• 1
  • 2
  • 3 (current)
Dienstag, 10.09.2024
02:00
SIEMENS CERT
SSA-955858 V1.2 (Last Update: 2024-09-10): Multiple Vulnerabilities in LOGO! 8 BM Devices
Titel
SSA-955858 V1.2 (Last Update: 2024-09-10): Multiple Vulnerabilities in LOGO! 8 BM Devices
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-955858.html
Text
LOGO! 8 BM (incl. SIPLUS variants) contains multiple web-related vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state or retrieve parts of the memory. The vulnerabilities are related to the hardware of the product. Siemens has released new hardware versions ...
02:00
SIEMENS CERT
SSA-999588 V1.5 (Last Update: 2024-09-10): Multiple Vulnerabilities in User Management Component (UMC) Before V2.11.2
Titel
SSA-999588 V1.5 (Last Update: 2024-09-10): Multiple Vulnerabilities in User Management Component (UMC) Before V2.11.2
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-999588.html
Text
Siemens User Management Component (UMC) before V2.11.2 is affected by multiple vulnerabilities where the most severe could lead to a restart of the UMC server. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes ...
02:00
SIEMENS CERT
SSA-773256 V1.0: Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products
Titel
SSA-773256 V1.0: Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-773256.html
Text
A Socket.IO vulnerability affects multiple Siemens industrial products. This vulnerability consists of a specially crafted Socket.IO packet that triggers an uncaught exception on the Socket.IO server killing the Node.js process allowing a remote attacker to cause Denial-of-Service condition in the affected products. Siemens has released new versions for several affected ...
02:00
SIEMENS CERT
SSA-753746 V1.4 (Last Update: 2024-09-10): Denial of Service Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software ...
Titel
SSA-753746 V1.4 (Last Update: 2024-09-10): Denial of Service Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-753746.html
Text
Two null point dereference vulnerabilities affect multiple SIMATIC software products. These could allow an attacker to cause a persistent denial of service condition in the RPC Server of these products. Siemens has released new versions for the affected products and recommends to update to the latest versions.
02:00
SIEMENS CERT
SSA-721642 V1.0: Injection Vulnerability in SCALANCE W700 802.11 AX Family Before V2.4
Titel
SSA-721642 V1.0: Injection Vulnerability in SCALANCE W700 802.11 AX Family Before V2.4
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-721642.html
Text
Siemens has released new versions for the affected products and recommends to update to the latest versions.
02:00
SIEMENS CERT
SSA-698820 V1.2 (Last Update: 2024-09-10): Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices
Titel
SSA-698820 V1.2 (Last Update: 2024-09-10): Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-698820.html
Text
Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
02:00
SIEMENS CERT
SSA-691715 V1.6 (Last Update: 2024-09-10): Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products
Titel
SSA-691715 V1.6 (Last Update: 2024-09-10): Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-691715.html
Text
A vulnerability was identified in OPC Foundation Local Discovery Server which also affects Siemens products that could allow an attacker to escalate privileges under certain circumstances. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where ...
02:00
SIEMENS CERT
SSA-690517 V1.1 (Last Update: 2024-09-10): Multiple Vulnerabilities in SCALANCE W700 802.11 AX Family
Titel
SSA-690517 V1.1 (Last Update: 2024-09-10): Multiple Vulnerabilities in SCALANCE W700 802.11 AX Family
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-690517.html
Text
SCALANCE W700 802.11 AX Family is affected by multiple vulnerabilities. Siemens recommends countermeasures for products where fixes are not, or not yet available.
02:00
SIEMENS CERT
SSA-673996 V1.0: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products
Titel
SSA-673996 V1.0: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-673996.html
Text
Multiple SICAM products are affected by buffer overflow vulnerability in the IEC 61850 Client libraries from Triangle MicroWorks that could allow an unauthenticated remote attacker to create a denial of service condition by sending specially crafted MMS messages. Affected SICAM and SITIPE products: SICAM A8000 Device firmware ETI5 for CP-8031/CP-8050 ...
