Bulletins | CERT@VDE

…
136
137
138 (current)
139
140
…

September 2018

11.09.2018

SIEMENS CERT

SSA-179516 (Last Update: 2018-09-11): OpenSSL Vulnerability in Industrial Products

Titel

SSA-179516 (Last Update: 2018-09-11): OpenSSL Vulnerability in Industrial Products

Veröffentlicht

11. September 2018 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-179516.pdf

Text

A vulnerability in OpenSSL affects several Siemens industrial products. Siemens has released updates for some affected products and is working on updates for others.

11.09.2018

SIEMENS CERT

SSA-168644 (Last Update: 2018-09-11): Spectre and Meltdown Vulnerabilities in Industrial Products

Titel

SSA-168644 (Last Update: 2018-09-11): Spectre and Meltdown Vulnerabilities in Industrial Products

Veröffentlicht

11. September 2018 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-168644.pdf

Text

Security researchers published information on vulnerabilities known as Spectre and Meltdown. These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Industrial Products include affected processors and are affected by the vulnerabilities.

11.09.2018

SIEMENS CERT

SSA-346256 (Last Update: 2018-09-11): Vulnerability in SIMATIC WinCC OA V3.14 and prior

Titel

SSA-346256 (Last Update: 2018-09-11): Vulnerability in SIMATIC WinCC OA V3.14 and prior

Veröffentlicht

11. September 2018 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-346256.pdf

Text

The latest update for SIMATIC WinCC OA V3.14 fixes a vulnerability that could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability affects SIMATIC WinCC OA V3.14 and prior. SIMATIC WinCC OA V3.15 and V3.16 are not affected by this ...

11.09.2018

SIEMENS CERT

SSA-447396 (Last Update: 2018-09-11): Denial-of-Service in SCALANCE X300, SCALANCE X408 and SCALANCE X414

Titel

SSA-447396 (Last Update: 2018-09-11): Denial-of-Service in SCALANCE X300, SCALANCE X408 and SCALANCE X414

Veröffentlicht

11. September 2018 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-447396.pdf

Text

A vulnerability has been identified in the integrated web server of SCALANCE X300, SCALANCE X408, and SCALANCE X414. The vulnerability could allow an attacker with network access to the device to cause a Denial-of-Service condition. The vulnerability can be triggered with publicly available tools, including vulnerability scanners. Siemens provides updates ...

11.09.2018

SIEMENS CERT

SSA-268644 (Last Update: 2018-09-11): Spectre-NG (Variants 3a and 4) Vulnerabilities in Industrial Products

Titel

SSA-268644 (Last Update: 2018-09-11): Spectre-NG (Variants 3a and 4) Vulnerabilities in Industrial Products

Veröffentlicht

11. September 2018 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf

Text

Security researchers published information on vulnerabilities known as Spectre-NG (Variants 3a and 4). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Industrial Products include affected processors and are affected by the vulnerabilities.

11.09.2018

SIEMENS CERT

SSA-914382 (Last Update: 2018-09-11): Denial-of-Service Vulnerability in SIMATIC S7-400

Titel

SSA-914382 (Last Update: 2018-09-11): Denial-of-Service Vulnerability in SIMATIC S7-400

Veröffentlicht

11. September 2018 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-914382.pdf

Text

SIMATIC S7-400 CPUs are affected by a security vulnerability which could lead to a Denial-of-Service condition of the PLC if specially crafted packets are received and processed. The affected SIMATIC S7-400 CPU hardware versions are in the product cancellation phase or already phased-out. Siemens recommends customers either upgrading to a ...

Letzte Updates

Nach Quelle

Archiv

2024

2023

2022

2021

2020

2019

2018

2017

Feeds