Bulletins | CERT@VDE

SSA-111547 V1.0: Cleartext Storage of Sensitive Information Vulnerability in SIPROTEC 5

Titel

SSA-111547 V1.0: Cleartext Storage of Sensitive Information Vulnerability in SIPROTEC 5

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-111547.html

Text

Affected SIPROTEC 5 devices do not encrypt certain data within the on-board flash storage on their PCB. This could allow an attacker with physical access to read the sensitive information from the filesystem of the device. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are ...

SSA-196737 V1.1 (Last Update: 2025-02-11): Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2

Titel

SSA-196737 V1.1 (Last Update: 2025-02-11): Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-196737.html

Text

SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.

SSA-195895 V1.0: User Enumeration Vulnerability in the Webserver of SIMATIC Products

Titel

SSA-195895 V1.0: User Enumeration Vulnerability in the Webserver of SIMATIC Products

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-195895.html

Text

The webserver of several SIMATIC products is affected by a user enumeration vulnerability that could allow an unauthenticated remote attacker to identify valid usernames. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific ...

SSA-398330 V2.3 (Last Update: 2025-02-11): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Titel

SSA-398330 V2.3 (Last Update: 2025-02-11): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Text

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). These GNU/Linux vulnerabilities have been externally identified. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not ...

SSA-194557 V1.1 (Last Update: 2025-02-11): Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5

Titel

SSA-194557 V1.1 (Last Update: 2025-02-11): Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-194557.html

Text

Affected SIPROTEC 5 devices do not properly limit the access of the web server to the filesystem. This could allow an authenticated remote attacker to read arbitrary files or the entire filesystem of the device. Siemens has released new versions for several affected products and recommends to update to the ...

SSA-354569 V1.1 (Last Update: 2025-02-11): Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Dev...

Titel

SSA-354569 V1.1 (Last Update: 2025-02-11): Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-354569.html

Text

Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. [1] https://security.paloaltonetworks.com/

SSA-349422 V2.2 (Last Update: 2025-02-11): Denial of Service Vulnerability in Industrial Real-Time (IRT) Devices

Titel

SSA-349422 V2.2 (Last Update: 2025-02-11): Denial of Service Vulnerability in Industrial Real-Time (IRT) Devices

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-349422.html

Text

A vulnerability in the affected products could allow an unauthorized attacker with network access to perform a denial-of-service attack resulting in loss of real-time synchronization. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes ...

SSA-342348 V1.0: Insufficient Session Expiration Vulnerability in Siemens Products

Titel

SSA-342348 V1.0: Insufficient Session Expiration Vulnerability in Siemens Products

Veröffentlicht

11. Februar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-342348.html

Text

Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user’s session even after logout. Siemens has released new versions for several affected products and recommends to update to ...

Januar 2025

15.01.2025

SSA-404759 V1.1 (Last Update: 2025-01-15): Information Disclosure Vulnerability in Siveillance Video Camera Drivers

Titel

SSA-404759 V1.1 (Last Update: 2025-01-15): Information Disclosure Vulnerability in Siveillance Video Camera Drivers

Veröffentlicht

15. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-404759.html

Text

Several camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions. Siemens has released an update of the Device Pack and recommends to ...

SSA-999588 V1.7 (Last Update: 2025-01-14): Multiple Vulnerabilities in User Management Component (UMC) Before V2.11.2

Titel

SSA-999588 V1.7 (Last Update: 2025-01-14): Multiple Vulnerabilities in User Management Component (UMC) Before V2.11.2

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-999588.html

Text

Siemens User Management Component (UMC) before V2.11.2 is affected by multiple vulnerabilities where the most severe could lead to a restart of the UMC server. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes ...

SSA-876787 V1.3 (Last Update: 2025-01-14): Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs

Titel

SSA-876787 V1.3 (Last Update: 2025-01-14): Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-876787.html

Text

Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link. Siemens ...

