SIEMENS CERT
02/10/2020
SIMATIC S7-400 CPUs are affected by a security vulnerability which could lead to a Denial-of-Service condition of the PLC if specially crafted packets are received and processed. The affected SIMATIC S7-400 CPU hardware versions are in the product cancellation phase or already phased-out. Siemens recommends customers either upgrading to a …
SIEMENS CERT
02/10/2020
Two vulnerabilities have been identified in SIEMENS LOGO!8 BM devices. The most severe vulnerability could allow an attacker to hijack existing web sessions. Siemens provides LOGO!8 BM FS-05 with firmware version V1.81.2, which fixes the first vulnerability, and recommends specific mitigations for the second vulnerability.
SIEMENS CERT
02/10/2020
A vulnerability in the affected devices could allow an unauthenticated attacker with network access to an affected device to perform a denial-of-service. Siemens is preparing updates and recommends specific countermeasures until patches are available.
SIEMENS CERT
02/10/2020
The latest update for TIM 1531 IRC fixes a security vulnerability that could allow unauthorized remote attackers to perform administrative operations on the device. Siemens recommends updating as soon as possible.
SIEMENS CERT
02/10/2020
Two vulnerabilities have been identified in the SIMATIC S7-400 CPU family that could allow an attacker to cause a Denial-of-Service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp via Ethernet, PROFIBUS or Multi Point Interfaces (MPI). Siemens provides updates …
SIEMENS CERT
02/10/2020
Two vulnerabilities have been identified in SIMATIC S7-300 and S7-400 CPU families. One vulnerability could lead to a Denial-of-Service, the other vulnerability could result in credential disclosure. Siemens recommends specific mitigations. Siemens will update this advisory when new information becomes available.
SIEMENS CERT
02/10/2020
The latest firmware update for SIMATIC S7-1200 CPUs fixes a vulnerability that could allow an attacker to perform a CSRF (Cross-Site Request Forgery) attack under certain conditions.
SIEMENS CERT
02/10/2020
SIMOCODE pro V EIP is affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released an update for SIMOCODE pro V EIP and recommends that customers update to the new version.