CVE-2021-42027

Name of the Vulnerable Software and Affected Versions SINUMERIK Edge versions prior to V3.2

Description A security issue has been identified where the affected software fails to properly validate the server certificate when establishing a TLS connection. This could enable an attacker to impersonate a trusted entity by interfering with the communication between the client and the intended server.

Recommendations For SINUMERIK Edge versions prior to V3.2, update to version V3.2 or later to resolve the issue. As a temporary workaround, consider restricting TLS connections to trusted servers or implementing additional validation measures for server certificates until a patch is available.