SSA-039007 V1.3 (Last Update: 2025-01-14): Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)

Titel

SSA-039007 V1.3 (Last Update: 2025-01-14): Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-039007.html

Text

Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures ...

SSA-054046 V1.2 (Last Update: 2025-01-14): Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs

Titel

SSA-054046 V1.2 (Last Update: 2025-01-14): Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-054046.html

Text

Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the ...

SSA-871035 V1.1 (Last Update: 2025-01-14): Session-Memory Deserialization Vulnerability in Siemens Engineering Platforms Before...

Titel

SSA-871035 V1.1 (Last Update: 2025-01-14): Session-Memory Deserialization Vulnerability in Siemens Engineering Platforms Before V19

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-871035.html

Text

Affected products do not properly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for ...

SSA-413565 V1.4 (Last Update: 2025-01-14): Multiple Vulnerabilities in SCALANCE Products

Titel

SSA-413565 V1.4 (Last Update: 2025-01-14): Multiple Vulnerabilities in SCALANCE Products

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-413565.html

Text

Multiple SCALANCE devices are affected by several vulnerabilities that could allow an attacker to inject code, retrieve data as debug information as well as user CLI passwords or set the CLI to an irresponsive state. Siemens has released updates for the affected products and recommends to update to the latest ...

SSA-404759 V1.0: Information Disclosure Vulnerability in Siveillance Video Camera Drivers

Titel

SSA-404759 V1.0: Information Disclosure Vulnerability in Siveillance Video Camera Drivers

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-404759.html

Text

Several HikVision camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions. Siemens has released an update of the Device Pack and recommends ...

SSA-398330 V2.2 (Last Update: 2025-01-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Titel

SSA-398330 V2.2 (Last Update: 2025-01-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Text

SSA-482757 V1.5 (Last Update: 2025-01-14): Missing Immutable Root of Trust in S7-1500 CPU devices

Titel

SSA-482757 V1.5 (Last Update: 2025-01-14): Missing Immutable Root of Trust in S7-1500 CPU devices

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-482757.html

Text

Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot ...

SSA-446448 V2.3 (Last Update: 2025-01-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Titel

SSA-446448 V2.3 (Last Update: 2025-01-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-446448.html

Text

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific ...

SSA-314390 V1.0: LDAP Injection Vulnerability in Mendix LDAP Module

Titel

SSA-314390 V1.0: LDAP Injection Vulnerability in Mendix LDAP Module

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-314390.html

Text

The Mendix LDAP module is affected by an LDAP injection vulnerability that could allow an unauthenticated remote attacker to bypass username verification. Siemens has released a new version for Mendix LDAP and recommends to update to the latest version.

SSA-416411 V1.0: Cross-Site Scripting Vulnerability in Industrial Edge Management

Titel

SSA-416411 V1.0: Cross-Site Scripting Vulnerability in Industrial Edge Management

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-416411.html

Text

Industrial Edge Management is affected by a reflected cross-site scripting (XSS) vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link. Siemens recommends countermeasures for products where fixes are not, or not yet available.

SSA-194557 V1.0: Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5

Titel

SSA-194557 V1.0: Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-194557.html

Text

SSA-717113 V1.0: Cross-Site Request Forgery (CSRF) Vulnerability in SIMATIC S7-1200 CPUs before V4.7

Titel

SSA-717113 V1.0: Cross-Site Request Forgery (CSRF) Vulnerability in SIMATIC S7-1200 CPUs before V4.7

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-717113.html

Text

The web interface of SIMATIC S7-1200 CPUs before V4.7 is affected by a cross-site request forgery (CSRF) vulnerability. Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-711309 V2.3 (Last Update: 2025-01-14): Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

Titel

SSA-711309 V2.3 (Last Update: 2025-01-14): Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

Veröffentlicht

14. Januar 2025 01:00

URL

https://cert-portal.siemens.com/productcert/html/ssa-711309.html

Text

The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. Siemens has released new versions for several affected products and ...