SIEMENS CERT
        05/03/2018
      
          Several industrial devices are affected by two vulnerabilities that could allow an attacker to cause a Denial-of-Service condition via PROFINET DCP network packets under certain circumstances. Precondition for this scenario is a direct Layer 2 access to the affected products. PROFIBUS interfaces are not affected. Siemens has released updates for …
        
      
    SIEMENS CERT
        05/03/2018
      
          Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
        
      
    SIEMENS CERT
        05/03/2018
      
          The latest updates for medium voltage SINAMICS products fix two security vulnerabilities that could allow an attacker to cause a Denial-of-Service condition either via specially crafted PROFINET DCP broadcast packets or by sending specially crafted packets to port 161/udp (SNMP). Precondition for the PROFINET DCP scenario is a direct Layer …
        
      
    SIEMENS CERT
        05/03/2018
      
          The latest update for the Siveillance VMS Video mobile app for Android and iOS fixes a security vulnerability that could allow an attacker in a privileged network position to read data from and write data to the encrypted communication channel between the app and a server. Precondition for this scenario …
        
      
    SIEMENS CERT
        05/03/2018
      
          Siemens has released software updates for Siveillance VMS which fix a security vulnerability with the .NET Remoting deserialization that could allow elevation of privileges and/or causing a Denial-of-Service, if affected ports are exposed.
        
      
    SIEMENS CERT
        04/18/2018
      
          The SIMATIC WinCC OA Operator iOS app is affected by a security vulnerability which could allow an attacker to read unencrypted data from the application’s directory. Precondition for this scenario is that an attacker has physical access to the mobile device.
        
      
    SIEMENS CERT
        04/18/2018
      
          Security researchers published information on vulnerabilities known as Spectre and Meltdown. These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Industrial Products include affected processors and are affected by the vulnerabilities.
        
      
    SIEMENS CERT
        04/18/2018
      
          Intel has identified vulnerabilities in Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE). As several Siemens Industrial PCs use Intel technology, they are also affected. Siemens has released updates for the affected Industrial PCs.