Bulletins | CERT@VDE

Treck TCP/IP Stack (Update H)

Titel

Treck TCP/IP Stack (Update H)

Veröffentlicht

17. März 2022 15:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-168-01

Text

This updated advisory is a follow-up to the advisory update titled ICSA-20-168-01 Treck TCP/IP Stack (Update G) that was published Aug 20, 2020, to the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or ...

16.03.2022

BOSCH PSIRT

Improper Restriction of XML External Entity Reference in BVMS

Titel

Improper Restriction of XML External Entity Reference in BVMS

Veröffentlicht

16. März 2022 01:00

URL

https://psirt.bosch.com/security-advisories/bosch-sa-506619-bt.html

Text

BOSCH-SA-506619-BT: When BVMS is installed in an installation folder where low-priviledged users have write access, BVMS is affected by a security vulnerability, which potentially allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.Bosch rates the vulnerability with a CVSS v3.1 Base Score of 5.7 (Medium) when the ...

15.03.2022

ABB OPC Server for AC 800M

Titel

ABB OPC Server for AC 800M

Veröffentlicht

15. März 2022 15:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-074-01

Text

This advisory contains mitigations for an Execution with Unnecessary Privileges vulnerability in the ABB OPC Server for AC 800M run-time data reader.

15.03.2022

PTC Axeda agent and Axeda Desktop Server (Update B)

Titel

PTC Axeda agent and Axeda Desktop Server (Update B)

Veröffentlicht

15. März 2022 15:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-067-01

Text

This updated advisory is a follow-up to the original advisory titled ICSA-22-067-01 PTC Axeda agent and Axeda Desktop Server (Update A) that was published March 10, 2022, on the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for Use of Hard-coded Credentials, Missing Authentication for Critical Function, Exposure of Sensitive ...

15.03.2022

US CERT

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols ...

Titel

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Veröffentlicht

15. März 2022 15:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-074a

Text

Original release date: March 15, 2022SummaryMultifactor Authentication (MFA): A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization should ...

Siemens RUGGEDCOM Devices

Titel

Siemens RUGGEDCOM Devices

Veröffentlicht

11. März 2022 05:55

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-01

Text

This advisory contains mitigations for a Missing Encryption of Sensitive Data vulnerability in devices using the Siemens RUGGEDCOM software platform.

SSA-764417 V1.1 (Last Update: 2022-03-11): Multiple Vulnerabilities in RUGGEDCOM Devices

Titel

SSA-764417 V1.1 (Last Update: 2022-03-11): Multiple Vulnerabilities in RUGGEDCOM Devices

Veröffentlicht

11. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf

Text

There is an insecure cryptographic vulnerability for the affected RUGGEDCOM devices. If an attacker were to exploit this, they could gain privileged functions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

SSA-593272 V1.4 (Last Update: 2022-03-11): SegmentSmack in Interniche IP-Stack based Industrial Devices

Titel

SSA-593272 V1.4 (Last Update: 2022-03-11): SegmentSmack in Interniche IP-Stack based Industrial Devices

Veröffentlicht

11. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf

Text

A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.

SSA-256353 V1.1 (Last Update: 2022-03-11): Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Titel

SSA-256353 V1.1 (Last Update: 2022-03-11): Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Veröffentlicht

11. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-256353.pdf

Text

Multiple vulnerabilities affect various third-party components of the RUGGEDCOM ROS, and a cross-site scripting exploit. If exploited, an attacker could cause a denial-of-service, act as a man-in-the-middle or retrieval of sensitive information or gain privileged functions. Siemens has released updates for several affected products and recommends to update to the ...

Siemens SIMOTICS CONNECT 400

Titel

Siemens SIMOTICS CONNECT 400

Veröffentlicht

10. März 2022 17:50

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02

Text

This advisory contains mitigations for Type Confusion, Improper Validation of Specified Quantity in Input, Wrap or Wraparound, Improper Handling of Inconsistent Structural Elements vulnerabilities in the Siemens SIMOTICS CONNECT 400 connectivity module.

Siemens SINEMA Mendix Forgot Password Appstore

Titel

Siemens SINEMA Mendix Forgot Password Appstore

Veröffentlicht

10. März 2022 17:40

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-04

Text

This advisory contains mitigations for Improper Access Control, an d Improper Restriction of Excessive Authentication Attempts vulnerabilities in the Siemens SINEMA Mendix Forgot Password Appstore password management module.

