SIEMENS CERT
08/11/2020
The latest updates for the affected products fix a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens is …
SIEMENS CERT
08/11/2020
The latest update for SCALANCE M-800 / S615 and RUGGEDCOM RM1224 devices fixes a buffer overflow vulnerability in the third party component pppd that could allow an attacker with network access to an affected device to execute custom code on the device. Siemens has released updates for affected devices and …
SIEMENS CERT
08/11/2020
The extension module Advanced Reporting for Desigo CC and Desigo CC Compact contains a code injection vulnerability, which could be exploited if the extension module is installed on the server and configured. Siemens has released patches for the affected products and recommends specific countermeasures for unpatched systems.
SIEMENS CERT
08/11/2020
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition. Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further …
SIEMENS CERT
08/11/2020
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
08/11/2020
A vulnerability in the affected devices could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial-of-service attack. Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further updates and recommends specific …
SIEMENS CERT
08/11/2020
The latest update for Automation License Manager (ALM) fixes a vulnerability that could allow local users to locally escalate privileges and modify files that should be protected against writing. Siemens has released an update for ALM 6 and recommends that customers update to the latest version. Siemens recommends specific countermeasures …
SIEMENS CERT
08/11/2020
Several industrial devices are affected by two vulnerabilities that could allow an attacker to cause a Denial-of-Service condition via PROFINET DCP network packets under certain circumstances. The precondition for this scenario is a direct layer 2 access to the affected products. PROFIBUS interfaces are not affected. Siemens has released updates …