• 1 (current)
  • 2
  • 3
Donnerstag, 27.02.2025
13:00
US CERT (ICS)
Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers
Titel
Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers
Veröffentlicht
27. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-058-01
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Communication modules for Modicon M580 and Quantum controllers Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a stack overflow attack, which could result in loss of confidentiality, integrity, ...
Dienstag, 25.02.2025
13:00
US CERT (ICS)
Rockwell Automation PowerFlex 755
Titel
Rockwell Automation PowerFlex 755
Veröffentlicht
25. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-056-01
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: PowerFlex 755 Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposure of sensitive data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of ...
01:00
SIEMENS CERT
SSA-656895 V1.1 (Last Update: 2025-02-25): Open Redirect Vulnerability in Teamcenter
Titel
SSA-656895 V1.1 (Last Update: 2025-02-25): Open Redirect Vulnerability in Teamcenter
Veröffentlicht
25. Februar 2025 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-656895.html
Text
The SSO login service in Teamcenter contains an open redirect vulnerability that could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
Donnerstag, 20.02.2025
13:00
US CERT (ICS)
Carrier Block Load
Titel
Carrier Block Load
Veröffentlicht
20. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-03
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Carrier Equipment: Block Load Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious actor to execute arbitrary code with escalated privileges . 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ...
13:00
US CERT (ICS)
ABB ASPECT-Enterprise, NEXUS, and MATRIX Series
Titel
ABB ASPECT-Enterprise, NEXUS, and MATRIX Series
Veröffentlicht
20. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-01
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: ASPECT-Enterprise, NEXUS, and MATRIX series Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain access to devices without proper authentication. 3. TECHNICAL DETAILS 3.1 ...
13:00
US CERT (ICS)
Elseta Vinci Protocol Analyzer
Titel
Elseta Vinci Protocol Analyzer
Veröffentlicht
20. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-06
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elseta Equipment: Vinci Protocol Analyzer Vulnerability: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges and perform ...
13:00
US CERT (ICS)
ABB FLXEON Controllers
Titel
ABB FLXEON Controllers
Veröffentlicht
20. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-02
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: FLXEON Controllers Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion'), Missing Origin Validation in WebSockets, Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation ...
13:00
US CERT (ICS)
Rapid Response Monitoring My Security Account App
Titel
Rapid Response Monitoring My Security Account App
Veröffentlicht
20. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-05
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rapid Response Monitoring Equipment: My Security Account App Vulnerability: Authorization Bypass Through User-Controlled Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attacker to access sensitive information of other users. 3. TECHNICAL DETAILS 3.1 ...
Mittwoch, 19.02.2025
17:38
US CERT
#StopRansomware: Ghost (Cring) Ransomware
Titel
#StopRansomware: Ghost (Cring) Ransomware
Veröffentlicht
19. Februar 2025 17:38
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-050a
Text
Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect ...
01:00
SIEMENS CERT
SSA-354569 V1.2 (Last Update: 2025-02-19): Multiple Vulnerabilities in Palo Alto Networks PAN-OS on RUGGEDCOM APE1808 Devices
Titel
SSA-354569 V1.2 (Last Update: 2025-02-19): Multiple Vulnerabilities in Palo Alto Networks PAN-OS on RUGGEDCOM APE1808 Devices
Veröffentlicht
19. Februar 2025 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-354569.html
Text
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. [1] https://security.paloaltonetworks.com/
Montag, 17.02.2025
01:00
SIEMENS CERT
SSA-992434 V1.0: Directory Traversal Vulnerability in Third-Party Component in SiPass integrated
Titel
SSA-992434 V1.0: Directory Traversal Vulnerability in Third-Party Component in SiPass integrated
Veröffentlicht
17. Februar 2025 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-992434.html
Text
SiPass integrated is affected by a directory traversal vulnerability in the third-party component DotNetZip. The vulnerability could allow an attacker to execute arbitrary code on the application server, if a specially crafted backup set is used for a restore. Siemens has released a new version for SiPass integrated and recommends ...
Freitag, 14.02.2025
01:00
SIEMENS CERT
SSA-246355 V1.1 (Last Update: 2025-02-14): Multiple Vulnerabilities in Tableau Server Component of Opcenter Intelligence
Titel
SSA-246355 V1.1 (Last Update: 2025-02-14): Multiple Vulnerabilities in Tableau Server Component of Opcenter Intelligence
Veröffentlicht
14. Februar 2025 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-246355.html
Text
The Tableau Server component in Opcenter Intelligence contains multiple vulnerabilities as described below. Siemens has released a new version for Opcenter Intelligence and recommends to update to the latest version and to install the latest available version of Tableau Server as described in https://support.sw.siemens.com/knowledge-base/PL8822108.
Donnerstag, 13.02.2025
13:00
US CERT (ICS)
Siemens OpenV2G
Titel
Siemens OpenV2G
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-08
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
13:00
US CERT (ICS)
Outback Power Mojave Inverter
Titel
Outback Power Mojave Inverter
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-17
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Outback Power Equipment: Mojave Inverter Vulnerabilities: Use of GET Request Method With Sensitive Query Strings, Exposure of Sensitive Information to an Unauthorized Actor, Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an ...
13:00
US CERT (ICS)
Siemens APOGEE PXC and TALON TC Series
Titel
Siemens APOGEE PXC and TALON TC Series
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-11
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
13:00
US CERT (ICS)
Siemens SIMATIC S7-1200 CPU Family
Titel
Siemens SIMATIC S7-1200 CPU Family
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-01
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
13:00
US CERT (ICS)
Siemens SIPROTEC 5
Titel
Siemens SIPROTEC 5
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-03
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
13:00
US CERT (ICS)
ORing IAP-420
Titel
ORing IAP-420
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-15
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: ORing Equipment: IAP-20 Vulnerabilities: Cross-site Scripting, Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to invoke commands to compromise the device via the management interface. 3. TECHNICAL ...
13:00
US CERT (ICS)
Siemens Opcenter Intelligence
Titel
Siemens Opcenter Intelligence
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-14
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
13:00
US CERT (ICS)
Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor
Titel
Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-12
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
13:00
US CERT (ICS)
Siemens SIMATIC PCS neo and TIA Administrator
Titel
Siemens SIMATIC PCS neo and TIA Administrator
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-13
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
13:00
US CERT (ICS)
Dingtian DT-R0 Series
Titel
Dingtian DT-R0 Series
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-18
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Dingtian Equipment: DT-R0 Series Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify the device settings and gain administrator access. 3. ...
13:00
US CERT (ICS)
Siemens SCALANCE W700
Titel
Siemens SCALANCE W700
Veröffentlicht
13. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09
Text
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...
Dienstag, 11.02.2025
01:00
SIEMENS CERT
SSA-767615 V1.0: Information Disclosure Vulnerability in SIPROTEC 5 Devices
Titel
SSA-767615 V1.0: Information Disclosure Vulnerability in SIPROTEC 5 Devices
Veröffentlicht
11. Februar 2025 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-767615.html
Text
An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products ...
01:00
SIEMENS CERT
SSA-769027 V1.0: Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0
Titel
SSA-769027 V1.0: Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0
Veröffentlicht
11. Februar 2025 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-769027.html
Text
SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.
  • 1 (current)
  • 2
  • 3

Letzte Updates

BOSCH PSIRT
15.01.2025
SIEMENS CERT
11.03.2025
US CERT
19.02.2025
US CERT (ICS)
11.03.2025

Nach Quelle

Archiv

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds