Bulletins | CERT@VDE

Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d

Titel

Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d

Veröffentlicht

5. Dezember 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-339-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable with adjacent access/low attack complexity Vendor: Zebra Technologies Equipment: ZTC Industrial ZT410, ZTC Desktop GK420d Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send specially crafted ...

04.12.2023

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

Titel

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

Veröffentlicht

4. Dezember 2023 19:05

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a

Text

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing a Cybersecurity Advisory (CSA) in response to confirmed exploitation of CVE-2023-26360 by unidentified threat actors at a Federal Civilian Executive Branch (FCEB) agency. This vulnerability presents as an improper access control issue impacting Adobe ColdFusion versions 2018 Update 15 (and ...

01.12.2023

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

Titel

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

Veröffentlicht

1. Dezember 2023 23:21

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a

Text

SUMMARY The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices ...

November 2023

30.11.2023

https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03

PTC KEPServerEx

Titel

PTC KEPServerEx

Veröffentlicht

30. November 2023 13:00

URL

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: KEPServerEX, ThingWorx, OPC-Aggregator Vulnerabilities: Heap-based Buffer Overflow, Improper Validation of Certificate with Host Mismatch 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker gaining Windows SYSTEM-level code execution on the service ...

30.11.2023

Mitsubishi Electric FA Engineering Software Products

Titel

Mitsubishi Electric FA Engineering Software Products

Veröffentlicht

30. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-04

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Products Vulnerability: External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious attacker to execute malicious code by tricking legitimate users to ...

28.11.2023

Franklin Electric Fueling Systems Colibri

Titel

Franklin Electric Fueling Systems Colibri

Veröffentlicht

28. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Electric Fueling Systems Equipment: Colibri Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain login credentials for other users. 3. TECHNICAL DETAILS 3.1 AFFECTED ...

21.11.2023

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

Titel

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

Veröffentlicht

21. November 2023 14:50

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a

Text

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...

21.11.2023

BOSCH PSIRT

Multiple vulnerabilities on ctrlX HMI / WR21

Titel

Multiple vulnerabilities on ctrlX HMI / WR21

Veröffentlicht

21. November 2023 01:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-175607.html

Text

BOSCH-SA-175607: The operating system of the ctrlX HMI/ WR21 before build date 20231107 has some vulnerabilities when the kiosk mode is used in conjunction with Google Chrome. Therefore, it is possible in worst case that an attacker with physical access to the device can get root access without normal authentication ...

Siemens OPC UA Modeling Editor (SiOME)

Titel

Siemens OPC UA Modeling Editor (SiOME)

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-07

Text

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...

Siemens SIMATIC PCS neo

Titel

Siemens SIMATIC PCS neo

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-06

Text

Siemens Mendix Runtime

Titel

Siemens Mendix Runtime

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-04

Text

Siemens Desigo CC product family

Titel

Siemens Desigo CC product family

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-03

Text

Siemens Mendix Studio Pro

Titel

Siemens Mendix Studio Pro

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-11

Text

Siemens SCALANCE Family Products

Titel

Siemens SCALANCE Family Products

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08

Text

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-12

Siemens PNI

Titel

Siemens PNI

Veröffentlicht

16. November 2023 13:00

URL

Text

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-01

Red Lion Sixnet RTUs

Titel

Red Lion Sixnet RTUs

Veröffentlicht

16. November 2023 13:00

URL

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Red Lion Equipment: Sixnet RTU Vulnerabilities: Authentication Bypass using an Alternative Path or Channel, Exposed Dangerous Method or Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to execute commands with ...

Siemens RUGGEDCOM APE1808 Devices

Titel

Siemens RUGGEDCOM APE1808 Devices

Veröffentlicht

16. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-14

Text

15.11.2023

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a

Scattered Spider

Titel

Scattered Spider

Veröffentlicht

15. November 2023 15:55

URL

Text

SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations ...

#StopRansomware: Rhysida Ransomware

Titel

#StopRansomware: Rhysida Ransomware

Veröffentlicht

14. November 2023 17:45

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-319a

Text

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect ...

Rockwell Automation SIS Workstation and ISaGRAF Workbench

Titel

Rockwell Automation SIS Workstation and ISaGRAF Workbench

Veröffentlicht

14. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: SIS Workstation and ISaGRAF Workbench Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unprivileged local users to overwrite files replacing them with malicious programs. 3. TECHNICAL DETAILS 3.1 ...

AVEVA Operations Control Logger

Titel

AVEVA Operations Control Logger

Veröffentlicht

14. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: Operations Control Logger Vulnerabilities: Execution with Unnecessary Privileges, External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow privilege escalation or denial of service. 3. TECHNICAL DETAILS 3.1 ...

SSA-099606 V1.0: Multiple Vulnerabilities in SIMATIC MV500 before V3.3.5

Titel

SSA-099606 V1.0: Multiple Vulnerabilities in SIMATIC MV500 before V3.3.5

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-099606.html

Text

SIMATIC MV500 before V3.3.5 is affected by multiple vulnerabilities. Siemens has released an update for SIMATIC MV500 and recommends to update to the latest version.

SSA-084182 V1.0: Privilege Escalation Vulnerability in Mendix Runtime

Titel

SSA-084182 V1.0: Privilege Escalation Vulnerability in Mendix Runtime

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-084182.html

Text

Mendix Runtime contains a capture-replay flaw which could have an impact to apps built with the platform, if certain preconditions are met that depend on the app’s model and access control design. This could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the ...

SSA-137900 V1.0: Multiple Vulnerabilities in COMOS

Titel

SSA-137900 V1.0: Multiple Vulnerabilities in COMOS

Veröffentlicht

14. November 2023 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-137900.html

Text

COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released an update for COMOS and recommends to update to the latest version. Siemens recommends specific countermeasures for products where ...