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-06

Siemens COMOS

Titel

Siemens COMOS

Veröffentlicht

10. März 2022 17:30

URL

Text

This advisory contains mitigations for Memory Allocation with Excessive Size Value, Untrusted Pointer Dereference, Type Confusion, Stack-based Buffer Overflow, Out-of-bounds Write, Out-of-bounds Read, Use After Free, Improper Check for Unusual or Exceptional Conditions vulnerabilities in Siemens COM collaborative plan design software.

Siemens Climatix POL909

Titel

Siemens Climatix POL909

Veröffentlicht

10. März 2022 17:25

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-07

Text

This advisory contains mitigations for Cross-site Scripting, and Improper Access Control vulnerabilities in of Climatix POL909 AWM and AWB web modules.

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-08

Siemens Polarion ALM

Titel

Siemens Polarion ALM

Veröffentlicht

10. März 2022 17:20

URL

Text

This advisory contains mitigations for a Cross-site Scripting vulnerability in Siemens Siemens Polarion ALM management software.

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-09

Siemens SINEC INS

Titel

Siemens SINEC INS

Veröffentlicht

10. März 2022 17:15

URL

Text

This advisory contains mitigations for a Using Components with Known Vulnerabilities vulnerability in the Siemens SINECC INS web-based application.

PTC Axeda agent and Axeda Desktop Server

Titel

PTC Axeda agent and Axeda Desktop Server

Veröffentlicht

8. März 2022 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-067-01

Text

This advisory contains mitigations for Use of Hard-coded Credentials, Missing Authentication for Critical Function, Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal, Improper Check or Handling of Exceptional Conditions vulnerabilities in Axeda agent and Axeda Desktop Server, a remote asset connectivity software used as part of a cloud ...

AVEVA System Platform

Titel

AVEVA System Platform

Veröffentlicht

8. März 2022 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-067-02

Text

This advisory contains mitigations for a Cleartext Storage of Sensitive Information in Memory vulnerability in the AVEVA System Platform, a software management product.

Sensormatic PowerManage (Update A)

Titel

Sensormatic PowerManage (Update A)

Veröffentlicht

8. März 2022 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-034-01

Text

This update advisory is a follow-up to the original advisory titled ICSA-22-034-01 Sensormatic PowerManage that was published February 3, 2022, on the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for an Improper Input Validation vulnerability in the Sensormatic PowerManage operating platform.

SSA-256353 V1.0: Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Titel

SSA-256353 V1.0: Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Veröffentlicht

8. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-256353.pdf

Text

Multiple vulnerabilities affect various third-party components of the RUGGEDCOM ROS, and a cross-site scripting exploit. If exploited, an attacker could cause a denial-of-service, act as a man-in-the-middle or retrieval of sensitive information or gain privileged functions. Siemens is preparing updates and recommends countermeasures for products where updates are not, or ...

SSA-840188 V1.2 (Last Update: 2022-03-08): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Titel

SSA-840188 V1.2 (Last Update: 2022-03-08): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Veröffentlicht

8. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf

Text

Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow local or remote attackers to escalate privileges and read, write or delete critical files. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures ...

SSA-838121 V1.1 (Last Update: 2022-03-08): Multiple Denial of Service Vulnerabilities in Industrial Products

Titel

SSA-838121 V1.1 (Last Update: 2022-03-08): Multiple Denial of Service Vulnerabilities in Industrial Products

Veröffentlicht

8. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf

Text

Affected SIMATIC firmware contains three vulnerabilities that could allow an unauthenticated attacker to perform a denial-of-service attack under certain conditions. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

SSA-703715 V1.1 (Last Update: 2022-03-08): Information Disclosure Vulnerability in Climatix POL909 (AWM and AWB)

Titel

SSA-703715 V1.1 (Last Update: 2022-03-08): Information Disclosure Vulnerability in Climatix POL909 (AWM and AWB)

Veröffentlicht

8. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-703715.pdf

Text

Climatix POL909 (AWM and AWB) contains an information disclosure vulnerability that could allow a man-in-the-middle attacker to read sensitive data, such as administrator credentials, or modify data in transit. Siemens has released an update for Climatix POL909 (AWM and AWB) and recommends to update to the latest version.

SSA-678983 V1.3 (Last Update: 2022-03-08): Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020)

Titel

SSA-678983 V1.3 (Last Update: 2022-03-08): Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020)

Veröffentlicht

8. März 2022 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf

Text

Intel has published information on vulnerabilities in Intel products in November 2020. This advisory lists the Siemens IPC related products, that are affected by these vulnerabilities. In this advisory we take a representative CVE from each advisory: “Intel CSME, SPS, TXE, AMT and DAL Advisory” Intel-SA-00391 is represented by CVE-2020-8745 ...