SIEMENS CERT
02/11/2020
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
02/11/2020
The latest update for SIMATIC CP 1543-1 contains two fixes for vulnerabilities within its embedded ProFTPD FTP server. The more severe of these vulnerabilities could allow for remote code execution and information disclosure without authentication. Siemens has released updates for SIMATIC CP 1543-1 modules.
SIEMENS CERT
02/11/2020
A vulnerability in the affected devices could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial-of-service attack. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and recommends …
SIEMENS CERT
02/11/2020
The firmware for SCALANCE S-600 family devices contains multiple web vulnerabilities. The vulnerabilities could allow an remote attacker to conduct Denial-of-Service attacks or perform Cross-Site Scripting attacks. Siemens recommends to migrate to SCALANCE SC-600 Industrial Security Appliances.
SIEMENS CERT
02/11/2020
Security researchers published information on vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
SIEMENS CERT
02/11/2020
SIMATIC S7-1500 CPU family devices are affected by a vulnerability that could allow an attacker to perform a Denial-of-Service attack if specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, is working on updates for the remaining affected products and recommends specific …
SIEMENS CERT
02/11/2020
Products that include the Siemens PROFINET-IO (PNIO) stack in versions prior V06.00 are potentially affected by a denial-of-service vulnerability when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is …
SIEMENS CERT
02/11/2020
A vulnerability has been identified in several SIMATIC products. The vulnerability could allow an attacker in a Man-in-the-Middle position to modify network traffic exchanged on port 102/tcp to PLCs of the SIMATIC S7-1200, SIMATIC S7-1500 and SIMATIC SoftwareController CPU families. Siemens has released updates for several affected products, and recommends …