Juli 2021
13.07.2021
SIEMENS CERT
SSA-173615 V1.0: Multiple PAR and ASM File Parsing Vulnerabilities in Solid Edge
Titel
SSA-173615 V1.0: Multiple PAR and ASM File Parsing Vulnerabilities in Solid Edge
Veröffentlicht
13. Juli 2021 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-173615.pdf
Text
Siemens has released version SE2021MP5 for Solid Edge to fix multiple heap based buffer overflow vulnerabilities that could be triggered when the application read files in PAR or ASM file formats. If a user is tricked to open a malicious file with the affected application, this could lead to a ...
13.07.2021
SIEMENS CERT
SSA-448291 V1.0: Denial-of-Service Vulnerability in ARP Protocol of RWG Universal Controllers
Titel
SSA-448291 V1.0: Denial-of-Service Vulnerability in ARP Protocol of RWG Universal Controllers
Veröffentlicht
13. Juli 2021 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf
Text
A Denial-of-Service vulnerability was found affecting the ARP protocol on RWG Universal Controller devices. Siemens has released updates for the affected products and recommends to update to the latest versions.
13.07.2021
SIEMENS CERT
SSA-434536 V1.0: Memory Protection Bypass Vulnerability in SINUMERIK ONE and SINUMERIK MC
Titel
SSA-434536 V1.0: Memory Protection Bypass Vulnerability in SINUMERIK ONE and SINUMERIK MC
Veröffentlicht
13. Juli 2021 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf
Text
SINUMERIK ONE and SINUMERIK MC products are affected by a memory protection bypass vulnerability in the integrated S7-1500 CPU that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks on the CPU. Siemens is preparing updates and ...
01.07.2021
US CERT (ICS)
Sensormatic Electronics C-CURE 9000
Titel
Sensormatic Electronics C-CURE 9000
Veröffentlicht
1. Juli 2021 16:20
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-182-02
Text
This advisory contains mitigations for an Improper Input Validation vulnerability in Sensormatic Electronics C-CURE 9000 industrial software.
01.07.2021
US CERT (ICS)
Delta Electronics DOPSoft
Titel
Delta Electronics DOPSoft
Veröffentlicht
1. Juli 2021 16:15
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-182-03
Text
This advisory contains mitigations for Out-of-bounds Read vulnerabilities in Delta Electronics DOPSoft software.
01.07.2021
US CERT (ICS)
Mitsubishi Electric Air Conditioning System
Titel
Mitsubishi Electric Air Conditioning System
Veröffentlicht
1. Juli 2021 16:10
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-182-04
Text
This advisory contains mitigations for an Incorrect Implementation of Authentication Algorithm vulnerability in Mitsubishi Electric air conditioning systems.
01.07.2021
US CERT (ICS)
Mitsubishi Electric Air Conditioning Systems
Titel
Mitsubishi Electric Air Conditioning Systems
Veröffentlicht
1. Juli 2021 16:05
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-182-05
Text
This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air Conditioning Systems.
01.07.2021
US CERT (ICS)
All Bachmann M1 System Processor Modules
Titel
All Bachmann M1 System Processor Modules
Veröffentlicht
1. Juli 2021 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-026-01-0
Text
This updated advisory is a follow-up to the advisory titled ICSA-21-026-01P All Bachmann M1 System Processor Modules, posted to the HSIN ICS library on January 26, 2021. This advisory is now being released to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for a Use of Password Hash with ...
Juni 2021
29.06.2021
US CERT (ICS)
Exacq Technologies exacqVision Web Service
Titel
Exacq Technologies exacqVision Web Service
Veröffentlicht
29. Juni 2021 16:25
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01
Text
This advisory contains mitigations for a Cross-site Scripting vulnerability in Exacq Technologies exacqVision Web Service software.
29.06.2021
US CERT (ICS)
Exacq Technologies exacqVision Enterprise Manager
Titel
Exacq Technologies exacqVision Enterprise Manager
Veröffentlicht
29. Juni 2021 16:20
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-02
Text
This advisory contains mitigations for a Cross-site Scripting vulnerability in Exacq Technologies exacqVision Enterprise Manager software.
29.06.2021
US CERT (ICS)
Panasonic FPWIN Pro
Titel
Panasonic FPWIN Pro
Veröffentlicht
29. Juni 2021 16:15
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03
Text
This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Panasonic FPWIN Pro programming control software.
29.06.2021
US CERT (ICS)
JTEKT TOYOPUC PLC
Titel
JTEKT TOYOPUC PLC
Veröffentlicht
29. Juni 2021 16:10
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04
Text
This advisory contains mitigations for an Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the JTEKT TOYOPUC programmable logic controller (PLC).
22.06.2021
US CERT (ICS)
CODESYS V2 web server
Titel
CODESYS V2 web server
Veröffentlicht
22. Juni 2021 16:10
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-173-02
Text
This advisory contains mitigations for Stack-based Buffer Overflow, Improper Access Control, Buffer Copy without Checking Size of Input, Improperly Implemented Security Check, Out-of-bounds Write, and Out-of-bounds Read vulnerabilities in CODESYS V2 web servers.
22.06.2021
US CERT (ICS)
CODESYS Control V2 communication
Titel
CODESYS Control V2 communication
Veröffentlicht
22. Juni 2021 16:05
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-173-03
Text
This advisory contains mitigations for Stack-based Buffer Overflow, Heap-based Buffer Overflow, and Improper Input Validation vulnerabilities in CODESYS V2 runtime systems software
22.06.2021
US CERT (ICS)
CODESYS Control V2 Linux SysFile library
Titel
CODESYS Control V2 Linux SysFile library
Veröffentlicht
22. Juni 2021 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-173-04
Text
This advisory contains mitigations for an OS Command Injection vulnerability in CODESYS V2 Runtime Toolkit software.
17.06.2021
US CERT (ICS)
Schneider Electric Enerlin'X Com’X 510
Titel
Schneider Electric Enerlin'X Com’X 510
Veröffentlicht
17. Juni 2021 16:20
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-168-01
Text
This advisory contains mitigations for a Improper Privilege Management vulnerability in Schneider Electric Enerlin'X Com’X 510 energy servers.
17.06.2021
US CERT (ICS)
Softing OPC-UA C++ SDK
Titel
Softing OPC-UA C++ SDK
Veröffentlicht
17. Juni 2021 16:15
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-168-02
Text
This advisory contains mitigations for an Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Softing OPC-UA C++ Software Development Kit (SDK).
17.06.2021
US CERT (ICS)
WAGO M&M Software fdtCONTAINER (Update C)
Titel
WAGO M&M Software fdtCONTAINER (Update C)
Veröffentlicht
17. Juni 2021 16:05
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-021-05
Text
This updated advisory is a follow-up to the advisory update titled ICSA-21-021-05 WAGO M&M Software fdtCONTAINER (Update B) that was published February 16, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for a Deserialization of Untrusted Data vulnerability in the M&M (a WAGO subsidiary) fdtCONTAINER application.
17.06.2021
US CERT (ICS)
Rockwell Automation ISaGRAF5 Runtime (Update A)
Titel
Rockwell Automation ISaGRAF5 Runtime (Update A)
Veröffentlicht
17. Juni 2021 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-20-280-01
Text
This updated advisory is a follow-up to the portal-to-web advisory titled ICSA-20-280-01P Rockwell Automation ISaGRAF5 Runtime. This advisory was originally posted to the HSIN ICS library on October 6, 2020, and was then published as ICSA-20-280-01 Rockwell Automation ISaGRAF5 Runtime to the ICS webpage on us-cert.cisa.gov on June 8, 2021. ...
15.06.2021
US CERT (ICS)
ThroughTek P2P SDK
Titel
ThroughTek P2P SDK
Veröffentlicht
15. Juni 2021 16:10
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-166-01
Text
This advisory contains mitigations for a Cleartext Transmission of Sensitive Information vulnerability in ThroughTek P2P Software Development Kit (SDK).
09.06.2021
BOSCH PSIRT
Multiple vulnerabilities in Bosch IP cameras
Titel
Multiple vulnerabilities in Bosch IP cameras
Veröffentlicht
9. Juni 2021 02:00
URL
https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html
Text

