SIEMENS CERT
12/11/2018
Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
12/11/2018
The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by security vulnerabilities which could allow an attacker to conduct a Denial-of-Service attack over the network. Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes …
SIEMENS CERT
12/11/2018
Security researchers published information on vulnerabilities known as Foreshadow and L1 Terminal Fault (L1TF). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
SIEMENS CERT
12/11/2018
McAfee has issued Security Bulletin SB10250 to address a vulnerabilty in McAfee Application and Change Control (MACC). SINAMICS PERFECT HARMONY GH180 Drives with HMIs produced between November 4th, 2015 and October 9th, 2018, use MACC as part of their software package, if option A30 was part of the order. Siemens …
SIEMENS CERT
11/13/2018
Security researchers published information on vulnerabilities known as Spectre and Meltdown. These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Industrial Products include affected processors and are affected by the vulnerabilities.
SIEMENS CERT
11/13/2018
The latest update for SIMATIC STEP7 (TIA Portal) fixes a vulnerability that could allow an attacker with local access to a project file to reconstruct certain passwords stored in the project. Siemens recommends to update to the new version.