Februar 2023
14.02.2023
SIEMENS CERT
SSA-593272 V2.0 (Last Update: 2023-02-14): SegmentSmack in Interniche IP-Stack based Industrial Devices
Titel
SSA-593272 V2.0 (Last Update: 2023-02-14): SegmentSmack in Interniche IP-Stack based Industrial Devices
Veröffentlicht
14. Februar 2023 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf
Text
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released updates for several ...
14.02.2023
SIEMENS CERT
SSA-617755 V1.0: Denial of Service Vulnerability in the SNMP Agent of SCALANCE X-200IRT Products
Titel
SSA-617755 V1.0: Denial of Service Vulnerability in the SNMP Agent of SCALANCE X-200IRT Products
Veröffentlicht
14. Februar 2023 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-617755.pdf
Text
Products of the SCALANCE X-200IRT switch family are affected by a denial of service vulnerability in the SNMP agent that could allow remote attackers to cause a denial of service condition. Siemens has released updates for the affected products and recommends to update to the latest versions.
14.02.2023
SIEMENS CERT
SSA-744259 V1.0: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1
Titel
SSA-744259 V1.0: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1
Veröffentlicht
14. Februar 2023 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf
Text
Siemens has released a new version for Brownfield Connectivity - Gateway that contains fixes for multiple vulnerabilities in the underlying Golang implementation. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Gateway and recommends to update to the ...
14.02.2023
SIEMENS CERT
SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation
Titel
SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation
Veröffentlicht
14. Februar 2023 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf
Text
Siemens Tecnomatix Plant Simulation has released an update, 2201 Update 6, that fixes multiple vulnerabilities that could be triggered when the application reads SPP files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary ...
14.02.2023
SIEMENS CERT
SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid
Titel
SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid
Veröffentlicht
14. Februar 2023 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf
Text
JT Open Toolkit, JT Utilities and Parasolid are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary ...
14.02.2023
SIEMENS CERT
SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15
Titel
SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15
Veröffentlicht
14. Februar 2023 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf
Text
Siemens has released a new version for Brownfield Connectivity - Client that contains fixes for multiple vulnerabilities in the underlying OpenSSL library. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Client and recommends to update to the ...
09.02.2023
US CERT
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Titel
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Veröffentlicht
9. Februar 2023 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-040a
Text
Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...
09.02.2023
US CERT (ICS)
Control By Web X-400, X-600M
Titel
Control By Web X-400, X-600M
Veröffentlicht
9. Februar 2023 16:25
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-01
Text
09.02.2023
US CERT (ICS)
LS ELECTRIC XBC-DN32U
Titel
LS ELECTRIC XBC-DN32U
Veröffentlicht
9. Februar 2023 16:20
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-02
Text
09.02.2023
US CERT (ICS)
Johnson Controls System Configuration Tool (SCT)
Titel
Johnson Controls System Configuration Tool (SCT)
Veröffentlicht
9. Februar 2023 16:15
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-03
Text
09.02.2023
US CERT (ICS)
Horner Automation Cscape Envision RV
Titel
Horner Automation Cscape Envision RV
Veröffentlicht
9. Februar 2023 16:10
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-04
Text
09.02.2023
US CERT (ICS)
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)
Titel
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)
Veröffentlicht
9. Februar 2023 16:05
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-179-02
Text
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.
08.02.2023
US CERT
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Titel
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Veröffentlicht
8. Februar 2023 17:14
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-039a
Text
Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...
07.02.2023
US CERT (ICS)
EnOcean SmartServer
Titel
EnOcean SmartServer
Veröffentlicht
7. Februar 2023 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-037-01
Text
02.02.2023
US CERT (ICS)
Delta Electronics DIAScreen
Titel
Delta Electronics DIAScreen
Veröffentlicht
2. Februar 2023 16:25
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-01
Text
02.02.2023
US CERT (ICS)
Mitsubishi Electric GOT2000 Series and GT SoftGOT2000
Titel
Mitsubishi Electric GOT2000 Series and GT SoftGOT2000
Veröffentlicht
2. Februar 2023 16:20
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-02
Text
02.02.2023
US CERT (ICS)
Baicells Nova
Titel
Baicells Nova
Veröffentlicht
2. Februar 2023 16:15
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-03
Text
02.02.2023
US CERT (ICS)
Delta Electronics DVW-W02W2-E2
Titel
Delta Electronics DVW-W02W2-E2
Veröffentlicht
2. Februar 2023 16:10
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-04
Text
02.02.2023
US CERT (ICS)
Delta Electronics DX-2100-L1-CN
Titel
Delta Electronics DX-2100-L1-CN
Veröffentlicht
2. Februar 2023 16:05
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-05
Text
02.02.2023
US CERT (ICS)
Mitsubishi Electric Multiple Factory Automation Products (Update D)
Titel
Mitsubishi Electric Multiple Factory Automation Products (Update D)
Veröffentlicht
2. Februar 2023 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-221-01
Text
Januar 2023
31.01.2023
US CERT
#StopRansomware: Cuba Ransomware
Titel
<a href="/news-events/cybersecurity-advisories/aa22-335a" hreflang="en">#StopRansomware: Cuba Ransomware</a>
Veröffentlicht
31. Januar 2023 22:32
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a
Text
31.01.2023
US CERT
Protecting Against Malicious Use of Remote Monitoring a...
Titel
<a href="/news-events/cybersecurity-advisories/aa23-025a" hreflang="en">Protecting Against Malicious Use of Remote Monitoring and Management Software</a>
Veröffentlicht
31. Januar 2023 22:32
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a
Text
31.01.2023
US CERT
#StopRansomware: Hive Ransomware
Titel
<a href="/news-events/cybersecurity-advisories/aa22-321a" hreflang="en">#StopRansomware: Hive Ransomware</a>
Veröffentlicht
31. Januar 2023 22:32
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a
Text
31.01.2023
US CERT
#StopRansomware: Daixin Team
Titel
<a href="/news-events/cybersecurity-advisories/aa22-294a" hreflang="en">#StopRansomware: Daixin Team</a>
Veröffentlicht
31. Januar 2023 22:32
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-294a
Text
31.01.2023
US CERT
Top CVEs Actively Exploited By People’s Republic of Chi...
Titel
<a href="/news-events/cybersecurity-advisories/aa22-279a" hreflang="en">Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors</a>
Veröffentlicht
31. Januar 2023 22:32
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-279a
Text

Letzte Updates

BOSCH PSIRT
21.08.2024
SIEMENS CERT
12.09.2024
US CERT
19.09.2024
US CERT (ICS)
19.09.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds