Bulletins | CERT@VDE

SSA-580693 V1.2 (Last Update: 2022-01-11): WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products

Titel

SSA-580693 V1.2 (Last Update: 2022-01-11): WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products

Veröffentlicht

11. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-580693.pdf

Text

WIBU Systems published information about a denial-of-service vulnerability and an associated fix release version of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management. The vulnerability is described in the section “Vulnerability Classification” below and got assigned the CVE ID CVE-2021-41057. Successful ...

SSA-185699 V1.2 (Last Update: 2022-01-11): Out of Bounds Write Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS

Titel

SSA-185699 V1.2 (Last Update: 2022-01-11): Out of Bounds Write Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS

Veröffentlicht

11. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf

Text

Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as “NAME:WRECK” vulnerabilities. The vulnerabilities described in this advisory are from this set. The DNS client of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains two out of bounds write vulnerabilities in the ...

SSA-995338 V1.0: Multiple Vulnerabilities in COMOS Web

Titel

SSA-995338 V1.0: Multiple Vulnerabilities in COMOS Web

Veröffentlicht

11. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf

Text

Multiple vulnerabilities were identified in the COMOS Web component of COMOS. They could allow an attacker to conduct code injections, store data in undesired locations, execute arbitrary SQL statements, and run cross-site-request-forgery attacks. Siemens has released an update for COMOS and recommends to update to the latest version.

SSA-845392 V1.0: Multiple Vulnerabilities in Nucleus RTOS based Siemens Energy PLUSCONTROL 1st Gen Devices

Titel

SSA-845392 V1.0: Multiple Vulnerabilities in Nucleus RTOS based Siemens Energy PLUSCONTROL 1st Gen Devices

Veröffentlicht

11. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf

Text

Multiple vulnerabilities (also known as “NUCLEUS:13”) have been identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-044112: https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf. PLUSCONTROL 1st Gen devices are affected by some of the vulnerabilities as documented below. Siemens Energy recommends specific countermeasures for products where updates are not ...

SSA-439673 V1.0: Information Disclosure Vulnerability in SIPROTEC 5 Devices

Titel

SSA-439673 V1.0: Information Disclosure Vulnerability in SIPROTEC 5 Devices

Veröffentlicht

11. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdf

Text

An information disclosure vulnerability in SIPROTEC 5 products could allow an unauthenticated attacker to read device information. Only devices with the hardware variants CP050, CP100 and CP300 are affected. The DIGSI engineering tool can be used to identify the hardware version of your devices. Siemens has released updates for the ...

SSA-324998 V1.0: Multiple Vulnerabilities in SICAM A8000

Titel

SSA-324998 V1.0: Multiple Vulnerabilities in SICAM A8000

Veröffentlicht

11. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324998.pdf

Text

SICAM A8000 devices are impacted by two vulnerabilities. The first one could allow a privileged user to enable a debug port with default credentials. The second vulnerability could allow unauthenticated access to certain previously created log files. Siemens has released updates for the affected products and recommends to update to ...

SSA-201384 V1.2 (Last Update: 2022-01-11): Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus ...

Titel

SSA-201384 V1.2 (Last Update: 2022-01-11): Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus RTOS

Veröffentlicht

11. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf

Text

Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as “NAME:WRECK” vulnerabilities. The vulnerability described in this advisory is from this set. The DNS client of of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability related to the handling of ...

06.01.2022

Philips Engage Software

Titel

Philips Engage Software

Veröffentlicht

6. Januar 2022 16:15

URL

https://us-cert.cisa.gov/ics/advisories/icsma-22-006-01

Text

This advisory contains mitigations for an Improper Access Control vulnerability in Philips Engage customer support software platform.

06.01.2022

https://us-cert.cisa.gov/ics/advisories/icsa-22-006-02

Fernhill SCADA

Titel

Fernhill SCADA

Veröffentlicht

6. Januar 2022 16:05

URL

Text

This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability the Fernhill SCADA Server background service (daemon).

06.01.2022

https://us-cert.cisa.gov/ics/advisories/icsa-22-006-03

IDEC PLCs

Titel

IDEC PLCs

Veröffentlicht

6. Januar 2022 16:00

URL

Text

This advisory contains mitigations for Unprotected Transport of Credentials, and Plaintext Storage of a Password vulnerabilities in the IDEC PLC program.

