Bulletins | CERT@VDE

SSA-686975 V1.0: IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs

Titel

SSA-686975 V1.0: IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-686975.pdf

Text

Intel has published information on vulnerabilities in Intel products in November 2022. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update (“2022.3 IPU – BIOS Advisory” Intel-SA-00688). Siemens is preparing updates and recommends specific countermeasures for products ...

SSA-568428 V1.1 (Last Update: 2023-02-14): Weak Key Protection Vulnerability in SINUMERIK ONE and SINUMERIK MC

Titel

SSA-568428 V1.1 (Last Update: 2023-02-14): Weak Key Protection Vulnerability in SINUMERIK ONE and SINUMERIK MC

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-568428.pdf

Text

SINUMERIK ONE and SINUMERIK MC products are affected by a weak key protection vulnerability in the integrated S7-1500 CPU. The weak key protection vulnerability in the integrated S7-1500 CPU is documented in more detail in SSA-568427 [1]. Siemens has released updates for the affected products and recommends to update to ...

SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15

Titel

SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf

Text

Siemens has released a new version for Brownfield Connectivity - Client that contains fixes for multiple vulnerabilities in the underlying OpenSSL library. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Client and recommends to update to the ...

SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation

Titel

SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf

Text

Siemens Tecnomatix Plant Simulation has released an update, 2201 Update 6, that fixes multiple vulnerabilities that could be triggered when the application reads SPP files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary ...

SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid

Titel

SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf

Text

JT Open Toolkit, JT Utilities and Parasolid are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary ...

SSA-313313 V1.2 (Last Update: 2023-02-14): Denial of Service Vulnerability in the FTP Server of Nucleus RTOS

Titel

SSA-313313 V1.2 (Last Update: 2023-02-14): Denial of Service Vulnerability in the FTP Server of Nucleus RTOS

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf

Text

The FTP server of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable ...

SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products

Titel

SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf

Text

Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime

Titel

SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf

Text

Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Titel

SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf

Text

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Titel

SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf

Text

SSA-482757 V1.1 (Last Update: 2023-02-14): Missing Immutable Root of Trust in S7-1500 CPU devices

Titel

SSA-482757 V1.1 (Last Update: 2023-02-14): Missing Immutable Root of Trust in S7-1500 CPU devices

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf

Text

Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot ...

SSA-491245 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge

Titel

SSA-491245 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf

Text

Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as X_B, DWG, DXF, STL, STP, SLDPRT and PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker ...

SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family

Titel

SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf

Text

Insyde has published information on vulnerabilities in Insyde BIOS in November 2022. These vulnerabilities also affect the RUGGEDCOM APE1808 product family. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

Januar 2023

SSA-480230 V2.5 (Last Update: 2023-01-10): Denial of Service Vulnerability in Webserver of Industrial Products

Titel

SSA-480230 V2.5 (Last Update: 2023-01-10): Denial of Service Vulnerability in Webserver of Industrial Products

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf

Text

A vulnerability in the affected devices could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial of service attack. Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further updates and ...

SSA-482757 V1.0: Missing Immutable Root of Trust in S7-1500 CPU devices

Titel

SSA-482757 V1.0: Missing Immutable Root of Trust in S7-1500 CPU devices

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf

Text

SSA-593272 V1.9 (Last Update: 2023-01-10): SegmentSmack in Interniche IP-Stack based Industrial Devices

Titel

SSA-593272 V1.9 (Last Update: 2023-01-10): SegmentSmack in Interniche IP-Stack based Industrial Devices

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf

Text

A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released updates for several ...

SSA-697140 V1.1 (Last Update: 2023-01-10): Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM P...

Titel

SSA-697140 V1.1 (Last Update: 2023-01-10): Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM Products

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf

Text

The products listed below contain a denial of service vulnerability in the TCP event interface that could allow an unauthenticated remote attacker to render the device unusable. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-710008 V1.2 (Last Update: 2023-01-10): Multiple Web Vulnerabilities in SCALANCE Products

Titel

SSA-710008 V1.2 (Last Update: 2023-01-10): Multiple Web Vulnerabilities in SCALANCE Products

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf

Text

SCALANCE devices contain multiple vulnerabilities in MSPS based product lines that could allow authenticated remote attackers to execute custom code or create a XSS situation, as well as unauthenticated remote attackers to create a denial of service condition. Siemens has released updates for several affected products and recommends to update ...

SSA-592007 V1.9 (Last Update: 2023-01-10): Denial of Service Vulnerability in Industrial Products

Titel

SSA-592007 V1.9 (Last Update: 2023-01-10): Denial of Service Vulnerability in Industrial Products

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf

Text

Several industrial controllers are affected by a security vulnerability that could allow an attacker to cause a denial of service condition via PROFINET DCP network packets under certain circumstances. Precondition for this scenario is a direct OSI Layer 2 access to the affected products. PROFIBUS interfaces are not affected. Siemens ...

SSA-552702 V1.3 (Last Update: 2023-01-10): Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Pr...

Titel

SSA-552702 V1.3 (Last Update: 2023-01-10): Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-552702.pdf

Text

The products listed below do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific ...

SSA-712929 V1.6 (Last Update: 2023-01-10): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Prod...

Titel

SSA-712929 V1.6 (Last Update: 2023-01-10): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf

Text

A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest ...

SSA-936212 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Solid Edge

Titel

SSA-936212 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Solid Edge

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf

Text

JT Open Toolkit, JT Utilities and Solid Edge are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to ...

SSA-547714 V1.1 (Last Update: 2023-01-10): Argument Injection Vulnerability in SIMATIC WinCC OA Ultralight Client

Titel

SSA-547714 V1.1 (Last Update: 2023-01-10): Argument Injection Vulnerability in SIMATIC WinCC OA Ultralight Client

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-547714.pdf

Text

SIMATIC WinCC OA contains an argument injection vulnerability that could allow an authenticated remote attacker to inject arbitrary parameters, when starting the Ultralight Client via the web interface (e.g., open attacker chosen panels with the attacker’s credentials or start a Ctrl script). Siemens has released updates for several affected products ...

SSA-496604 V1.0: Cross-Site Scripting Vulnerability in Mendix SAML Module

Titel

SSA-496604 V1.0: Cross-Site Scripting Vulnerability in Mendix SAML Module

Veröffentlicht

10. Januar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-496604.pdf

Text

The Mendix SAML module is affected by a reflected cross-site scripting (XSS) vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link. Apps are only vulnerable in certain cases when non-default configuration is used. Siemens has released updates for the affected products ...