Bulletins | CERT@VDE

…
127
128
129 (current)
130
131
…

Juli 2020

14.07.2020

SIEMENS CERT

SSA-346262 (Last Update: 2020-07-14): Denial-of-Service in Industrial Products

Titel

SSA-346262 (Last Update: 2020-07-14): Denial-of-Service in Industrial Products

Veröffentlicht

14. Juli 2020 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf

Text

Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates ...

14.07.2020

SIEMENS CERT

SSA-312271 (Last Update: 2020-07-14): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications

Titel

SSA-312271 (Last Update: 2020-07-14): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications

Veröffentlicht

14. Juli 2020 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf

Text

The latest update for affected products fix local privilege escalation vulnerabilities that could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges. Siemens has released updates for some of the affected products, and is working on further updates. For the remaining affected products, Siemens ...

14.07.2020

SIEMENS CERT

SSA-293562 (Last Update: 2020-07-14): Vulnerabilities in Industrial Products

Titel

SSA-293562 (Last Update: 2020-07-14): Vulnerabilities in Industrial Products

Veröffentlicht

14. Juli 2020 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf

Text

Several industrial devices are affected by two vulnerabilities that could allow an attacker to cause a Denial-of-Service condition via PROFINET DCP network packets under certain circumstances. The precondition for this scenario is a direct layer 2 access to the affected products. PROFIBUS interfaces are not affected. Siemens has released updates ...

14.07.2020

SIEMENS CERT

SSA-270778 (Last Update: 2020-07-14): Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC Software

Titel

SSA-270778 (Last Update: 2020-07-14): Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC Software

Veröffentlicht

14. Juli 2020 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf

Text

A Denial-of-Service vulnerability was found in SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC software when encrypted communication is enabled. The vulnerability could allow an attacker with network access to cause a Denial-of-Service condition under certain circumstances (versions prior to SIMATIC WinCC V7.3 or SIMATIC PCS 7 V8.1 are ...

14.07.2020

US CERT

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Titel

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Veröffentlicht

14. Juli 2020 01:07

URL

https://us-cert.cisa.gov/ncas/alerts/aa20-195a

Text

Original release date: July 13, 2020SummaryOn July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard. An unauthenticated attacker can exploit this vulnerability through the Hypertext Transfer Protocol (HTTP) to take control of ...

Letzte Updates

Nach Quelle

Archiv

2025

2024

2023

2022

2021

2020

2019

2018

2017

Feeds