Bulletins | CERT@VDE

…
26
27
28 (current)
29
30
…

Juli 2024

09.07.2024

SIEMENS CERT

SSA-750499 V1.0: Weak Encryption Vulnerability in SIPROTEC 5 Devices

Titel

SSA-750499 V1.0: Weak Encryption Vulnerability in SIPROTEC 5 Devices

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-750499.html

Text

The SIPROTEC 5 devices are supporting weak encryption. This could allow an unauthorized attacker in a man-in-the-middle position to read any data passed over the connection between legitimate clients and the affected device. Siemens has released new versions for several affected products and recommends to update to the latest versions. ...

09.07.2024

SIEMENS CERT

SSA-711309 V2.0 (Last Update: 2024-07-09): Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

Titel

SSA-711309 V2.0 (Last Update: 2024-07-09): Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-711309.html

Text

The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. Siemens has released new versions for several affected products and ...

09.07.2024

SIEMENS CERT

SSA-346262 V3.3 (Last Update: 2024-07-09): Denial of Service Vulnerability in SNMP Interface of Industrial Products

Titel

SSA-346262 V3.3 (Last Update: 2024-07-09): Denial of Service Vulnerability in SNMP Interface of Industrial Products

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-346262.html

Text

Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a denial of service attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

09.07.2024

SIEMENS CERT

SSA-686975 V1.4 (Last Update: 2024-07-09): IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs

Titel

SSA-686975 V1.4 (Last Update: 2024-07-09): IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-686975.html

Text

Intel has published information on vulnerabilities in Intel products in November 2022. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update (“2022.3 IPU – BIOS Advisory” Intel-SA-00688). Siemens is preparing updates and recommends specific countermeasures for products ...

09.07.2024

SIEMENS CERT

SSA-780073 V2.4 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets

Titel

SSA-780073 V2.4 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-780073.html

Text

Products that include the Siemens PROFINET-IO (PNIO) stack in versions prior V06.00 are potentially affected by a denial of service vulnerability when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. Siemens has released new versions for several affected products and recommends to update to the latest versions. ...

08.07.2024

US CERT

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

Titel

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

Veröffentlicht

8. Juli 2024 15:52

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-190a

Text

Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Canadian ...

Letzte Updates

Nach Quelle

Archiv

2025

2024

2023

2022

2021

2020

2019

2018

2017

Feeds