Bulletins | CERT@VDE

SSA-209268 V1.0: Multiple JT File Parsing Vulnerabilities in JT Utilities before V13.0.2.0

Titel

SSA-209268 V1.0: Multiple JT File Parsing Vulnerabilities in JT Utilities before V13.0.2.0

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-209268.pdf

Text

Siemens has released version V13.0.2.0 for JT Utilities to ﬁx multiple vulnerabilities that could be triggered when reading JT ﬁles. Siemens recommends to update to the latest version, which contains solutions to all the vulnerabilities listed in this advisory. Standing recommendation is to avoid opening of untrusted ﬁles from unknown ...

SSA-352521 V1.0: Access Check Bypass Vulnerability in Mendix

Titel

SSA-352521 V1.0: Access Check Bypass Vulnerability in Mendix

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-352521.pdf

Text

An incorrect authorization check in Mendix applications could allow an attacker to bypass write permissions to attributes of objects under certain circumstances. Mendix has released an update for Mendix and recommends to update to the latest version.

SSA-373591 V1.0: Buffer Overflow Vulnerability in RUGGEDCOM ROS Devices

Titel

SSA-373591 V1.0: Buffer Overflow Vulnerability in RUGGEDCOM ROS Devices

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-373591.pdf

Text

The latest update for RUGGEDCOM ROS devices fixes a buffer overflow vulnerability in the third party component that could allow an attacker with network access to an affected device to cause a remote code execution condition. Siemens has released updates for the affected products and recommends to update to the ...

SSA-448291 V1.0: Denial-of-Service Vulnerability in ARP Protocol of RWG Universal Controllers

Titel

SSA-448291 V1.0: Denial-of-Service Vulnerability in ARP Protocol of RWG Universal Controllers

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-448291.pdf

Text

A Denial-of-Service vulnerability was found affecting the ARP protocol on RWG Universal Controller devices. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-434535 V1.0: Memory Protection Bypass Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives

Titel

SSA-434535 V1.0: Memory Protection Bypass Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf

Text

Several models of SINAMICS PERFECT HARMONY GH180 Drives are affected by a memory protection bypass vulnerability in the integrated S7-1500 or S7-1200 CPU that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks on the CPU. Siemens ...

SSA-483182 V1.0: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2

Titel

SSA-483182 V1.0: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf

Text

Siemens has released version V13.2 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (GIF, TIFF, BMP, J2K, JT, SGI, PDF, PCT, PCX, PAR and ASM ). If a user is tricked to opening of a malicious ...

SSA-560465 V1.0: DHCP Client Vulnerability in VxWorks-based Industrial Products

Titel

SSA-560465 V1.0: DHCP Client Vulnerability in VxWorks-based Industrial Products

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf

Text

Various industry products are affected by a DHCP client vulnerability in Wind River VxWorks, that could allow an attacker to cause a heap-based buffer overflow. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

SSA-599968 V1.0: Denial-of-Service Vulnerability in Profinet Devices

Titel

SSA-599968 V1.0: Denial-of-Service Vulnerability in Profinet Devices

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf

Text

A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of Profinet Discovery and Configuration Protocol (DCP) reset packets is sent to the affected devices. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens ...

SSA-622535 V1.0: Multiple Vulnerabilities in Teamcenter Active Workspace

Titel

SSA-622535 V1.0: Multiple Vulnerabilities in Teamcenter Active Workspace

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-622535.pdf

Text

Multiple vulnerabilities affecting Teamcenter Active Workspace could lead to sensitive information disclosure and reflected cross site scripting. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-641963 V1.0: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products

Titel

SSA-641963 V1.0: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf

Text

Multiple SIMATIC Software products are affected by a vulnerability that could allow an attacker to manipulate project files and remotely execute code. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not ...

SSA-661034 V1.0: Incorrect Permission Assignment in Multiple SIMATIC Software Products

Titel

SSA-661034 V1.0: Incorrect Permission Assignment in Multiple SIMATIC Software Products

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf

Text

Multiple SIMATIC software products are affected by a vulnerability that could allow an attacker to change the content of certain metafiles and subsequently manipulate parameters or behaviour of devices configured by the affected software products. Siemens has released an update for the SIMATIC STEP 7 V5.X and recommends to update ...

SSA-675303 V1.0: WIBU Systems CodeMeter Runtime Vulnerabilities in Siemens Products

Titel

SSA-675303 V1.0: WIBU Systems CodeMeter Runtime Vulnerabilities in Siemens Products

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-675303.pdf

Text

WIBU Systems disclosed two vulnerabilities and a new release version of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management. The vulnerabilities are described in the section “Vulnerability Classification” below and got assigned the CVE IDs CVE-2021-20093 and CVE-2021-20094. Successful exploitation of ...

