Bulletins | CERT@VDE

SSA-750499 V1.0: Weak Encryption Vulnerability in SIPROTEC 5 Devices

Titel

SSA-750499 V1.0: Weak Encryption Vulnerability in SIPROTEC 5 Devices

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-750499.html

Text

The SIPROTEC 5 devices are supporting weak encryption. This could allow an unauthorized attacker in a man-in-the-middle position to read any data passed over the connection between legitimate clients and the affected device. Siemens has released new versions for several affected products and recommends to update to the latest versions. ...

SSA-337522 V1.1 (Last Update: 2024-07-09): Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8

Titel

SSA-337522 V1.1 (Last Update: 2024-07-09): Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-337522.html

Text

Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-723487 V1.0: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Pro...

Titel

SSA-723487 V1.0: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-723487.html

Text

This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SCALANCE, RUGGEDCOM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., SCALANCE or RUGGEDCOM devices) and a RADIUS server (e.g., SINEC INS), to ...

SSA-722010 V1.0: Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go

Titel

SSA-722010 V1.0: Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-722010.html

Text

Siemens Teamcenter Visualization and JT2Go are affected by an out of bounds read vulnerability in the APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens ...

SSA-753746 V1.3 (Last Update: 2024-07-09): Denial of Service Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software ...

Titel

SSA-753746 V1.3 (Last Update: 2024-07-09): Denial of Service Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-753746.html

Text

Two null point dereference vulnerabilities affect multiple SIMATIC software products. These could allow an attacker to cause a persistent denial of service condition in the RPC Server of these products. Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-593272 V2.2 (Last Update: 2024-07-09): SegmentSmack in Interniche IP-Stack based Industrial Devices

Titel

SSA-593272 V2.2 (Last Update: 2024-07-09): SegmentSmack in Interniche IP-Stack based Industrial Devices

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-593272.html

Text

A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released new versions for ...

SSA-780073 V2.4 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets

Titel

SSA-780073 V2.4 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-780073.html

Text

Products that include the Siemens PROFINET-IO (PNIO) stack in versions prior V06.00 are potentially affected by a denial of service vulnerability when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. Siemens has released new versions for several affected products and recommends to update to the latest versions. ...

SSA-313039 V1.0: Deserialization Vulnerability in STEP 7 Safety before V19

Titel

SSA-313039 V1.0: Deserialization Vulnerability in STEP 7 Safety before V19

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-313039.html

Text

Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released a new version for SIMATIC STEP 7 Safety V18 and recommends to update to the latest ...

SSA-346262 V3.3 (Last Update: 2024-07-09): Denial of Service Vulnerability in SNMP Interface of Industrial Products

Titel

SSA-346262 V3.3 (Last Update: 2024-07-09): Denial of Service Vulnerability in SNMP Interface of Industrial Products

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-346262.html

Text

Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a denial of service attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

SSA-779936 V1.0: Catalog-Profile Deserialization Vulnerability in Siemens Engineering Platforms before V19

Titel

SSA-779936 V1.0: Catalog-Profile Deserialization Vulnerability in Siemens Engineering Platforms before V19

Veröffentlicht

9. Juli 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-779936.html

Text

Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends ...

Juni 2024

SSA-024584 V1.0: Authentication Bypass Vulnerability in PowerSys before V3.11

Titel

SSA-024584 V1.0: Authentication Bypass Vulnerability in PowerSys before V3.11

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-024584.html

Text

PowerSys before V3.11 is affected by a vulnerability that could allow a local attacker to bypass authentication, thereby gaining administrative privileges for the managed remote devices. Siemens has released a new version for PowerSys and recommends to update to the latest version.

SSA-566905 V1.2 (Last Update: 2024-06-11): Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products

Titel

SSA-566905 V1.2 (Last Update: 2024-06-11): Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-566905.html

Text

Multiple vulnerabilities in the affected products could allow an unauthorized attacker with network access to the webserver of an affected products to perform a denial of service attack. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix ...

SSA-093430 V1.1 (Last Update: 2024-06-11): Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0

Titel

SSA-093430 V1.1 (Last Update: 2024-06-11): Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-093430.html

Text

Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.

