Bulletins | CERT@VDE

Franklin Electric Fueling Systems Colibri

Titel

Franklin Electric Fueling Systems Colibri

Veröffentlicht

28. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Electric Fueling Systems Equipment: Colibri Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain login credentials for other users. 3. TECHNICAL DETAILS 3.1 AFFECTED ...

21.11.2023

US CERT

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

Titel

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

Veröffentlicht

21. November 2023 14:50

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a

Text

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...

21.11.2023

BOSCH PSIRT

Multiple vulnerabilities on ctrlX HMI / WR21

Titel

Multiple vulnerabilities on ctrlX HMI / WR21

Veröffentlicht

21. November 2023 01:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-175607.html

Text

BOSCH-SA-175607: The operating system of the ctrlX HMI/ WR21 before build date 20231107 has some vulnerabilities when the kiosk mode is used in conjunction with Google Chrome. Therefore, it is possible in worst case that an attacker with physical access to the device can get root access without normal authentication ...

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01

Red Lion Sixnet RTUs

Titel

Red Lion Sixnet RTUs

Veröffentlicht

16. November 2023 13:00

URL

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Red Lion Equipment: Sixnet RTU Vulnerabilities: Authentication Bypass using an Alternative Path or Channel, Exposed Dangerous Method or Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to execute commands with ...

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-12

Siemens PNI

Titel

Siemens PNI

Veröffentlicht

16. November 2023 13:00

URL

Text

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...

Siemens Mendix Runtime

Titel

Siemens Mendix Runtime

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-04

Text

Siemens RUGGEDCOM APE1808 Devices

Titel

Siemens RUGGEDCOM APE1808 Devices

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-14

Text

Siemens Mendix Studio Pro

Titel

Siemens Mendix Studio Pro

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-11

Text

Siemens SCALANCE Family Products

Titel

Siemens SCALANCE Family Products

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08

Text

Siemens OPC UA Modeling Editor (SiOME)

Titel

Siemens OPC UA Modeling Editor (SiOME)

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-07

Text

Siemens SIMATIC PCS neo

Titel

Siemens SIMATIC PCS neo

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-06

Text

Siemens Desigo CC product family

Titel

Siemens Desigo CC product family

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-03

Text

15.11.2023

US CERT

Scattered Spider

Titel

Scattered Spider

Veröffentlicht

15. November 2023 15:55

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a

Text

SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations ...

#StopRansomware: Rhysida Ransomware

US CERT

Titel

#StopRansomware: Rhysida Ransomware

Veröffentlicht

14. November 2023 17:45

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-319a

Text

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect ...

Rockwell Automation SIS Workstation and ISaGRAF Workbench

Titel

Rockwell Automation SIS Workstation and ISaGRAF Workbench

Veröffentlicht

14. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: SIS Workstation and ISaGRAF Workbench Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unprivileged local users to overwrite files replacing them with malicious programs. 3. TECHNICAL DETAILS 3.1 ...

AVEVA Operations Control Logger

Titel

AVEVA Operations Control Logger

Veröffentlicht

14. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: Operations Control Logger Vulnerabilities: Execution with Unnecessary Privileges, External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow privilege escalation or denial of service. 3. TECHNICAL DETAILS 3.1 ...

SSA-711309 V1.2 (Last Update: 2023-11-14): Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

Titel

SSA-711309 V1.2 (Last Update: 2023-11-14): Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-711309.html

Text

The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. Siemens has released updates for several affected products and recommends ...

SSA-764417 V1.8 (Last Update: 2023-11-14): Weak Encryption Vulnerability in RUGGEDCOM ROS Devices

Titel

SSA-764417 V1.8 (Last Update: 2023-11-14): Weak Encryption Vulnerability in RUGGEDCOM ROS Devices

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-764417.html

Text

The SSH server on RUGGEDCOM ROS devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device. Siemens has released updates for the affected products ...

SSA-770902 V1.1 (Last Update: 2023-11-14): Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices

Titel

SSA-770902 V1.1 (Last Update: 2023-11-14): Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-770902.html

Text

A denial of service vulnerability could allow an unauthorized attacker to cause total loss of availability in the web server of the affected devices. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures for products ...

SSA-647455 V1.1 (Last Update: 2023-11-14): Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.2 on RUGGEDCOM APE1808 d...

Titel

SSA-647455 V1.1 (Last Update: 2023-11-14): Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.2 on RUGGEDCOM APE1808 devices

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-647455.html

Text

Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC before V22.6.2. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the ...

SSA-787941 V1.4 (Last Update: 2023-11-14): Denial of Service Vulnerability in RUGGEDCOM ROS devices

Titel

SSA-787941 V1.4 (Last Update: 2023-11-14): Denial of Service Vulnerability in RUGGEDCOM ROS devices

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-787941.html

Text

RUGGEDCOM ROS-based devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop, with none completed, the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends. Siemens ...

SSA-691715 V1.3 (Last Update: 2023-11-14): Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products

Titel

SSA-691715 V1.3 (Last Update: 2023-11-14): Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-691715.html

Text

A vulnerability was identified in OPC Foundation Local Discovery Server which also affects Siemens products that could allow an attacker to escalate privileges under certain circumstances. Siemens has released an update for SIMATIC WinCC and recommends to update to the latest version. Siemens is preparing further updates and recommends specific ...

SSA-625850 V1.0: Multiple WIBU Systems CodeMeter Vulnerabilities Affecting the Desigo CC Product Family

Titel

SSA-625850 V1.0: Multiple WIBU Systems CodeMeter Vulnerabilities Affecting the Desigo CC Product Family

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-625850.html

Text

Versions V5.0 through V7 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS) are affected by multiple vulnerabilities in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of these vulnerabilities could allow remote attackers to execute arbitrary code on the Desigo ...

SSA-457702 V1.0: Wi-Fi Encryption Bypass Vulnerabilities in SCALANCE W700 Product Family

Titel

SSA-457702 V1.0: Wi-Fi Encryption Bypass Vulnerabilities in SCALANCE W700 Product Family

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-457702.html

Text

The SCALANCE W700 devices are affected by Wi-Fi encryption bypass vulnerabilities (“Framing Frames”) that could allow an attacker to disclose sensitive information or to steal the victims session. CVE-2022-47522 is divided into 3 different scenarios which are described in the section “Additional Information”. Siemens recommends specific countermeasures for products where ...