Bulletins | CERT@VDE

Multiple RTOS (Update D)

Titel

Multiple RTOS (Update D)

Veröffentlicht

30. November 2021 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04

Text

This updated advisory is a follow-up to the advisory update titled ICSA-21-119-04 Multiple RTOS (Update C) that was published August 17, 2021, to the ICS webpage on us-cert.cisa.gov. CISA is aware of a public report, known as “BadAlloc” that details vulnerabilities found in multiple real-time operating systems (RTOS) and supporting ...

Philips IntelliBridge EC 40 and EC 80 Hub

Titel

Philips IntelliBridge EC 40 and EC 80 Hub

Veröffentlicht

18. November 2021 16:25

URL

https://us-cert.cisa.gov/ics/advisories/icsma-21-322-01

Text

This advisory contains mitigations for Use of Hard-coded Credentials, and Authentication Bypass Using an Alternate Path or Channel vulnerabilities in Philips IntelliBridge EC 40 and EC 80 Hub medical device interfacing modules.

Philips Patient Information Center iX (PIC iX) and Efficia CM Series

Titel

Philips Patient Information Center iX (PIC iX) and Efficia CM Series

Veröffentlicht

18. November 2021 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsma-21-322-02

Text

This advisory contains mitigations for Improper Input Validation, Use of Hard-coded Cryptographic Key, and Use of a Broken or Risky Cryptographic Algorithm vulnerabilities in Philips Patient Information Center iX (PIC iX) and Efficia CM Series products.

Trane Symbio (Update A)

Titel

Trane Symbio (Update A)

Veröffentlicht

18. November 2021 16:15

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-266-01

Text

The updated advisory is a follow-up to the original advisory titled ICSA-21-266-01 Trane Symbio that was published on September 23, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for a Code Injection vulnerability in Trane Symbio 700 and Symbio 800 controllers.

Philips Patient Monitoring Devices (Update B)

Titel

Philips Patient Monitoring Devices (Update B)

Veröffentlicht

18. November 2021 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01

Text

This updated advisory is a follow-up to the advisory update titled ICSMA-20-254-01 Philips Patient Monitoring Devices (Update A) that was published August 31, 2020, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for Improper Neutralization of Formula Elements in a CSV File, Cross-site Scripting, Improper Authentication, Improper Check ...

Mitsubishi Electric Factory Automation Engineering Products (Update E)

Titel

Mitsubishi Electric Factory Automation Engineering Products (Update E)

Veröffentlicht

18. November 2021 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-212-04

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update D) that was published July 27, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for an Unquoted Search Path or Element vulnerability in Mitsubishi Electric Factory Automation Engineering ...

VISAM Automation Base (VBASE) (Update B)

Titel

VISAM Automation Base (VBASE) (Update B)

Veröffentlicht

18. November 2021 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-084-01

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-084-01 VISAM Automation Base (VBASE) (Update A) that was published July 8, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for Relative Path Traversal, Incorrect Default Permissions, Inadequate Encryption Strength, Insecure Storage of Sensitive Information, and ...

17.11.2021

US CERT

AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furthera...

Titel

AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Veröffentlicht

17. November 2021 15:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa21-321a

Text

Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement multi-factor authentication. • Use strong, unique passwords. Note: this advisory uses ...

16.11.2021

Mitsubishi Electric GOT products

Titel

Mitsubishi Electric GOT products

Veröffentlicht

16. November 2021 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-320-02

Text

This advisory contains mitigations for an Improper Input Validation vulnerability in Mitsubishi Electric human-machine interface (HMI) products.

16.11.2021

Mitsubishi Electric FA Engineering Software Products (Update C)

Titel

Mitsubishi Electric FA Engineering Software Products (Update C)

Veröffentlicht

16. November 2021 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-049-02

Text

This updated advisory is a follow-up to the advisory update titled ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update B) that was published July 29, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for Heap-based Buffer Overflow, and Improper Handling of Length Parameter Inconsistency vulnerabilities in Mitsubishi ...

Philips MRI 1.5T and 3T

Titel

Philips MRI 1.5T and 3T

Veröffentlicht

9. November 2021 16:35

URL

https://us-cert.cisa.gov/ics/advisories/icsma-21-313-01

Text

This advisory contains mitigations for Improper Access Control, Incorrect Ownership Assignment, and Exposure of Sensitive Information to an Unauthorized Actor vulnerabilities in Philips MRI 1.5T and 3T products.

Schneider Electric NMC cards and Embedded Devices

Titel

Schneider Electric NMC cards and Embedded Devices

Veröffentlicht

9. November 2021 16:30

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-313-01

Text

This advisory contains mitigations for Cross-site Scripting, and Exposure of Sensitive Information to an Unauthorized Actor vulnerabilities in Schneider Electric NMC cards and Embedded Devices.

Schneider Electric GUIcon

Titel

Schneider Electric GUIcon

Veröffentlicht

9. November 2021 16:25

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-313-02

Text

This advisory contains mitigations for Out-of-bounds Write, Use After Free, and Out-of-bounds Read vulnerabilities in Schneider Electric GUIcon software.

Siemens Nucleus RTOS TCP/IP Stack

Titel

Siemens Nucleus RTOS TCP/IP Stack

Veröffentlicht

9. November 2021 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03

Text

This advisory contains mitigations for several vulnerabilities found in Siemens Nucleus Net, Nucleus ReadyStart, and Capital VSTAR products. These vulnerabilities are related to real-time operating system (RTOS) networking and related services, including the TCP/IP stack.

https://us-cert.cisa.gov/ics/advisories/icsa-21-313-04

mySCADA myDESIGNER

Titel

mySCADA myDESIGNER

Veröffentlicht

9. November 2021 16:15

URL

Text

This advisory contains mitigations for a Relative Path Traversal vulnerability in mySCADA myDESIGNER project creation software.

Advantech WebAccess HMI Designer (Update A)

Titel

Advantech WebAccess HMI Designer (Update A)

Veröffentlicht

9. November 2021 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-173-01

Text

This updated advisory is a follow-up to the original advisory titled ICSA-21-173-01 Advantech WebAccess HMI Designer that was published June 22, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigation for Heap-based Buffer overflow, Out-of-bounds Write, and Improper Restriction of Operation Within the Bounds of a Memory Buffer ...

SSA-044112 V1.0: Multiple Vulnerabilities (NUCLEUS:13) in the TCP/IP Stack of Nucleus RTOS

Titel

SSA-044112 V1.0: Multiple Vulnerabilities (NUCLEUS:13) in the TCP/IP Stack of Nucleus RTOS

Veröffentlicht

9. November 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf

Text

The TCP/IP stack and related services (FTP, TFTP) of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contain several vulnerabilities, also known as “NUCLEUS:13” and as documented below. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures ...

SSA-324955 V1.6 (Last Update: 2021-11-09): SAD DNS Attack in Linux Based Products

Titel

SSA-324955 V1.6 (Last Update: 2021-11-09): SAD DNS Attack in Linux Based Products

Veröffentlicht

9. November 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf

Text

A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. The Siemens products which are affected are listed below. For more information please see https://www.saddns.net/. Siemens has released updates for several affected products and ...

SSA-772220 V1.3 (Last Update: 2021-11-09): OpenSSL Vulnerabilities in Industrial Products

Titel

SSA-772220 V1.3 (Last Update: 2021-11-09): OpenSSL Vulnerabilities in Industrial Products

Veröffentlicht

9. November 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf

Text

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent. Siemens has released updates for several affected products and recommends to update to the latest versions. ...

SSA-705111 V1.1 (Last Update: 2021-11-09): Multiple Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS

Titel

SSA-705111 V1.1 (Last Update: 2021-11-09): Multiple Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS

Veröffentlicht

9. November 2021 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf

Text

Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as “NAME:WRECK” vulnerabilities. The vulnerabilities described in this advisory are from this set. The DNS client of affected products contains multiple vulnerabilities related to the handling of DNS responses and requests. The most severe could allow an ...