Bulletins | CERT@VDE

SSA-935500 V1.0: Denial of Service Vulnerability in FTP Server of Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products

Titel

SSA-935500 V1.0: Denial of Service Vulnerability in FTP Server of Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products

Veröffentlicht

11. Oktober 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf

Text

A denial of service vulnerability has been identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-313313: https://cert-portal.siemens.com/productcert/html/ssa-313313.html. The products listed below use affected versions of the Nucleus software and inherently contain the vulnerability. Siemens recommends specific countermeasures for products where updates are not, ...

SSA-501891 V1.0: Cross-Site Scripting Vulnerability in SCALANCE X-200 and X-200IRT Families

Titel

SSA-501891 V1.0: Cross-Site Scripting Vulnerability in SCALANCE X-200 and X-200IRT Families

Veröffentlicht

11. Oktober 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf

Text

There is a cross-site scripting vulnerability that affects the SCALANCE switches. This vulnerability if used by a threat actor could result in the stealing of session cookies and session hijacking. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-568427 V1.0: Weak Key Protection Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families

Titel

SSA-568427 V1.0: Weak Key Protection Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families

Veröffentlicht

11. Oktober 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-568427.pdf

Text

SIMATIC S7-1200, S7-1500 CPUs and related products protect the built-in global private key in a way that cannot be considered sufficient any longer. The key is used for the legacy protection of confidential configuration data and the legacy PG/PC and HMI communication. This could allow attackers to discover the private ...

SSA-446448 V1.4 (Last Update: 2022-10-11): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Titel

SSA-446448 V1.4 (Last Update: 2022-10-11): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Veröffentlicht

11. Oktober 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf

Text

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

SSB-439005 V4.8 (Last Update: 2022-10-11): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Titel

SSB-439005 V4.8 (Last Update: 2022-10-11): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP

Veröffentlicht

11. Oktober 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf

Text

06.10.2022

AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

Titel

AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

Veröffentlicht

6. Oktober 2022 19:08

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-279a

Text

Original release date: October 6, 2022SummaryThis joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). ...

06.10.2022

Rockwell Automation FactoryTalk VantagePoint

Titel

Rockwell Automation FactoryTalk VantagePoint

Veröffentlicht

6. Oktober 2022 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-279-01

Text

06.10.2022

HIWIN Robot System Software (HRSS)

Titel

HIWIN Robot System Software (HRSS)

Veröffentlicht

6. Oktober 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-279-02

Text

AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Titel

AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Veröffentlicht

4. Oktober 2022 19:58

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-277a

Text

Original release date: October 4, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on network assets. • ...

BD Totalys MultiProcessor

Titel

BD Totalys MultiProcessor

Veröffentlicht

4. Oktober 2022 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsma-22-277-01

Text

Johnson Controls Metasys ADX Server

Titel

Johnson Controls Metasys ADX Server

Veröffentlicht

4. Oktober 2022 16:15

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-277-01

Text

Hitachi Energy Modular Switchgear Monitoring (MSM)

Titel

Hitachi Energy Modular Switchgear Monitoring (MSM)

Veröffentlicht

4. Oktober 2022 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-277-02

Text

https://us-cert.cisa.gov/ics/advisories/icsa-22-277-04

OMRON CX-Programmer

Titel

OMRON CX-Programmer

Veröffentlicht

4. Oktober 2022 16:00

URL

Text

September 2022

29.09.2022

Delta Electronics DOPSoft (Update B)

Titel

Delta Electronics DOPSoft (Update B)

Veröffentlicht

29. September 2022 16:30

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-182-03

Text

This updated advisory is a follow-up to the advisory update titled ICSA-21-184-04 Delta Electronics DOPSoft (Update A) that was published July 27, 2021 to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Out-of-bounds Read vulnerabilities in Delta Electronics DOPSoft software.

29.09.2022

ARC Informatique PcVue (Update A)

Titel

ARC Informatique PcVue (Update A)

Veröffentlicht

29. September 2022 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-235-01-0

Text

This updated advisory is a follow-up to the advisory update titled ICSA-22-235-01 ARC Informatique PcVue that was published August 23, 2022 to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in various components of ARC Informatique products.

29.09.2022

Hitachi Energy MicroSCADA Pro X SYS600

Titel

Hitachi Energy MicroSCADA Pro X SYS600

Veröffentlicht

29. September 2022 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-272-02

Text

This advisory contains mitigations for NULL Pointer Dereference and Infinite Loop vulnerabilities in Hitachi Energy MicroSCADA Pro/X SYS600 products.

27.09.2022

Hitachi Energy AFS660/AFS665

Titel

Hitachi Energy AFS660/AFS665

Veröffentlicht

27. September 2022 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-270-01

Text

This advisory contains mitigations for an Improper Input Validation vulnerability in Hitachi Energy AFS660 and AFS665 industrial switches.

27.09.2022

Rockwell Automation ThinManager ThinServer

Titel

Rockwell Automation ThinManager ThinServer

Veröffentlicht

27. September 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-270-03

Text

This advisory contains mitigations for a Heap-based Buffer Overflow vulnerability in Rockwell Automation ThinManager ThinServer, a thin client and remote desktop protocol (RDP) server management software.

22.09.2022

Mitsubishi Electric Factory Automation Engineering Software (Update D)

Titel

Mitsubishi Electric Factory Automation Engineering Software (Update D)

Veröffentlicht

22. September 2022 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-212-02

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-212-02 Mitsubishi Electric Factory Automation Engineering Software (Update C) that was published July 28, 2022, to the ICS webpage on cisa.gov/ics.This advisory contains mitigations for a Permission Issues vulnerability in versions of Mitsubishi Electric Factory Automation Engineering Software products.

22.09.2022

Mitsubishi Electric Multiple Products (Update E)

Titel

Mitsubishi Electric Multiple Products (Update E)

Veröffentlicht

22. September 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-245-01 Mitsubishi Electric Multiple Products (Update D) that was published May 31, 2022 to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Predictable Exact Value from Previous Values vulnerabilit in versions of several Mitsubishi Electric products.

22.09.2022

AA22-265A: Control System Defense: Know the Opponent

Titel

AA22-265A: Control System Defense: Know the Opponent

Veröffentlicht

22. September 2022 14:55

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-265a

Text

Original release date: September 22, 2022SummaryTraditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat ...

21.09.2022

A22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania

Titel

A22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania

Veröffentlicht

21. September 2022 19:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-264a

Text

Original release date: September 21, 2022SummaryThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timeline of activity observed, from ...

21.09.2022

AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania

Titel

AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania

Veröffentlicht

21. September 2022 19:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-264a

Text

21.09.2022

BOSCH PSIRT

Information Disclosure in VIDEOJET Decoder and Operator Client application in BVMS

Titel

Information Disclosure in VIDEOJET Decoder and Operator Client application in BVMS

Veröffentlicht

21. September 2022 02:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-464066-bt.html

Text

BOSCH-SA-464066-BT: BVMS Operator Client application or the VIDEOJET Decoder VJD-7513 may receive an *unencrypted* live-stream from a camera which allows a man-in-the-middle attacker to compromise the confidential video streams.This happens only in combination with cameras of platform CPP13 or CPP14.x when encrypted UDP connection is configured. Please be aware that ...

20.09.2022