-2025-2884) /li li SIPLUS IPC427E vers:intdot/ lt;21.01.20 (CVE-2025-2884) /li /ul div class="csaf-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS /th th role="columnheader" Vendor /th th role="columnheader" Equipment /th th role="columnheader" Vulnerabilities /th /tr /thead tbody tr td v3 6.6 /td td Siemens /td td Siemens TPM 2.0 /td td Out-of-bounds Read /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Critical Manufacturing /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Germany /li /ul hr h2 Vulnerabilities /h2 div class="csaf-accordion" p a class="csaf-accordion-toggle-all" href="#" Expand All + /a /p div class="csaf-accordion-item" h3 a class="csaf-accordion-toggle" href="#" CVE-2025-2884 /a /h3 div class="csaf-accordion-conten

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-01

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin