Bulletins | CERT@VDE

SSA-324955 V1.8 (Last Update: 2022-06-14): SAD DNS Attack in Linux Based Products

Titel

SSA-324955 V1.8 (Last Update: 2022-06-14): SAD DNS Attack in Linux Based Products

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf

Text

A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. The Siemens products which are affected are listed below. For more information please see https://www.saddns.net/. Siemens has released updates for several affected products and ...

SSA-301589 V1.3 (Last Update: 2022-06-14): Multiple File Parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization

Titel

SSA-301589 V1.3 (Last Update: 2022-06-14): Multiple File Parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf

Text

Siemens has released updates for JT2Go, Solid Edge and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as PDF, DXF or PAR) with any of the affected products, this could lead the application to crash or potentially lead to ...

SSA-254054 V1.2 (Last Update: 2022-06-14): Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) - Impac...

Titel

SSA-254054 V1.2 (Last Update: 2022-06-14): Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) - Impact to Siemens Products

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf

Text

A vulnerability in Spring Framework was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2022-22965 and is also known as “Spring4Shell” or “SpringShell”. Siemens is currently investigating to determine which products are affected and is continuously updating this advisory as ...

SSA-244969 V1.5 (Last Update: 2022-06-14): OpenSSL Vulnerability in Industrial Products

Titel

SSA-244969 V1.5 (Last Update: 2022-06-14): OpenSSL Vulnerability in Industrial Products

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf

Text

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1l and 1.0.2 < 1.0.2za that allows an attacker to cause a denial of service (DoS) or to disclose private memory content. Siemens has released updates for several affected products and recommends to update to ...

SSA-222547 V1.0: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0

Titel

SSA-222547 V1.0: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf

Text

Multiple vulnerabilities in the third-party components CivetWeb, Docker, Linux Kernel and systemd could allow an attacker to impact SCALANCE LPE9403 confidentiality, integrity and availability. Siemens has released an update for the SCALANCE LPE9403 and recommends to update to the latest version.

SSA-220589 V1.0: Hard Coded Default Credential Vulnerability in Teamcenter

Titel

SSA-220589 V1.0: Hard Coded Default Credential Vulnerability in Teamcenter

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-220589.pdf

Text

Siemens has released updates for Teamcenter that fixes a security vulnerability related to unsecure storage of user credentials. This vulnerability affects Java EE Server Manager HTML Adaptor. This service is not installed by default and currently also obsoleted. Siemens has released updates for the affected products and recommends to update ...

SSA-148078 V1.1 (Last Update: 2022-06-14): Multiple Vulnerabilities in APOGEE/TALON Field Panels

Titel

SSA-148078 V1.1 (Last Update: 2022-06-14): Multiple Vulnerabilities in APOGEE/TALON Field Panels

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf

Text

Multiple vulnerabilities in the APOGEE PXC and TALON TC series of products could allow unauthenticated attackers to download sensitive information through the integrated webserver. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or ...

SSA-145224 V1.0: Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices

Titel

SSA-145224 V1.0: Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf

Text

SCALANCE XM-400 and XR-500 devices contain a vulnerability in the OSPF protocol implementation that could allow an unauthenticated remote attacker to cause interruptions in the network. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-102233 V2.0 (Last Update: 2022-06-14): SegmentSmack in VxWorks-based Industrial Devices

Titel

SSA-102233 V2.0 (Last Update: 2022-06-14): SegmentSmack in VxWorks-based Industrial Devices

Veröffentlicht

14. Juni 2022 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf

Text

The products listed below contain a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released an update ...

08.06.2022

US CERT

AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Titel

AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Veröffentlicht

8. Juni 2022 00:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-158a

Text

Original release date: June 7, 2022SummaryBest Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to ...

07.06.2022

Mitsubishi Electric MELSEC and MELIPC Series (Update C)

Titel

Mitsubishi Electric MELSEC and MELIPC Series (Update C)

Veröffentlicht

7. Juni 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-334-02

Text

This updated advisory is a follow up to the advisory update titled ICSA-21-334-02 Mitsubishi Electric MELSEC and MELIPC Series (Update B) that was published April 26, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Uncontrolled Resource Consumption, Improper Handling of Length Parameter Inconsistency, and Improper Input ...

03.06.2022

Vulnerabilities Affecting Dominion Voting Systems ImageCast X

Titel

Vulnerabilities Affecting Dominion Voting Systems ImageCast X

Veröffentlicht

3. Juni 2022 21:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-154-01

Text

This advisory contains mitigations for Improper Verification of Cryptographic Signature, Mutable Attestation of Measurement Reporting Data, Hidden Functionality, Improper Protection of Alternate Path, Path Traversal: ''../filedir', Execution with Unnecessary Privileges, Authentication Bypass Spoofing, Incorrect Privilege Assignment, and Origin Validation Error vulnerabilities in versions of Dominion Voting Systems Democracy Suite ImageCast ...

