Security advisories from Siemens ProductCERT and CISA ICS-CERT, refreshed every 6 hours.
CVE IDs cross-referenced against your portfolio — red rows indicate active impact.
Note: Siemens CVE IDs are not published in their RSS feed; click "Open →" for full advisory details.
Advisory
Vendor
Severity
CVE IDs
Published
Portfolio
Operations
SBOM Upload
StarragTornos Group · 11 products enrolled
Drop SBOM file here
CycloneDX 1.5 / 1.6 or SPDX 2.3 — JSON or XML
cdx.jsoncdx.xmlspdx.jsonspdx.xml.sbom
or
sbom-v4.2.1.cdx.json248 KB
Validating schema…0%
Product metadata
Stored immutably · EU-region object storage sha256 hash recorded to audit trail on ingestion
How to create CycloneDX and SPDX SBOMs with Trivy, Syft, and cdxgen
DT connected
NVD synced 2h ago
—
Realm: —
EU-CH hosted
v1.0.0
—
—
—
—
Critical
—
High
—
Medium
—
Components
—
CVE / ID
Component
Sev
CERS
Analysis
CRIT
—
—
VEX Assessment
CRIT
—
—
Notification metadata
Notification date/time
—
24h ENISA deadline
—
Manufacturer
—
Affected product
—
Vulnerability
Description
—
CVE identifier
—
EUVD identifier
—
CVSS score
—
Severity
—
Affected component
—
VEX assessment
Analysis state
—
Existing VEX detail
—
Mitigation & response narrative
Edit Product
Name
Parent group
Product Criticality Score (PCS)
New Product Group
A group lets you organise multiple product versions under one umbrella. Groups are excluded from portfolio statistics.
Group name
Edit User —
VB
Display name
Full name
Email
Password reset
Set a new temporary password for this user
New password
Change Password
Current password
New password
Confirm new password
Profile
VB
Display name
Username
Keyboard shortcuts
Navigation — press G then letter
DashboardG·D
ProductsG·P
VulnerabilitiesG·V
VEX ManagerG·X
ENISA ReportsG·E
SBOM UploadG·U
Audit TrailG·A
OrganisationG·O
Actions
Global searchCtrl+K
Show this help?
Close drawer / overlayEsc
CRIT
—
—
Products
—
Critical
—
High
—
Medium
—
CVE / ID
Sev
CVSS
Product
VEX State
CRIT
—
—
CVSS v3
—
EPSS
—
Affected products
—
KEV
—
In triage
—
EUVD ID
—
Affected products & VEX state
Product
Component
Version
VEX State
References
Type to search across all loaded data
G — waiting for destination…
CRA Exploitability Risk Score
A composite 0–100 score combining exploit reality, regulatory exposure, and product criticality.
Designed as the primary prioritisation metric for CRA escalation decisions.
Input normalisation
CVSS_norm = CVSS / 10 → 0–1
EPSS = 0–1 probability of exploit within 30 days (unchanged)
KEV = 1 if in CISA Known Exploited Vulnerabilities catalog, else 0
The CRA Risk Score is the default sort order in Vulnerabilities, VEX Manager, and ENISA Report Builder.
Full formula documentation and data source details are in
Intelligence & Scoring.