SSA-729965 V1.0: TLS Certificate Validation Vulnerability in SINUMERIK Integrate Operate Client

Titel

SSA-729965 V1.0: TLS Certificate Validation Vulnerability in SINUMERIK Integrate Operate Client

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-729965.pdf

Text

The latest update for SINUMERIK Integrate Operate Client fixes a vulnerability that could allow an attacker to spoof any SSL server certificate and conduct man-in-the-middle attacks. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available

SSA-434536 V1.0: Memory Protection Bypass Vulnerability in SINUMERIK ONE and SINUMERIK MC

Titel

SSA-434536 V1.0: Memory Protection Bypass Vulnerability in SINUMERIK ONE and SINUMERIK MC

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf

Text

SINUMERIK ONE and SINUMERIK MC products are affected by a memory protection bypass vulnerability in the integrated S7-1500 CPU that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks on the CPU. Siemens is preparing updates and ...

SSA-772220 V1.0: OpenSSL Vulnerabilities in Industrial Products

Titel

SSA-772220 V1.0: OpenSSL Vulnerabilities in Industrial Products

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf

Text

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a a maliciously crafted renegotiation message is sent. Siemens is preparing updates and recommends countermeasures for products where updates are not, or not ...

SSA-913875 V1.0: Frame Aggregation and Fragmentation Vulnerabilities in 802.11

Titel

SSA-913875 V1.0: Frame Aggregation and Fragmentation Vulnerabilities in 802.11

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

Text

Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published. Successful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation. The ...

SSA-941426 V1.0: Multiple LLDP Vulnerabilities in Industrial Products

Titel

SSA-941426 V1.0: Multiple LLDP Vulnerabilities in Industrial Products

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf

Text

There are multiple vulnerabilities in an underlying Link Layer Discovery Protocol (LLDP) third party library. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

SSA-203306 V1.5 (Last Update: 2021-07-13): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families

Titel

SSA-203306 V1.5 (Last Update: 2021-07-13): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf

Text

SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules. Siemens has released updates for several affected products, and recommends specific countermeasures for the remaining products.

SSA-324955 V1.2 (Last Update: 2021-07-13): SAD DNS Attack in Linux Based Products

Titel

SSA-324955 V1.2 (Last Update: 2021-07-13): SAD DNS Attack in Linux Based Products

Veröffentlicht

13. Juli 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf

Text

A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. The Siemens products which are affected are listed below. For more information please see https://www.saddns.net/. Siemens has released updates for several affected products and ...

Juni 2021

SSA-324955 V1.1 (Last Update: 2021-06-08): SAD DNS Attack in Linux Based Products

Titel

SSA-324955 V1.1 (Last Update: 2021-06-08): SAD DNS Attack in Linux Based Products

Veröffentlicht

8. Juni 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf

Text

SSA-312271 V1.7 (Last Update: 2021-06-08): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications

Titel

SSA-312271 V1.7 (Last Update: 2021-06-08): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications

Veröffentlicht

8. Juni 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf

Text

The latest update for affected products fix local privilege escalation vulnerabilities that could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges. Siemens has released updates for some of the affected products, and is working on further updates. For the remaining affected products, Siemens ...

SSA-133038 V1.0: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap

Titel

SSA-133038 V1.0: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap

Veröffentlicht

8. Juni 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-133038.pdf

Text

Siemens Simcenter Femap is affected by two vulnerabilities that could be triggered when the application reads modfem files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the ...

SSA-200951 V1.0: Multiple Vulnerabilities in Third-Party Component libcurl of TIM Devices

Titel

SSA-200951 V1.0: Multiple Vulnerabilities in Third-Party Component libcurl of TIM Devices

Veröffentlicht

8. Juni 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf

Text

SIMATIC TIM 1531 IRC devices are vulnerable to multiple vulnerabilities in the third party component libcurl that could allow an attacker to extract sensitive information and pass a revoked certificate as valid. Siemens has released an update for SIMATIC TIM 1531 IRC and recommends to update to the latest versions.

SSA-293562 V3.2 (Last Update: 2021-06-08): Vulnerabilities in Industrial Products

Titel

SSA-293562 V3.2 (Last Update: 2021-06-08): Vulnerabilities in Industrial Products

Veröffentlicht

8. Juni 2021 02:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf

Text

Several industrial devices are affected by two vulnerabilities that could allow an attacker to cause a Denial-of-Service condition via PROFINET DCP network packets under certain circumstances. The precondition for this scenario is a direct layer 2 access to the affected products. PROFIBUS interfaces are not affected. Siemens has released updates ...