SIEMENS CERT
06/12/2018
Siemens Healthineers has become aware of two potential cybersecurity vulnerabilities for the RAPIDLab® 1200 Series and RAPIDPoint® 400/405/500 Blood Gas Analyzers and recommends specific countermeasures to mitigate the risk. At the time of advisory publication, no public exploitation of this security vulnerability is known.
SIEMENS CERT
06/12/2018
SIPROTEC 4 and SIPROTEC Compact devices are affected by several vulnerabilities. Two of the vulnerabilities could allow attackers to perform a denial-of-service attack under certain conditions. Siemens has released updates for the affected products and will update this advisory when new information becomes available.
SIEMENS CERT
06/12/2018
SCALANCE X switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C are affected by a vulnerability that could allow an unprivileged attacker located in the same local network segment (OSI Layer 2) to gain system privileges by sending a specially crafted DHCP response to a client's DHCP request. Siemens has released …
SIEMENS CERT
05/29/2018
Security researchers published information on vulnerabilities known as Spectre and Meltdown. These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Industrial Products include affected processors and are affected by the vulnerabilities.
SIEMENS CERT
05/23/2018
Siemens has released software updates for Siveillance VMS which fix a security vulnerability with the .NET Remoting deserialization that could allow elevation of privileges and/or causing a Denial-of-Service, if affected ports are exposed.
SIEMENS CERT
05/15/2018
Information disclosure vulnerabilities in SIPROTEC 4 and SIPROTEC Compact devices could allow an attacker to extract sensitive device information under certain conditions. Siemens has released firmware updates for EN100 Ethernet module included in SIPROTEC 4 and SIPROTEC Compact devices. Siemens has also released a firmware update for SIPROTEC Compact 7SJ80 …
SIEMENS CERT
05/15/2018
SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules. Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until …
SIEMENS CERT
05/15/2018
Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …