Bulletins | CERT@VDE

SSA-832273 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 devices

Titel

SSA-832273 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 devices

Veröffentlicht

12. März 2024 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-832273.html

Text

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.

07.03.2024

Chirp Systems Chirp Access

Titel

Chirp Systems Chirp Access

Veröffentlicht

7. März 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-067-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Chirp Systems Equipment: Chirp Access Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take control and gain unrestricted physical access to systems using the affected product. ...

06.03.2024

BOSCH PSIRT

Multiple OpenSSL vulnerabilities in BVMS

Titel

Multiple OpenSSL vulnerabilities in BVMS

Veröffentlicht

6. März 2024 01:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-090577-bt.html

Text

BOSCH-SA-090577-BT: BVMS is using a Device Adapter service for communication with Tattile cameras which is also active when no Tattile cameras are added in the BVMS installation. This service uses an OpenSSL library, which has multiple vulnerabilities as published by OpenSSL. When successfully exploited, these vulnerabilities could lead to command ...

06.03.2024

BOSCH PSIRT

Git for Windows Multiple Security Vulnerabilities in Bosch DIVAR IP all-in-one Devices

Titel

Git for Windows Multiple Security Vulnerabilities in Bosch DIVAR IP all-in-one Devices

Veröffentlicht

6. März 2024 01:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-637386-bt.html

Text

BOSCH-SA-637386-BT: DIVAR IP System Manager is a central user interface that provides an easy system setup, configuration and application software upgrades through an easily accessible web-based application.\Multiple Git for Windows vulnerabilities have been discovered in DIVAR IP System Manager versions prior to 2.3.0, affecting several Bosch DIVAR IP all-in-one models.

05.03.2024

Nice Linear eMerge E3-Series

Titel

Nice Linear eMerge E3-Series

Veröffentlicht

5. März 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-065-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Nice Equipment: Linear eMerge E3-Series Vulnerabilities: Path traversal, Cross-site scripting, OS command injection, Unrestricted Upload of File with Dangerous Type, Incorrect Authorization, Exposure of Sensitive Information to an Authorized Actor, Insufficiently Protected Credentials, ...

Februar 2024

29.02.2024

Delta Electronics CNCSoft-B

Titel

Delta Electronics CNCSoft-B

Veröffentlicht

29. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-060-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft-B Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Delta Electronics products are affected: ...

27.02.2024

Mitsubishi Electric Multiple Factory Automation Products

Titel

Mitsubishi Electric Multiple Factory Automation Products

Veröffentlicht

27. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-058-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-F Series Vulnerability: Insufficient Resource Pool 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a temporary denial-of-service (DoS) condition for a certain period of ...

26.02.2024

#StopRansomware: Phobos Ransomware

Titel

#StopRansomware: Phobos Ransomware

Veröffentlicht

26. Februar 2024 15:51

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060a

Text

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...

23.02.2024

SVR Cyber Actors Adapt Tactics for Initial Cloud Access

Titel

SVR Cyber Actors Adapt Tactics for Initial Cloud Access

Veröffentlicht

23. Februar 2024 18:37

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-057a

Text

How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes, or Cozy Bear. The UK National Cyber Security Centre (NCSC) and ...

21.02.2024

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Titel

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Veröffentlicht

21. Februar 2024 21:30

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b

Text

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory to warn that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. CISA and authoring organizations appreciate ...

20.02.2024

https://www.cisa.gov/news-events/ics-advisories/icsa-24-051-02

Ethercat Zeek Plugin

Titel

Ethercat Zeek Plugin

Veröffentlicht

20. Februar 2024 13:00

URL

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: CISA Equipment: Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Plugin for Zeek Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution. 3. TECHNICAL DETAILS 3.1 ...

20.02.2024

Mitsubishi Electric Electrical Discharge Machines

Titel

Mitsubishi Electric Electrical Discharge Machines

Veröffentlicht

20. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-051-03

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Electrical discharge machines Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose, tamper with, destroy or delete information in the products, or cause ...

20.02.2024

https://www.cisa.gov/news-events/ics-advisories/icsa-24-051-01

Commend WS203VICM

Titel

Commend WS203VICM

Veröffentlicht

20. Februar 2024 13:00

URL

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Commend Equipment: WS203VICM Vulnerabilities: Argument Injection, Improper Access Control, Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive information or force the system to restart. 3. ...

Siemens SIMATIC RTLS Gateways

Titel

Siemens SIMATIC RTLS Gateways

Veröffentlicht

15. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-03

Text

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...

https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-06

Siemens Unicam FX

Titel

Siemens Unicam FX

Veröffentlicht

15. Februar 2024 13:00

URL

Text

Siemens SIMATIC WinCC, OpenPCS

Titel

Siemens SIMATIC WinCC, OpenPCS

Veröffentlicht

15. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-12

Text

Siemens SCALANCE SC-600 Family

Titel

Siemens SCALANCE SC-600 Family

Veröffentlicht

15. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-09

Text

Siemens Tecnomatix Plant Simulation

Titel

Siemens Tecnomatix Plant Simulation

Veröffentlicht

15. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-07

Text

Siemens CP343-1 Devices

Titel

Siemens CP343-1 Devices

Veröffentlicht

15. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-04

Text

14.02.2024

Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization

Titel

Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization

Veröffentlicht

14. Februar 2024 21:19

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-046a

Text

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after documents containing host and user information, including metadata, were posted on a dark web brokerage site. Analysis confirmed that an ...

Mitsubishi Electric MELSEC iQ-R Series Safety CPU

Titel

Mitsubishi Electric MELSEC iQ-R Series Safety CPU

Veröffentlicht

13. Februar 2024 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-044-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Module Vulnerability: Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a non-administrator user to disclose the credentials (user ID ...

SSA-398330 V1.2 (Last Update: 2024-02-13): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Titel

SSA-398330 V1.2 (Last Update: 2024-02-13): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

Veröffentlicht

13. Februar 2024 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Text

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). These GNU/Linux vulnerabilities have been externally identified. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not ...

SSA-309571 V2.0 (Last Update: 2024-02-13): IPU 2021.1 Vulnerabilities in Siemens Industrial Products using Intel CPUs (June 2021)

Titel

SSA-309571 V2.0 (Last Update: 2024-02-13): IPU 2021.1 Vulnerabilities in Siemens Industrial Products using Intel CPUs (June 2021)

Veröffentlicht

13. Februar 2024 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-309571.html

Text

Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 ...

SSA-248289 V1.2 (Last Update: 2024-02-13): Denial of Service Vulnerabilities in the IPv6 Stack of Nucleus RTOS

Titel

SSA-248289 V1.2 (Last Update: 2024-02-13): Denial of Service Vulnerabilities in the IPv6 Stack of Nucleus RTOS

Veröffentlicht

13. Februar 2024 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-248289.html

Text

The IPv6 stack of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains two vulnerabilities when processing IPv6 headers which could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest ...