• 1
  • 2 (current)
Dienstag, 08.12.2020
01:00
SIEMENS CERT
SSA-087240 V1.2 (Last Update: 2020-12-08): Vulnerabilities in SIEMENS LOGO!
Titel
SSA-087240 V1.2 (Last Update: 2020-12-08): Vulnerabilities in SIEMENS LOGO!
Veröffentlicht
8. Dezember 2020 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-087240.pdf
Text
Two vulnerabilities have been identified in SIEMENS LOGO!8 BM devices. The most severe vulnerability could allow an attacker to hijack existing web sessions. Siemens has released updates for the affected products and recommends that customers update to the latest version.
01:00
SIEMENS CERT
SSA-415783 V1.0: Insecure SSL configuration in SICAM A8000 CP-8000, CP-8021 and CP-8022
Titel
SSA-415783 V1.0: Insecure SSL configuration in SICAM A8000 CP-8000, CP-8021 and CP-8022
Veröffentlicht
8. Dezember 2020 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-415783.pdf
Text
Some firmware versions of the affected products use outdated and insecure ciphers or can be downgraded to use outdated and insecure ciphers.
01:00
SIEMENS CERT
SSA-478893 V1.0: TightVNC Vulnerabilities in Industrial Products
Titel
SSA-478893 V1.0: TightVNC Vulnerabilities in Industrial Products
Veröffentlicht
8. Dezember 2020 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf
Text
Multiple TightVNC (V1.x) vulnerabilities in the affected products could allow remote code execution and Denial-of-Service attacks under certain conditions. Siemens has released updates for several affected products, is working on updates for the remaining affected products and recommends specific countermeasures until fixes are available.
01:00
SIEMENS CERT
SSA-480824 V1.0: Multiple Vulnerabilities in LOGO! 8 BM
Titel
SSA-480824 V1.0: Multiple Vulnerabilities in LOGO! 8 BM
Veröffentlicht
8. Dezember 2020 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf
Text
The latest update for LOGO! 8 BM fixes multiple vulnerabilities. The most severe could allow an attacker with network access to gain full control over the device. Siemens has released updates for the affected products and recommends that customers update to the latest version.
01:00
SIEMENS CERT
SSA-541017 V1.0: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SIRIUS 3RW5 Modbus TCP and SENTRON PAC Devices
Titel
SSA-541017 V1.0: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SIRIUS 3RW5 Modbus TCP and SENTRON PAC Devices
Veröffentlicht
8. Dezember 2020 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-541017.pdf
Text
Recently security researchers discovered and disclosed 33 vulnerabilities in several open-source TCP/IP stacks for embedded devices, also known as “AMNESIA:33” vulnerabilities. The Siemens products mentioned below are affected by one of these vulnerabilities (CVE-2020-13988). Siemens has released updates for SENTRON PAC devices, is working on updates for SIRIUS 3RW5 communication ...
Dienstag, 01.12.2020
19:00
US CERT
AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
Titel
AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
Veröffentlicht
1. Dezember 2020 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-336a
Text
Original release date: December 1, 2020

Summary

This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have ...

16:00
US CERT (ICS)
Schneider Electric EcoStruxure Operator Terminal Expert runtime (Vijeo XD)
Titel
Schneider Electric EcoStruxure Operator Terminal Expert runtime (Vijeo XD)
Veröffentlicht
1. Dezember 2020 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-20-336-01
Text
This advisory contains mitigations for an Improper Privilege Management vulnerability in Schneider Electric EcoStruxure Operator Terminal Expert products.
  • 1
  • 2 (current)

Letzte Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
22.11.2024
US CERT
08.11.2024
US CERT (ICS)
21.11.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds