Bulletins | CERT@VDE

Mitsubishi Electric MELSEC Series CPU module

Titel

Mitsubishi Electric MELSEC Series CPU module

Veröffentlicht

23. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-03

Text

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC Series CPU module Vulnerabilities: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition or execute malicious code on a target product ...

23.05.2023

Hitachi Energy’s RTU500 Series Product

Titel

Hitachi Energy’s RTU500 Series Product

Veröffentlicht

23. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-02

Text

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerabilities: Type Confusion, Observable Timing Discrepancy, Out-of-bounds Read, Infinite Loop, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash the device being accessed or cause ...

Mitsubishi Electric MELSEC WS Series

Titel

Mitsubishi Electric MELSEC WS Series

Veröffentlicht

18. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-02

Text

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: WS0-GETH00200 Vulnerabilities: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass authentication and log in by connecting to the module via telnet to reset the module or, ...

Carlo Gavazzi Powersoft

Titel

Carlo Gavazzi Powersoft

Veröffentlicht

18. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-01

Text

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Carlo Gavazzi Equipment: Powersoft Vulnerabilities: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access and retrieve any file from the server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The ...

Johnson Controls OpenBlue Enterprise Manager Data Collector

Titel

Johnson Controls OpenBlue Enterprise Manager Data Collector

Veröffentlicht

18. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04

Text

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: OpenBlue Enterprise Manager Data Collector Vulnerabilities: Improper Authentication, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker, under certain circumstances, to make application ...

Hitachi Energy’s MicroSCADA Pro/X SYS600 Products

Titel

Hitachi Energy’s MicroSCADA Pro/X SYS600 Products

Veröffentlicht

18. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-03

Text

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Public exploits are available Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Products Vulnerabilities: Permissions, Privileges, and Access Controls 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected product. 3. TECHNICAL DETAILS 3.1 AFFECTED ...

Rockwell Automation FactoryTalk Diagnostics (Update B)

Titel

Rockwell Automation FactoryTalk Diagnostics (Update B)

Veröffentlicht

18. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-20-051-02-0

Text

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Diagnostics Vulnerabilities: Deserialization of Untrusted Data 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-051-02-Rockwell Automation FactoryTalk Diagnostics (Update A) that was published February ...

16.05.2023

https://www.cisa.gov/news-events/ics-advisories/icsa-23-136-01

Snap One OvrC Cloud

Titel

Snap One OvrC Cloud

Veröffentlicht

16. Mai 2023 14:00

URL

Text

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Snap One Equipment: OvrC Cloud, OvrC Pro Devices Vulnerabilities: Improper Input Validation, Observable Response Discrepancy, Improper Access Control, Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, Open Redirect, Use of Hard-coded Credentials, Hidden Functionality 2. RISK ...

16.05.2023

https://www.cisa.gov/news-events/ics-advisories/icsa-23-136-02

Rockwell ArmorStart

Titel

Rockwell ArmorStart

Veröffentlicht

16. Mai 2023 14:00

URL

Text

1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Equipment: ArmorStart Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a malicious user to view and modify sensitive data or make the web page unavailable. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ...

16.05.2023

Rockwell Automation FactoryTalk Vantagepoint

Titel

Rockwell Automation FactoryTalk Vantagepoint

Veröffentlicht

16. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-136-03

Text

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Vantagepoint Vulnerabilities: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to impersonate an existing user or execute a cross site request forgery (CSRF) attack. 3. TECHNICAL DETAILS ...

15.05.2023

US CERT

#StopRansomware: BianLian Ransomware Group

Titel

#StopRansomware: BianLian Ransomware Group

Veröffentlicht

15. Mai 2023 18:29

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-136a

Text

Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...

Teltonika Remote Management System and RUT Model Routers

Titel

Teltonika Remote Management System and RUT Model Routers

Veröffentlicht

11. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-08

Text

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Teltonika Equipment: Remote Management System and RUT model routers Vulnerabilities: Observable Response Discrepancy, Improper Authentication, Server-Side Request Forgery, Cross-site Scripting, Inclusion of Web Functionality from an Untrusted Source, External Control of System of Configuration Setting, OS Command Injection ...

Siemens SINEC NMS Third-Party

Titel

Siemens SINEC NMS Third-Party

Veröffentlicht

11. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-05

Text

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 ...

BirdDog Cameras and Encoders

Titel

BirdDog Cameras and Encoders

Veröffentlicht

11. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-11

Text

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: BirdDog Equipment: STUDIO R3, 4K QUAD, MINI, A300 EYES Vulnerabilities: Cross-Site Request Forgery, Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute code or obtain unauthorized access to ...

Rockwell Automation PanelView 800

Titel

Rockwell Automation PanelView 800

Veröffentlicht

11. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-14

Text

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PanelView 800 Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PanelView 800, a graphics terminal, ...

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-12

SDG PnPSCADA

Titel

SDG PnPSCADA

Veröffentlicht

11. Mai 2023 14:00

URL

Text

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SDG Technologies Equipment: PnPSCADA Vulnerabilities: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to interact with the database and retrieve critical data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ...

Rockwell Automation Kinetix 5500

Titel

Rockwell Automation Kinetix 5500

Veröffentlicht

11. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-09

Text

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Kinetix 5500 EtherNet/IP Servo Drive Vulnerabilities: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could create a denial-of-service condition or allow attackers unauthorized access to the device. 3. TECHNICAL DETAILS 3.1 AFFECTED ...

Siemens SCALANCE LPE9403

Titel

Siemens SCALANCE LPE9403

Veröffentlicht

11. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-06

Text

Siemens Siveillance Video Event and Management Servers

Titel

Siemens Siveillance Video Event and Management Servers

Veröffentlicht

11. Mai 2023 14:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-03

Text

10.05.2023

US CERT

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG

Titel

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG

Veröffentlicht

10. Mai 2023 23:35

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-131a

Text

SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-27350. This vulnerability occurs in certain versions of PaperCut NG and PaperCut MF and enables an unauthenticated actor to execute malicious code ...

https://www.cisa.gov/news-events/ics-advisories/icsa-23-129-02

Hitachi Energy MSM

Titel

Hitachi Energy MSM

Veröffentlicht

9. Mai 2023 14:00

URL

Text

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Modular Switchgear Monitoring (MSM) Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Authentication Bypass by Capture-replay, Code Injection, Improper Restriction of Operations within the Bounds of a Memory Buffer, NULL Pointer Dereference, Insufficient Entropy 2. RISK ...

SSA-932528 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge

Titel

SSA-932528 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge

Veröffentlicht

9. Mai 2023 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-932528.html

Text

Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as IFC, OBJ or STP format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability ...

SSA-712929 V2.0 (Last Update: 2023-05-09): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Prod...

Titel

SSA-712929 V2.0 (Last Update: 2023-05-09): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products

Veröffentlicht

9. Mai 2023 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-712929.html

Text

A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest ...

SSA-322980 V1.1 (Last Update: 2023-05-09): Denial of Service Vulnerability in SIPROTEC 5 Devices

Titel

SSA-322980 V1.1 (Last Update: 2023-05-09): Denial of Service Vulnerability in SIPROTEC 5 Devices

Veröffentlicht

9. Mai 2023 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-322980.html

Text

SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device. Siemens has released updates for several affected products and recommends to update to the latest ...