Bulletins | CERT@VDE

SSA-366067 V1.4 (Last Update: 2025-06-10): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices

Titel

SSA-366067 V1.4 (Last Update: 2025-06-10): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices

Veröffentlicht

10. Juni 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-366067.html

Text

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or ...

SSA-698820 V1.7 (Last Update: 2025-06-10): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices

Titel

SSA-698820 V1.7 (Last Update: 2025-06-10): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices

Veröffentlicht

10. Juni 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-698820.html

Text

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.

SSA-858251 V1.1 (Last Update: 2025-06-10): Authentication Bypass Vulnerabilities in OPC UA

Titel

SSA-858251 V1.1 (Last Update: 2025-06-10): Authentication Bypass Vulnerabilities in OPC UA

Veröffentlicht

10. Juni 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-858251.html

Text

The products listed below contain two authentication bypass vulnerabilities that could allow an attacker to gain access to the data managed by the server. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures ...

SSA-693776 V1.0: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2

Titel

SSA-693776 V1.0: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2

Veröffentlicht

10. Juni 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-693776.html

Text

Several Industrial Communication Devices based on SINEC OS before V3.2 contain multiple vulnerabilities that could allow an attacker to circumvent authorization checks and perform actions that exceed the permissions of the “guest” role. Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-216014 V1.1 (Last Update: 2025-06-10): Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Fie...

Titel

SSA-216014 V1.1 (Last Update: 2025-06-10): Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs

Veröffentlicht

10. Juni 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-216014.html

Text

Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations. Siemens has released new versions of BIOS for several affected products and recommends to update to the latest versions. Siemens ...

SSA-054046 V1.6 (Last Update: 2025-06-10): Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs

Titel

SSA-054046 V1.6 (Last Update: 2025-06-10): Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs

Veröffentlicht

10. Juni 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-054046.html

Text

Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the ...

SSA-874353 V1.3 (Last Update: 2025-06-10): Entity Enumeration Vulnerability in Mendix Runtime

Titel

SSA-874353 V1.3 (Last Update: 2025-06-10): Entity Enumeration Vulnerability in Mendix Runtime

Veröffentlicht

10. Juni 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-874353.html

Text

Mendix Runtime allows for entity enumeration due to distinguishable responses in certain client actions. This could allow an unauthenticated remote attacker to list all valid entities and attribute names of a Mendix Runtime-based application. Siemens has released new versions for several affected products and recommends to update to the latest ...

05.06.2025

Hitachi Energy Relion 670, 650 Series and SAM600-IO Product

Titel

Hitachi Energy Relion 670, 650 Series and SAM600-IO Product

Veröffentlicht

5. Juni 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-155-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670, Relion 650, SAM600-IO Vulnerabilities: Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption on the products. 3. TECHNICAL DETAILS 3.1 ...

05.06.2025

CyberData 011209 SIP Emergency Intercom

Titel

CyberData 011209 SIP Emergency Intercom

Veröffentlicht

5. Juni 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-155-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: CyberData Equipment: 011209 SIP Emergency Intercom Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Missing Authentication for Critical Function, SQL Injection, Insufficiently Protected Credentials, Path Traversal: '.../...//' 2. RISK EVALUATION Successful exploitation of these vulnerabilities ...

03.06.2025

Schneider Electric Wiser Home Automation

Titel

Schneider Electric Wiser Home Automation

Veröffentlicht

3. Juni 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-153-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Wiser AvatarOn 6K Freelocate, Wiser Cuadro H 5P Socket Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to ...

Mai 2025

29.05.2025

Consilium Safety CS5000 Fire Panel

Titel

Consilium Safety CS5000 Fire Panel

Veröffentlicht

29. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-03

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Consilium Safety Equipment: CS5000 Fire Panel Vulnerabilities: Initialization of a Resource with an Insecure Default, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain high-level access to ...

29.05.2025

https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-04

Instantel Micromate

Titel

Instantel Micromate

Veröffentlicht

29. Mai 2025 14:00

URL

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Instantel Equipment: Micromate Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the device's configuration port and execute commands. 3. TECHNICAL DETAILS 3.1 AFFECTED ...

29.05.2025

https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-01

Siemens SiPass

Titel

Siemens SiPass

Veröffentlicht

29. Mai 2025 14:00

URL

Text

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...

27.05.2025

Johnson Controls iSTAR Configuration Utility (ICU) Tool

Titel

Johnson Controls iSTAR Configuration Utility (ICU) Tool

Veröffentlicht

27. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-146-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Low attack complexity Vendor: Johnson Controls Inc. Equipment: iSTAR Configuration Utility (ICU) tool Vulnerability: Use of Uninitialized Variable 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to gain access to memory leaked from the ICU. 3. TECHNICAL ...

23.05.2025

SSA-367714 V1.0: Improper Integrity Check of Firmware Updates in SiPass integrated AC5102 / ACC-G2 and ACC-AP

Titel

SSA-367714 V1.0: Improper Integrity Check of Firmware Updates in SiPass integrated AC5102 / ACC-G2 and ACC-AP

Veröffentlicht

23. Mai 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-367714.html

Text

SiPass integrated ACC (Advanced Central Controller) devices do not properly check the integrity of firmware updates. This could allow an attacker to upload a maliciously modified firmware onto the device. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.

23.05.2025

SSA-041082 V1.0: Out of Bounds Read Vulnerability in SiPass Integrated Before V2.95.3.18

Titel

SSA-041082 V1.0: Out of Bounds Read Vulnerability in SiPass Integrated Before V2.95.3.18

Veröffentlicht

23. Mai 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-041082.html

Text

SiPass integrated versions before V2.95.3.18 contain an out of bounds read vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition. Siemens has released a new version for SiPass integrated and recommends to update to the latest version.

22.05.2025

Lantronix Device Installer

Titel

Lantronix Device Installer

Veröffentlicht

22. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-142-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: Lantronix Equipment: Device Installer Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to the host machine running the Device Installer software. 3. ...

22.05.2025

Rockwell Automation FactoryTalk Historian ThingWorx

Titel

Rockwell Automation FactoryTalk Historian ThingWorx

Veröffentlicht

22. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-142-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 95057C-FTHTWXCT11 Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to launch XXE-based attacks on applications that accept malicious log4net configuration files. ...

22.05.2025

SSA-726617 V1.1 (Last Update: 2025-05-22): Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module

Titel

SSA-726617 V1.1 (Last Update: 2025-05-22): Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module

Veröffentlicht

22. Mai 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-726617.html

Text

The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released a new version for Mendix OIDC SSO (Mendix 10 compatible) and recommends to update ...

Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations

US CERT

Titel

Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations

Veröffentlicht

20. Mai 2025 21:20

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-141b

Text

Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with threat actors deploying the LummaC2 information stealer (infostealer) malware. LummaC2 malware is able to infiltrate ...

Siemens Siveillance Video

Titel

Siemens Siveillance Video

Veröffentlicht

20. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-05

Text

Danfoss AK-SM 8xxA Series

Titel

Danfoss AK-SM 8xxA Series

Veröffentlicht

20. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-03

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely Vendor: Danfoss Equipment: AK-SM 8xxA Series Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could enable a remote attacker to bypass authentication and execute arbitrary code remotely. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions ...

National Instruments Circuit Design Suite

Titel

National Instruments Circuit Design Suite

Veröffentlicht

20. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: Circuit Design Suite Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 ...

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products

Titel

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products

Veröffentlicht

20. Mai 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-04

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering on the target ...