• 1
  • 2 (current)
Dienstag, 14.04.2020
02:00
SIEMENS CERT
SSA-473245 (Last Update: 2020-04-14): Denial-of-Service Vulnerability in Profinet Devices
Titel
SSA-473245 (Last Update: 2020-04-14): Denial-of-Service Vulnerability in Profinet Devices
Veröffentlicht
14. April 2020 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf
Text
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates ...
02:00
SIEMENS CERT
SSA-629512 (Last Update: 2020-04-14): Local Privilege Escalation Vulnerability in TIA Portal
Titel
SSA-629512 (Last Update: 2020-04-14): Local Privilege Escalation Vulnerability in TIA Portal
Veröffentlicht
14. April 2020 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdf
Text
The latest updates for TIA Portal fix a vulnerability that could allow a local attacker to execute arbitrary code with SYSTEM privileges. Siemens has released updates for TIA Portal V15 and V16, and is working on updates for TIA Portal V14. Siemens recommends specific countermeasures as there are currently no ...
02:00
SIEMENS CERT
SSA-102233 (Last Update: 2020-04-14): SegmentSmack in VxWorks-based Industrial Devices
Titel
SSA-102233 (Last Update: 2020-04-14): SegmentSmack in VxWorks-based Industrial Devices
Veröffentlicht
14. April 2020 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf
Text
The latest updates for the affected products fix a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens is ...
02:00
SIEMENS CERT
SSA-398519 (Last Update: 2020-04-14): Vulnerabilities in Intel CPUs (November 2019)
Titel
SSA-398519 (Last Update: 2020-04-14): Vulnerabilities in Intel CPUs (November 2019)
Veröffentlicht
14. April 2020 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf
Text
Intel has published information on vulnerabilities in Intel products in November 2019. In this advisory Siemens only explicitly mentions the vulnerabilities from the "Intel® CPU Security Advisory" and one vulnerability from "Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory" and lists the Siemens IPC ...
02:00
SIEMENS CERT
SSB-382508 (Last Update: 2020-04-14): ActiveX used in Industrial Products
Titel
SSB-382508 (Last Update: 2020-04-14): ActiveX used in Industrial Products
Veröffentlicht
14. April 2020 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssb-382508.pdf
Text
Montag, 13.04.2020
02:00
SIEMENS CERT
SSA-589272 (Last Update: 2020-04-13): Security vulnerability in SIMATIC S7-400 V6 PN CPUs
Titel
SSA-589272 (Last Update: 2020-04-13): Security vulnerability in SIMATIC S7-400 V6 PN CPUs
Veröffentlicht
13. April 2020 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-589272.pdf
Text
When receiving specially crafted ICMP network packets, SIMATIC S7-400 V6 PN CPU products may go into defect mode. This could allow attackers to perform a Denial-of-Service attack on the CPUs. Siemens has released updates for the affected products.
02:00
SIEMENS CERT
SSA-617264 (Last Update: 2020-04-13): Multiple Security Vulnerabilities in SIMATIC S7-400 V5 PN CPUs
Titel
SSA-617264 (Last Update: 2020-04-13): Multiple Security Vulnerabilities in SIMATIC S7-400 V5 PN CPUs
Veröffentlicht
13. April 2020 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-617264.pdf
Text
When receiving malformed network data, SIMATIC S7-400 V5 PN CPUs may go into defect mode. This would allow attackers to perform a Denial-of-Service attack on the CPUs. Siemens will not publish a fix for this vulnerability as this product version is discontinued since October 2011 [1]. Version V6 is not ...
Mittwoch, 08.04.2020
14:00
US CERT
AA20-099A: COVID-19 Exploited by Malicious Cyber Actors
Titel
AA20-099A: COVID-19 Exploited by Malicious Cyber Actors
Veröffentlicht
8. April 2020 14:00
URL
https://www.us-cert.gov/ncas/alerts/aa20-099a
Text
Original release date: April 8, 2020SummaryThis is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on exploitation by cybercriminal and advanced persistent threat (APT) groups of the ...
Dienstag, 07.04.2020
16:25
US CERT (ICS)
Advantech WebAccess/NMS
Titel
Advantech WebAccess/NMS
Veröffentlicht
7. April 2020 16:25
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-01
Text
This advisory contains mitigations for multiple vulnerabilities in Advantech's WebAccess/NMS network management system.
16:20
US CERT (ICS)
GE Digital CIMPLICITY
Titel
GE Digital CIMPLICITY
Veröffentlicht
7. April 2020 16:20
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-02
Text
This advisory contains mitigations for a privilege escalation vulnerability in GE Digital CIMPLICITY HMI/SCADA products.
16:15
US CERT (ICS)
HMS Networks eWON Flexy and Cosy
Titel
HMS Networks eWON Flexy and Cosy
Veröffentlicht
7. April 2020 16:15
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-03
Text
This advisory contains mitigations for a cross-site scripting vulnerability in HMS Networks eWON Flexy and Cosy Industrial VPN routers.
16:05
US CERT (ICS)
KUKA.Sim Pro
Titel
KUKA.Sim Pro
Veröffentlicht
7. April 2020 16:05
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-05
Text
This advisory contains mitigations for a ### vulnerability in ###, a ###
16:00
US CERT (ICS)
Synergy Systems & Solutions HUSKY RTU (Update A)
Titel
Synergy Systems & Solutions HUSKY RTU (Update A)
Veröffentlicht
7. April 2020 16:00
URL
https://www.us-cert.gov/ics/advisories/icsa-20-042-01
Text
This updated advisory is a follow-up to the original advisory titled ICSA-20-042-01 Synergy Systems & Solutions HUSKY RTU that was published February 11, 2020, to the ICS webpage on us-cert.gov. This advisory contains mitigations for improper authentication and improper input validation vulnerabilities in Synergy Systems & Solutions HUSKY RTU, a ...
Donnerstag, 02.04.2020
16:00
US CERT (ICS)
B&R Automation Studio
Titel
B&R Automation Studio
Veröffentlicht
2. April 2020 16:00
URL
https://www.us-cert.gov/ics/advisories/icsa-20-093-01
Text
This advisory contains mitigations for improper privilege management, missing required cryptographic step, and path traversal vulnerabilities in B&R Automation Studio software.
  • 1
  • 2 (current)

Letzte Updates

BOSCH PSIRT
21.08.2024
SIEMENS CERT
12.09.2024
US CERT
04.09.2024
US CERT (ICS)
19.09.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds