Bulletins | CERT@VDE

SSA-256353 V1.6 (Last Update: 2025-08-12): Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Titel

SSA-256353 V1.6 (Last Update: 2025-08-12): Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-256353.html

Text

Multiple vulnerabilities affect various third-party components of the RUGGEDCOM Operating System (ROS). If exploited, an attacker could cause a denial-of-service, act as a man-in-the-middle or retrieval of sensitive information or gain privileged functions. Siemens has released new versions for several affected products and recommends to update to the latest versions. ...

SSA-978177 V1.0: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices

Titel

SSA-978177 V1.0: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-978177.html

Text

Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.

SSA-856721 V1.3 (Last Update: 2025-08-12): Vulnerability in RUGGEDCOM Discovery Protocol (RCDP) of Industrial Communication Dev...

Titel

SSA-856721 V1.3 (Last Update: 2025-08-12): Vulnerability in RUGGEDCOM Discovery Protocol (RCDP) of Industrial Communication Devices

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-856721.html

Text

The RUGGEDCOM RCDP protocol is not properly configured after commissioning of RUGGEDCOM ROS based devices and some SCALANCE X switch models and could allow unauthenticated remote users to perform administrative operations. An attacker must be in the same adjacent network and the RCDP daemon must be enabled in order to ...

SSA-800126 V1.1 (Last Update: 2025-08-12): Deserialization Vulnerability in Siemens Engineering Platforms before V20

Titel

SSA-800126 V1.1 (Last Update: 2025-08-12): Deserialization Vulnerability in Siemens Engineering Platforms before V20

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-800126.html

Text

Affected products do not properly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

SSA-767615 V1.4 (Last Update: 2025-08-12): Information Disclosure Vulnerability in SIPROTEC 5 Devices

Titel

SSA-767615 V1.4 (Last Update: 2025-08-12): Information Disclosure Vulnerability in SIPROTEC 5 Devices

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-767615.html

Text

An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-665108 V1.0: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II

Titel

SSA-665108 V1.0: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-665108.html

Text

RUGGEDCOM ROX II devices does not properly enforce limitations on type and size of files that can be uploaded through their web interface. This could allow an attacker with a legitimate, highly privileged account on the web interface to upload arbitrary files onto the filesystem of the devices. Siemens is ...

SSA-994087 V1.0: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7

Titel

SSA-994087 V1.0: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-994087.html

Text

RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller (SAC) and recommends to update to the ...

SSA-331739 V1.0: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products

Titel

SSA-331739 V1.0: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-331739.html

Text

WIBU Systems published information about a privilege escalation vulnerability under a certain circumstances and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products. Siemens has released new versions for affected products and recommends to update to the latest versions. Siemens ...

SSA-770770 V1.6 (Last Update: 2025-08-12): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices

Titel

SSA-770770 V1.6 (Last Update: 2025-08-12): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-770770.html

Text

Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.

SSA-353002 V1.2 (Last Update: 2025-08-12): Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG ...

Titel

SSA-353002 V1.2 (Last Update: 2025-08-12): Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-353002.html

Text

SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family is affected by multiple vulnerabilities. CVE-2023-44318 and CVE-2023-44321 were previously published as part of SSA-699386. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available.

SSA-794185 V1.1 (Last Update: 2025-08-12): RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC,...

Titel

SSA-794185 V1.1 (Last Update: 2025-08-12): RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-794185.html

Text

This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SIPROTEC, SICAM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., a SICAM device) and a RADIUS server, to forge Access-Request packets in ...

SSA-097435 V1.9 (Last Update: 2025-08-12): Usernames Disclosure Vulnerability in Mendix Runtime

Titel

SSA-097435 V1.9 (Last Update: 2025-08-12): Usernames Disclosure Vulnerability in Mendix Runtime

Veröffentlicht

12. August 2025 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-097435.html

Text

Mendix Runtime contains an observable response discrepancy vulnerability when validating usernames during authentication. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames. Siemens has released new versions for the affected products and recommends to update to the latest versions.

Delta Electronics DIAView

Titel

Delta Electronics DIAView

Veröffentlicht

7. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAView Vulnerability: Improper Limitation of a Pathname to a Restricted Directory 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to read or write files on the affected device. ...

Burk Technology ARC Solo

Titel

Burk Technology ARC Solo

Veröffentlicht

7. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-03

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Burk Technology Equipment: ARC Solo Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker gaining access to the device, locking out authorized users, or disrupting operations. ...

Johnson Controls FX80 and FX90

Titel

Johnson Controls FX80 and FX90

Veröffentlicht

7. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: FX80 and FX90 Vulnerability: Dependency on Vulnerable Third-Party Component 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise the device's configuration files. 3. TECHNICAL DETAILS 3.1 AFFECTED ...

Yealink IP Phones and RPS (Redirect and Provisioning Service)

Titel

Yealink IP Phones and RPS (Redirect and Provisioning Service)

Veröffentlicht

7. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-08

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Yealink Equipment: IP Phones Vulnerability: Improper Restriction of Excessive Authentication Attempts, Allocation of Resources Without Limits or Throttling, Incorrect Authorization, Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an information ...

EG4 Electronics EG4 Inverters

Titel

EG4 Electronics EG4 Inverters

Veröffentlicht

7. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-07

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: EG4 Electronics Equipment: EG4 Inverters Vulnerabilities: Cleartext Transmission of Sensitive Information, Download of Code Without Integrity Check, Observable Discrepancy, Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an ...

Dreame Technology iOS and Android Mobile Applications

Titel

Dreame Technology iOS and Android Mobile Applications

Veröffentlicht

7. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-06

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Dreame Technology Equipment: Dreamehome and MOVAhome mobile applications Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in unauthorized information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of the ...

Packet Power EMX and EG

Titel

Packet Power EMX and EG

Veröffentlicht

7. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-05

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Packet Power Equipment: EMX, EG Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full access to the device without authentication. 3. TECHNICAL DETAILS 3.1 ...

05.08.2025

Mitsubishi Electric Iconics Digital Solutions Multiple Products

Titel

Mitsubishi Electric Iconics Digital Solutions Multiple Products

Veröffentlicht

5. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-217-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.1 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: Windows Shortcut Following (.LNK) 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering. 3. TECHNICAL DETAILS ...

05.08.2025

Tigo Energy Cloud Connect Advanced

Titel

Tigo Energy Cloud Connect Advanced

Veröffentlicht

5. August 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-217-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Tigo Energy Equipment: Cloud Connect Advanced Vulnerabilities: Use of Hard-coded Credentials, Command Injection, Predictable Seed in Pseudo-Random Number Generator (PRNG). 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to gain unauthorized administrative access ...

Juli 2025

31.07.2025

Güralp Systems Güralp FMUS series

Titel

Güralp Systems Güralp FMUS series

Veröffentlicht

31. Juli 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-212-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Güralp Systems Equipment: Güralp FMUS Series Seismic Monitoring Devices Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset ...

31.07.2025

Güralp Systems FMUS Series and MIN Series Devices (Update A)

Titel

Güralp Systems FMUS Series and MIN Series Devices (Update A)

Veröffentlicht

31. Juli 2025 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-212-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Güralp Systems Equipment: Güralp FMUS Series and MIN Series Devices Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory ...

29.07.2025

US CERT

CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure...

Titel

CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization

Veröffentlicht

29. Juli 2025 19:53

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-212a

Text

Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) are issuing this Cybersecurity Advisory to present findings from a recent CISA and USCG hunt engagement. The purpose of this advisory is to highlight identified cybersecurity issues, thereby informing security defenders in other organizations of potential similar ...

29.07.2025