SSA-035466 V1.1 (Last Update: 2024-06-11): Incorrect Permission Assignment in SICAM PAS/PQS

Titel

SSA-035466 V1.1 (Last Update: 2024-06-11): Incorrect Permission Assignment in SICAM PAS/PQS

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-035466.html

Text

SICAM PAS/PQS is affected by insecure permission assignments in application folders that could allow an authenticated local attacker to read and modify configuration data or to escalate privileges. Siemens has released a new version for SICAM PAS/PQS and recommends to update to the latest version. Siemens has also released a ...

SSA-625862 V1.0: Multiple Vulnerabilities in Third-Party Components in SIMATIC CP 1542SP-1 and CP 1543SP-1 before V2.3

Titel

SSA-625862 V1.0: Multiple Vulnerabilities in Third-Party Components in SIMATIC CP 1542SP-1 and CP 1543SP-1 before V2.3

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-625862.html

Text

SIMATIC CP 1542SP-1 and CP 1543SP-1 before V2.3 are affected by multiple vulnerabilities in third-party components and the integrated web server. Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-337522 V1.0: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8

Titel

SSA-337522 V1.0: Multiple Vulnerabilities in TIM 1531 IRC before V2.4.8

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-337522.html

Text

Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-353002 V1.1 (Last Update: 2024-06-11): Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG ...

Titel

SSA-353002 V1.1 (Last Update: 2024-06-11): Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-353002.html

Text

SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family is affected by multiple vulnerabilities. CVE-2023-44318 and CVE-2023-44321 were previously published as part of SSA-699386. Siemens recommends countermeasures for products where fixes are not, or not yet available.

SSA-196737 V1.0: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2

Titel

SSA-196737 V1.0: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-196737.html

Text

SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.

SSA-341067 V1.0: Multiple vulnerabilities in third-party components in ST7 ScadaConnect before V1.1

Titel

SSA-341067 V1.0: Multiple vulnerabilities in third-party components in ST7 ScadaConnect before V1.1

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-341067.html

Text

Siemens has released a new version for ST7 ScadaConnect and recommends to update to the latest version.

SSA-620338 V1.0: Buffer Overflow Vulnerability in SICAM AK3 / BC / TM

Titel

SSA-620338 V1.0: Buffer Overflow Vulnerability in SICAM AK3 / BC / TM

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-620338.html

Text

SICAM AK3/TM/BC devices are affected by a buffer overflow vulnerability that could allow an attacker to execute code in the context of the current process or lead to a denial of service condition. SICAM AK3 device firmware CPCX26 for CP-2016 PCCX26 for CP-2019 SICAM AK3, SICAM BC and SICAM TM ...

SSA-690517 V1.0: Multiple Vulnerabilities in SCALANCE W700 802.11 AX Family

Titel

SSA-690517 V1.0: Multiple Vulnerabilities in SCALANCE W700 802.11 AX Family

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-690517.html

Text

SCALANCE W700 802.11 AX Family is affected by multiple vulnerabilities. Siemens recommends countermeasures for products where fixes are not, or not yet available.

SSA-319319 V1.0: Denial of Service Vulnerability in TIA Administrator

Titel

SSA-319319 V1.0: Denial of Service Vulnerability in TIA Administrator

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-319319.html

Text

TIA Administrator creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process. Siemens has released a new version for TIA Administrator and recommends to update to the latest version.

SSA-398330 V1.6 (Last Update: 2024-06-11): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Titel

SSA-398330 V1.6 (Last Update: 2024-06-11): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Text

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). These GNU/Linux vulnerabilities have been externally identified. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not ...

SSA-540640 V1.0: Improper Privilege Management Vulnerability in Mendix Runtime

Titel

SSA-540640 V1.0: Improper Privilege Management Vulnerability in Mendix Runtime

Veröffentlicht

11. Juni 2024 02:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-540640.html

Text

Apps built with Mendix Runtime >= V9.3 could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a target role which contains the elevated access rights. Siemens has released new versions for ...