Bulletins | CERT@VDE

SSA-592007 V1.8 (Last Update: 2022-08-09): Denial-of-Service Vulnerability in Industrial Products

Titel

SSA-592007 V1.8 (Last Update: 2022-08-09): Denial-of-Service Vulnerability in Industrial Products

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf

Text

Several industrial controllers are affected by a security vulnerability that could allow an attacker to cause a Denial-of-Service condition via PROFINET DCP network packets under certain circumstances. Precondition for this scenario is a direct OSI Layer 2 access to the affected products. PROFIBUS interfaces are not affected. Siemens has released ...

SSA-764417 V1.4 (Last Update: 2022-08-09): Weak Encryption Vulnerability in RUGGEDCOM ROS Devices

Titel

SSA-764417 V1.4 (Last Update: 2022-08-09): Weak Encryption Vulnerability in RUGGEDCOM ROS Devices

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf

Text

The SSH server on RUGGEDCOM ROS devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device. Siemens recommends specific countermeasures for products where updates ...

SSA-429204 V1.1 (Last Update: 2022-08-09): Open Design Alliance Drawings SDK Vulnerabilities in JT2Go and Teamcenter Visualization

Titel

SSA-429204 V1.1 (Last Update: 2022-08-09): Open Design Alliance Drawings SDK Vulnerabilities in JT2Go and Teamcenter Visualization

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-429204.pdf

Text

JT2Go and Teamcenter Visualization are affected by multiple file parsing vulnerabilities in Drawings SDK from Open Design Alliance. If a user is tricked to open a malicious DWG file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens ...

SSA-759952 V1.0: Command Injection and Denial of Service Vulnerability in Teamcenter

Titel

SSA-759952 V1.0: Command Injection and Denial of Service Vulnerability in Teamcenter

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-759952.pdf

Text

Teamcenter is affected by two security vulnerabilities in the File Service Cache service that could lead to command injection and denial of service issues. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-732250 V1.2 (Last Update: 2022-08-09): Libcurl Vulnerabilities in Industrial Devices

Titel

SSA-732250 V1.2 (Last Update: 2022-08-09): Libcurl Vulnerabilities in Industrial Devices

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf

Text

Vulnerabilities in third-party component cURL could allow an attacker to interfere with the affected products in various ways. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available.

SSA-914168 V1.3 (Last Update: 2022-08-09): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Titel

SSA-914168 V1.3 (Last Update: 2022-08-09): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf

Text

Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow attackers to retrieve and brute force password hashes and access other systems. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products ...

SSA-841348 V1.9 (Last Update: 2022-08-09): Multiple Vulnerabilities in the UMC Component

Titel

SSA-841348 V1.9 (Last Update: 2022-08-09): Multiple Vulnerabilities in the UMC Component

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf

Text

The products listed below contain two security vulnerabilities in the UMC component that could allow an attacker to cause a partial denial-of-service of the UMC component, or to locally escalate privileges from a user with administrative privileges to execute code with SYSTEM level privileges. Siemens has released updates for several ...

SSA-840800 V1.1 (Last Update: 2022-08-09): Code Injection Vulnerability in RUGGEDCOM ROS

Titel

SSA-840800 V1.1 (Last Update: 2022-08-09): Code Injection Vulnerability in RUGGEDCOM ROS

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-840800.pdf

Text

RUGGEDCOM ROS-based devices are vulnerable to a web-based code injection attack. To execute this attack, it is necessary to access the system via the Command Line Interface (CLI). Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products ...

SSA-829738 V1.1 (Last Update: 2022-08-09): Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go

Titel

SSA-829738 V1.1 (Last Update: 2022-08-09): Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-829738.pdf

Text

Siemens Teamcenter Visualization and JT2Go are affected by an out of bounds write vulnerability in APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens has ...

SSA-941426 V1.3 (Last Update: 2022-08-09): Multiple LLDP Vulnerabilities in Industrial Products

Titel

SSA-941426 V1.3 (Last Update: 2022-08-09): Multiple LLDP Vulnerabilities in Industrial Products

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf

Text

There are multiple vulnerabilities in an underlying Link Layer Discovery Protocol (LLDP) third party library. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

SSA-789162 V1.2 (Last Update: 2022-08-09): Vulnerabilities in Teamcenter

Titel

SSA-789162 V1.2 (Last Update: 2022-08-09): Vulnerabilities in Teamcenter

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-789162.pdf

Text

Teamcenter is affected by XML External Entity Injection (XXE, CVE-2022-29801) and a stack based buffer overflow vulnerability (CVE-2022-24290). XXE impacts only Teamcenter versions before V13.1. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-629512 V1.6 (Last Update: 2022-08-09): Local Privilege Escalation Vulnerability in TIA Portal

Titel

SSA-629512 V1.6 (Last Update: 2022-08-09): Local Privilege Escalation Vulnerability in TIA Portal

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdf

Text

The latest updates for TIA Portal fix a vulnerability that could allow a local attacker to execute arbitrary code with SYSTEM privileges. Update: The previously provided fixes only correctly set the permissions on English Windows versions. Siemens has released updates for several affected products and recommends to update to the ...

SSA-324955 V1.9 (Last Update: 2022-08-09): SAD DNS Attack in Linux Based Products

Titel

SSA-324955 V1.9 (Last Update: 2022-08-09): SAD DNS Attack in Linux Based Products

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf

Text

A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. The Siemens products which are affected are listed below. For more information please see https://www.saddns.net/. Siemens has released updates for several affected products and ...

SSA-306654 V1.3 (Last Update: 2022-08-09): Insyde BIOS Vulnerabilities in Siemens Industrial Products

Titel

SSA-306654 V1.3 (Last Update: 2022-08-09): Insyde BIOS Vulnerabilities in Siemens Industrial Products

Veröffentlicht

9. August 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf

Text

Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

04.08.2022

US CERT

AA22-216A: 2021 Top Malware Strains

Titel

AA22-216A: 2021 Top Malware Strains

Veröffentlicht

4. August 2022 20:10

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-216a

Text

Original release date: August 4, 2022SummaryImmediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication (MFA). • Secure Remote Desktop Protocol (RDP) and other risky services. • Make offline backups of your data. • Provide end-user ...

04.08.2022

https://us-cert.cisa.gov/ics/advisories/icsa-22-216-01

Digi ConnectPort X2D

Titel

Digi ConnectPort X2D

Veröffentlicht

4. August 2022 16:05

URL

Text

This advisory contains mitigations for an Execution with Unnecessary Privileges vulnerability in Digi ConnectPort X2D, a connection gateway.

02.08.2022

Delta Electronics DIAEnergie (Update C)

Titel

Delta Electronics DIAEnergie (Update C)

Veröffentlicht

2. August 2022 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-238-03

Text

This updated advisory is a follow-up to the advisory update titled ICSA-21-238-03 Delta Electronics DIAEnergie (Update B) that was published March 22, 2022, on the ICS webpage at www.cisa.gov/ics. This advisory contains mitigations for Use of Password Hash with Insufficient Computational Effort, Authentication Bypass Using an Alternate Path or Channel, ...

02.08.2022

Mitsubishi Electric FA Engineering Software Products (Update F)

Titel

Mitsubishi Electric FA Engineering Software Products (Update F)

Veröffentlicht

2. August 2022 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-049-02

Text

his updated advisory is a follow-up to the advisory update titled ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update E) that was published May 24, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Heap-based Buffer Overflow and Improper Handling of Length Parameter Inconsistency vulnerabilities in various ...

02.08.2022

Mitsubishi Electric Factory Automation Engineering Products (Update H)

Titel

Mitsubishi Electric Factory Automation Engineering Products (Update H)

Veröffentlicht

2. August 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-212-04

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update E) that was published May 24, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for an Unquoted Search Path or Element vulnerability in various Mitsubishi Electric Factory Automation ...

01.08.2022

BOSCH PSIRT

Multiple Vulnerabilities in BF-OS

Titel

Multiple Vulnerabilities in BF-OS

Veröffentlicht

1. August 2022 02:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-013924-bt.html

Text

BOSCH-SA-013924-BT: Multiple vulnerabilities were identified in BF-OS version 3.x up to and including 3.83 used by Bigfish V3 and PR21 (Energy Platform) devices and Bigfish VM image, which are part of the data collection infrastructure of the Energy Platform solution.The most critical vulnerability may allow an unauthenticated remote attacker to ...

Juli 2022

28.07.2022

Rockwell Products Impacted by Chromium Type Confusion

Titel

Rockwell Products Impacted by Chromium Type Confusion

Veröffentlicht

28. Juli 2022 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-209-01

Text

This advisory contains mitigations for a Type Confusion vulnerability in various Rockwell Automation products.

28.07.2022

Mitsubishi Electric FA Engineering Software (Update B)

Titel

Mitsubishi Electric FA Engineering Software (Update B)

Veröffentlicht

28. Juli 2022 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-350-05

Text

This updated advisory is a follow-up to the advisory update titled ICSA-21-350-05 Mitsubishi Electric FA Engineering Software (Update A) that was published December 16, 2021, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Out-of-bounds Read and Integer Underflow vulnerabilities in Mitsubishi Electric FA Engineering Software, an engineering ...

28.07.2022

Mitsubishi Electric Factory Automation Engineering Software (Update C)

Titel

Mitsubishi Electric Factory Automation Engineering Software (Update C)

Veröffentlicht

28. Juli 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-212-02

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-212-02 Mitsubishi Electric Factory Automation Engineering Software (Update B) that was published May 31, 2021, to the ICS webpage on ucisa.gov/ics.

26.07.2022

https://us-cert.cisa.gov/ics/advisories/icsa-22-207-04

MOXA NPort 5110

Titel

MOXA NPort 5110

Veröffentlicht

26. Juli 2022 16:20

URL

Text

This advisory contains mitigations for an Out-of-bounds Write vulnerability in MOXA NPort 5110, a device server.

26.07.2022