05.01.2022

SSA-661247 V2.2 (Last Update: 2022-01-05): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Titel

SSA-661247 V2.2 (Last Update: 2022-01-05): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Veröffentlicht

5. Januar 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Text

On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...

Dezember 2021

28.12.2021

SSA-784507 V1.0: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products

Titel

SSA-784507 V1.0: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products

Veröffentlicht

28. Dezember 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf

Text

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) contain a vulnerability (CVE-2021-44832) that could allow an attacker with permission to modify the logging configuration file to execute arbitrary code, when the JDBC Appender is used [1]. This advisory informs about the impact of CVE-2021-44832 to ...

28.12.2021

SSA-661247 V2.1 (Last Update: 2021-12-28): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Titel

SSA-661247 V2.1 (Last Update: 2021-12-28): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Veröffentlicht

28. Dezember 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Text

27.12.2021

SSA-661247 V2.0 (Last Update: 2021-12-27): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Titel

SSA-661247 V2.0 (Last Update: 2021-12-27): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Veröffentlicht

27. Dezember 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Text

Moxa MGate Protocol Gateways

Titel

Moxa MGate Protocol Gateways

Veröffentlicht

23. Dezember 2021 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-357-01

Text

This advisory contains mitigations for a Cross-site Scripting vulnerability in the Moxa MGate Protocol Gateways, a serial-to-Ethernet Modbus gateway.

Johnson Controls exacq Enterprise Manager

Titel

Johnson Controls exacq Enterprise Manager

Veröffentlicht

23. Dezember 2021 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-357-02

Text

This advisory contains mitigations for an Improper Input Validation vulnerability in the Johnson Controls exacq Enterprise Manager tool.

SSA-479842 V1.1 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platf...

Titel

SSA-479842 V1.1 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platform, Basic and Advanced)

Veröffentlicht

23. Dezember 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf

Text

SSA-661247 V1.9 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Titel

SSA-661247 V1.9 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Veröffentlicht

23. Dezember 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Text

22.12.2021

US CERT

AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Titel

AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Veröffentlicht

22. Dezember 2021 16:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa21-356a

Text

Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ ...

22.12.2021

BOSCH PSIRT

Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)

Titel

Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)

Veröffentlicht

22. Dezember 2021 01:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-993110-bt.html

Text

BOSCH-SA-993110-BT: The 1.0.31 software version of the PRAESENSA Advanced Public Address Server (PRA-APAS) contains version 2.10.0 of the Apache Log4j logging service. Recently Apache has warned that this Log4j version contains multiple vulnerabilities, including the Log4Shell vulnerability (CVE-2021-44228).This Log4Shell vulnerability allows remote code execution by sending a specifically crafted log ...

22.12.2021

SSA-661247 V1.8 (Last Update: 2021-12-22): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Titel

SSA-661247 V1.8 (Last Update: 2021-12-22): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Veröffentlicht

22. Dezember 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Text

Fresenius Kabi Agilia Connect Infusion System

Titel

Fresenius Kabi Agilia Connect Infusion System

Veröffentlicht

21. Dezember 2021 16:25

URL

https://us-cert.cisa.gov/ics/advisories/icsma-21-355-01

Text

This advisory contains mitigations for several vulnerabilities in the Fresenius Kabi Agilia Connect Infusion System.

https://us-cert.cisa.gov/ics/advisories/icsa-21-355-01

mySCADA myPRO

Titel

mySCADA myPRO

Veröffentlicht

21. Dezember 2021 16:20

URL

Text

This advisory contains mitigations for Authentication Bypass Using an Alternate Path or Channel, Use of Password Hash with Insufficient Computational Effort, Hidden Functionality, and OS Command Injection vulnerabilities in the mySCADA myPRO HMI/SCADA system.

Horner Automation Cscape EnvisionRV

Titel

Horner Automation Cscape EnvisionRV

Veröffentlicht

21. Dezember 2021 16:15

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-355-02

Text

This advisory contains mitigations for an Improper Input Validation vulnerability in Horner Automation Cscape EnvisionRV industrial remote viewing software.