02:00
SIEMENS CERT
SSA-629254 V1.0: Remote Code Execution Vulnerability in SIMATIC SCADA and PCS 7 systems
Titel
SSA-629254 V1.0: Remote Code Execution Vulnerability in SIMATIC SCADA and PCS 7 systems
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-629254.html
Text
The products listed below contain a remote code execution vulnerability that could allow an unauthenticated remote attacker to execute arbitrary code with high privileges. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures ...
02:00
SIEMENS CERT
SSA-566905 V1.3 (Last Update: 2024-09-10): Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products
Titel
SSA-566905 V1.3 (Last Update: 2024-09-10): Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-566905.html
Text
Multiple vulnerabilities in the affected products could allow an unauthorized attacker with network access to the webserver of an affected products to perform a denial of service attack. Siemens has released new versions for the affected products and recommends to update to the latest versions.
02:00
SIEMENS CERT
SSA-962515 V1.2 (Last Update: 2024-09-10): Out of Bounds Read Vulnerability in Industrial Products
Titel
SSA-962515 V1.2 (Last Update: 2024-09-10): Out of Bounds Read Vulnerability in Industrial Products
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-962515.html
Text
Several industrial products contain an out of bounds read vulnerability that could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel, leading to denial of service condition. Siemens has released new versions for several affected products and recommends to update to the ...
02:00
SIEMENS CERT
SSA-969738 V1.0: Denial of Service Vulnerability in SIMATIC S7-200 SMART Devices
Titel
SSA-969738 V1.0: Denial of Service Vulnerability in SIMATIC S7-200 SMART Devices
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-969738.html
Text
A vulnerability in SIMATIC S7-200 SMART devices could allow an attacker to cause a denial of service condition if a specially crafted TCP packet is sent to the device. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
02:00
SIEMENS CERT
SSA-455250 V1.3 (Last Update: 2024-09-10): Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Dev...
Titel
SSA-455250 V1.3 (Last Update: 2024-09-10): Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-455250.html
Text
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens has released a new version of Palo Alto Networks Virtual NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to ...
02:00
SIEMENS CERT
SSA-783481 V1.2 (Last Update: 2024-09-10): Denial-of-Service Vulnerability in LOGO! 8 BM
Titel
SSA-783481 V1.2 (Last Update: 2024-09-10): Denial-of-Service Vulnerability in LOGO! 8 BM
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-783481.html
Text
A Denial-of-Service vulnerability has been identified in LOGO! 8 BM. This vulnerability could allow an attacker to crash a device, if a user is tricked into loading a malicious project file onto an affected device. The vulnerability is related to the hardware of the product. Siemens has released new hardware ...
02:00
SIEMENS CERT
SSA-765405 V1.0: Multiple Vulnerabilities in SIMATIC RFID Readers
Titel
SSA-765405 V1.0: Multiple Vulnerabilities in SIMATIC RFID Readers
Veröffentlicht
10. September 2024 02:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-765405.html
Text
SIMATIC RFID Readers contain multiple vulnerabilities that could allow an attacker to cause Denial-of-Service, exploit hidden functionality and information exposure. Siemens has released new versions for the affected products and recommends to update to the latest versions.
Donnerstag, 05.09.2024
14:00
US CERT (ICS)
Hughes Network Systems WL3000 Fusion Software
Titel
Hughes Network Systems WL3000 Fusion Software
Veröffentlicht
5. September 2024 14:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-24-249-01
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: Hughes Network Systems Equipment: WL3000 Fusion Software Vulnerabilities: Insufficiently Protected Credentials, Missing Encryption of Sensitive Data 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain read-only access to network configuration information and ...
Mittwoch, 04.09.2024
21:01
US CERT
Russian Military Cyber Actors Target US and Global Critical Infrastructure
Titel
Russian Military Cyber Actors Target US and Global Critical Infrastructure
Veröffentlicht
4. September 2024 21:01
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a
Text
Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes ...
Dienstag, 03.09.2024
14:00
US CERT (ICS)
LOYTEC Electronics LINX Series
Titel
LOYTEC Electronics LINX Series
Veröffentlicht
3. September 2024 14:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: LOYTEC electronics GmbH Equipment: LINX series Vulnerabilities: Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function, Cleartext Storage of Sensitive Information, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities ...
  • 1
  • 2
  • 3 (current)

Letzte Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
22.11.2024
US CERT
08.11.2024
US CERT (ICS)
21.11.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds