Siemens Teamcenter

p a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-134-04.json" strong View CSAF /strong /a /p h2 Summary /h2 p strong Siemens Teamcenter is affected by multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released new versions for the affected products and recommends to update to the latest versions. /strong /p p The following versions of Siemens Teamcenter are affected: /p ul li Teamcenter V2312 vers:intdot/ lt;2312.0014, vers:intdot/ lt;2312.0009 (CVE-2026-33862, CVE-2026-33893, CVE-2024-4367) /li li Teamcenter V2406 vers:intdot/ lt;2406.0012, vers:intdot/ lt;2406.0006 (CVE-2026-33862, CVE-2026-33893, CVE-2024-4367) /li li Teamcenter V2412 vers:intdot/ lt;2412.0009 (CVE-2026-33862, CVE-2026-33893) /li li Teamcenter V2506 vers:intdot/ lt;2506.0005 (CVE-2026-33862, CVE-2026-33893) /li li Teamcenter V2512 vers:all/* nbsp; /li /ul div class="csaf-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS /th th role="columnheader" Vendor /th th role="columnheader" Equipment /th th role="columnheader" Vulnerabilities /th /tr /thead tbody tr td v3 7.5 /td td Siemens /td td Siemens Teamcenter /td td Improper Check for Unusual or Exceptional Conditions, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Use of Hard-coded Credentials /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Critical Manufacturing /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Germany /li /ul hr h2 Vulnerabilities /h2 div class="csaf-accordion" p a class="csaf-accordion-toggle-all" href="#" Expand All + /a /p div class="csaf-accordion-item" h3 a class="csaf-accordion-toggle" href="#" CVE-2024-4367 /a /h3 div class="csaf-accordion-content" p A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox lt; 126, Firefox ESR lt; 115.11, and Thunderbird lt; 115.11. /p p a href="https://www.cve.org/CVERecord?id=CVE-2024-4367" View CVE Details /a /p hr h4 Affected Products /h4 h5 Siemens Teamcenter /h5 div class="ics-vendor-version-status" div class="ics-vendor" strong Vendor: /strong br Siemens /div div class="ics-version" strong Product Version: /strong br Teamcenter V2312, Teamcenter V2406 /div div class="ics-status" strong Product Status: /strong br known_affected, known_not_affected /div /div div class="ics-remediations" h6 Remediations /h6 p strong Vendor fix /strong br Update to V2312.0009 or later version br a href="https://support.sw.siemens.com/product/282219420/" https://support.sw.siemens.com/product/282219420/ /a /p p strong Vendor fix /strong br Update to V2406.0006 or later version br a href="https://support.s