Bulletins

Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …

Multiple vulnerabilities have been identified in SIEMENS CP1604 and CP1616 devices. The most severe of these vulnerabilities could allow an attacker to extract internal communication data or cause a Denial-of-Service condition.

Older versions of the S7-1500 CPU are affected by two Denial-of-Service vulnerabilities. Siemens has released updates for the currently supported hardware versions.

SCALANCE X switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C are affected by a vulnerability that could allow an unprivileged attacker located in the same local network segment (OSI Layer 2) to gain system privileges by sending a specially crafted DHCP response to a client's DHCP request. Siemens has released …

Various industrial products use the Discovery Service of the OPC UA protocol stack by the OPC foundation https://github.com/OPCFoundation/UA-.NETStandard and could therefore be affected by the remote resource consumption attacks (CVE-2017-12069).

The latest update for TIM 1531 IRC fixes a vulnerability. The devices was missing proper authentication when connecting on port 102/tcp, although configured. An attacker needs to be able to connect to port 102/tcp of an affected device in order to exploit this vulnerability. The vulnerability could allow an attacker …

TIM 1531 IRC is affected by a vulnerability. The devices are missing proper authentication when connecting on port 102/tcp, although configured. An attacker needs to be able to connect to port 102/tcp of an affected device in order to exploit this vulnerability. The vulnerability could allow an attacker to perform …