02.06.2022

Carrier LenelS2 HID Mercury access panels

Titel

Carrier LenelS2 HID Mercury access panels

Veröffentlicht

2. Juni 2022 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-153-01

Text

This advisory contains mitigations for Protection Mechanism Failure, Forced Browsing, Classic Buffer Overflow, Path Traversal, and OS Command Injection vulnerabilities in Carrier HID Mercury access panels sold by LenlS2.

02.06.2022

Illumina Local Run Manager

Titel

Illumina Local Run Manager

Veröffentlicht

2. Juni 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-153-02

Text

This advisory contains mitigations for Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, and Cleartext Transmission of Sensitive Information vulnerabilities in Illumina devices using Local Run Manager software.

01.06.2022

US CERT

AA22-152A: Karakurt Data Extortion Group

Titel

AA22-152A: Karakurt Data Extortion Group

Veröffentlicht

1. Juni 2022 16:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-152a

Text

Original release date: June 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enforce multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of ...

Mai 2022

https://us-cert.cisa.gov/ics/advisories/icsma-22-151-02

BD Synapsys

Titel

BD Synapsys

Veröffentlicht

31. Mai 2022 16:25

URL

Text

This advisory contains mitigations for an Insufficient Session Expiration vulnerability in the BD Synapsys microbiology informatics software platform.

Mitsubishi Electric MELSEC iQ-F Series (Update A)

Titel

Mitsubishi Electric MELSEC iQ-F Series (Update A)

Veröffentlicht

31. Mai 2022 16:15

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-139-01

Text

This updated advisory is a follow-up to the original advisory titled ICSA-22-139-01 Mitsubishi Electric MELSEC iQ-F Series that was published May 19, 2022, on the ICS webpage at cisa.gov/ics. This advisory contains mitigations for Improper Input Validation vulnerabilities in Mitsubishi Electric MELSEC iQ-F Series CPU modules.

Mitsubishi Electric FA Products (Update A)

Titel

Mitsubishi Electric FA Products (Update A)

Veröffentlicht

31. Mai 2022 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-090-04

Text

This updated advisory is a follow-up to the original advisory titled ICSA-22-090-04 Mitsubishi Electric FA Products that was published March 31, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Use of Password Hash Instead of Password for Authentication, Use of Weak Hash, Cleartext Storage of ...

Mitsubishi Electric Multiple Products (Update D)

Titel

Mitsubishi Electric Multiple Products (Update D)

Veröffentlicht

31. Mai 2022 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-245-01

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-245-01 Mitsubishi Electric Multiple Products (Update C) that was published September 9, 2021, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Predictable Exact Value from Previous Values vulnerability in several Mitsubishi Electric devices.

Mitsubishi Electric Factory Automation Engineering Software (Update B)

Titel

Mitsubishi Electric Factory Automation Engineering Software (Update B)

Veröffentlicht

31. Mai 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-212-02

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-212-02 Mitsubishi Electric Factory Automation Engineering Software (Update A) that was published January 5, 2021, to the ICS webpage on ucisa.gov/ics. This advisory contains mitigations for a Permission Issues vulnerability in Mitsubishi Electric Factory Automation Engineering software products.

26.05.2022

Keysight N6854A Geolocation server and N6841A RF Sensor software

Titel

Keysight N6854A Geolocation server and N6841A RF Sensor software

Veröffentlicht

26. Mai 2022 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-146-01

Text

This advisory contains mitigations for Relative Path Traversal, and Deserialization of Untrusted Data vulnerabilities in Keysight N6854A Geolocation and server and N6841A Sensor software, a spectrum monitoring platform.

26.05.2022

Horner Automation Cscape Csfont

Titel

Horner Automation Cscape Csfont

Veröffentlicht

26. Mai 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-146-02

Text

This advisory contains mitigations for Out-of-bounds Write, Out-of-bounds Read, and Heap-based Buffer Overflow vulnerabilities in Horner Automation Cscape PLC management software.

24.05.2022

https://us-cert.cisa.gov/ics/advisories/icsa-22-144-02

Matrikon OPC Server

Titel

Matrikon OPC Server

Veröffentlicht

24. Mai 2022 16:10

URL

Text

This advisory contains mitigations for an Improper Access Control vulnerability in Makitron OPC software.

24.05.2022

Mitsubishi Electric FA Engineering Software Products (Update E)

Titel

Mitsubishi Electric FA Engineering Software Products (Update E)

Veröffentlicht

24. Mai 2022 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-049-02

Text

This updated advisory is a follow-up to the advisory update titled ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update D) that was published February 8, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Heap-based Buffer Overflow, and Improper Handling of Length Parameter Inconsistency vulnerabilities in Mitsubishi ...

24.05.2022