BOSCH-SA-478243-BT: Multiple vulnerabilities for Bosch IP cameras have been discovered in a Penetration Test from Kaspersky ICS CERT during a certification effort from Bosch. Bosch rates these vulnerabilities with CVSSv3.1 base scores from 9.8 (Critical) to 4.9 (Medium), where the actual rating depends on the individual vulnerability and the final ...

08.06.2021
SIEMENS CERT
SSA-678983 V1.1 (Last Update: 2021-06-08): Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020)
Titel
SSA-678983 V1.1 (Last Update: 2021-06-08): Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020)
Veröffentlicht
8. Juni 2021 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf
Text
Intel has published information on vulnerabilities in Intel products in November 2020. This advisory lists the Siemens IPC related products, that are affected by these vulnerabilities. In this advisory we take a representative CVE from each advisory: “Intel CSME, SPS, TXE, AMT and DAL Advisory” Intel-SA-00391 is represented by CVE-2020-8745 ...
08.06.2021
SIEMENS CERT
SSA-200951 V1.0: Multiple Vulnerabilities in Third-Party Component libcurl of TIM Devices
Titel
SSA-200951 V1.0: Multiple Vulnerabilities in Third-Party Component libcurl of TIM Devices
Veröffentlicht
8. Juni 2021 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf
Text
SIMATIC TIM 1531 IRC devices are vulnerable to multiple vulnerabilities in the third party component libcurl that could allow an attacker to extract sensitive information and pass a revoked certificate as valid. Siemens has released an update for SIMATIC TIM 1531 IRC and recommends to update to the latest versions.
08.06.2021
SIEMENS CERT
SSA-208356 V1.0: DFT File Parsing Vulnerabilities in Solid Edge
Titel
SSA-208356 V1.0: DFT File Parsing Vulnerabilities in Solid Edge
Veröffentlicht
8. Juni 2021 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-208356.pdf
Text
Siemens has released a new version for Solid Edge to fix two vulnerabilities that could be triggered when the application read files in DFT file format. If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary ...
08.06.2021
SIEMENS CERT
SSA-133038 V1.0: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap
Titel
SSA-133038 V1.0: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap
Veröffentlicht
8. Juni 2021 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-133038.pdf
Text
Siemens Simcenter Femap is affected by two vulnerabilities that could be triggered when the application reads modfem files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the ...

Letzte Updates

BOSCH PSIRT
14.08.2025
SIEMENS CERT
26.08.2025
US CERT
25.08.2025
US CERT (ICS)
04.09.2025

Nach Quelle

Archiv

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds