Bulletins | CERT@VDE

SSA-324998 V1.0: Multiple Vulnerabilities in SICAM A8000

Title

SSA-324998 V1.0: Multiple Vulnerabilities in SICAM A8000

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324998.pdf

Summary

SICAM A8000 devices are impacted by two vulnerabilities. The first one could allow a privileged user to enable a debug port with default credentials. The second vulnerability could allow unauthenticated access to certain previously created log files. Siemens has released updates for the affected products and recommends to update to ...

SSA-173318 V1.0: Unquoted Search Path Vulnerability in SICAM PQ Analyzer

Title

SSA-173318 V1.0: Unquoted Search Path Vulnerability in SICAM PQ Analyzer

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-173318.pdf

Summary

SICAM PQ Analyzer uses an unquoted registry entry and is thus vulnerable to an unquoted search path vulnerability. Siemens has released an update for the SICAM PQ Analyzer and recommends to update to the latest version.

SSA-789208 V1.2 (Last Update: 2022-01-11): Multiple Vulnerabilities (INFRA:HALT) in Interniche IP-Stack based Low Voltage Devices

Title

SSA-789208 V1.2 (Last Update: 2022-01-11): Multiple Vulnerabilities (INFRA:HALT) in Interniche IP-Stack based Low Voltage Devices

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf

Summary

Security researchers discovered and disclosed 14 vulnerabilities in the Interniche IP stack, also known as “INFRA:HALT” vulnerabilities [0]. This advisory describes the impact to Siemens low voltage products, which are only affected by four out of the 14 vulnerabilities. Siemens has released updates for several affected products and recommends to ...

SSA-772220 V1.5 (Last Update: 2022-01-11): OpenSSL Vulnerabilities in Industrial Products

Title

SSA-772220 V1.5 (Last Update: 2022-01-11): OpenSSL Vulnerabilities in Industrial Products

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf

Summary

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent. Siemens has released updates for several affected products and recommends to update to the latest versions. ...

SSA-766247 V1.1 (Last Update: 2022-01-11): Authentication Vulnerability in SIMATIC Process Historian

Title

SSA-766247 V1.1 (Last Update: 2022-01-11): Authentication Vulnerability in SIMATIC Process Historian

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-766247.pdf

Summary

The latest update for SIMATIC Process Historian (PH) fixes an authentication vulnerability in the configuration interface of redundant PH instances that could enable the execution of admin operations on the database. The related vulnerable interface is restricted to local access on recent versions starting from SIMATIC Process Historian 2020. Siemens ...

SSA-705111 V1.2 (Last Update: 2022-01-11): Multiple Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS

Title

SSA-705111 V1.2 (Last Update: 2022-01-11): Multiple Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf

Summary

Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as “NAME:WRECK” vulnerabilities. The vulnerabilities described in this advisory are from this set. The DNS client of affected products contains multiple vulnerabilities related to the handling of DNS responses and requests. The most severe could allow an ...

SSA-580693 V1.2 (Last Update: 2022-01-11): WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products

Title

SSA-580693 V1.2 (Last Update: 2022-01-11): WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-580693.pdf

Summary

WIBU Systems published information about a denial-of-service vulnerability and an associated fix release version of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management. The vulnerability is described in the section “Vulnerability Classification” below and got assigned the CVE ID CVE-2021-41057. Successful ...

SSA-201384 V1.2 (Last Update: 2022-01-11): Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus ...

Title

SSA-201384 V1.2 (Last Update: 2022-01-11): Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus RTOS

Published

Jan. 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf

Summary

Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as “NAME:WRECK” vulnerabilities. The vulnerability described in this advisory is from this set. The DNS client of of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability related to the handling of ...

06.01.2022

Philips Engage Software

Title

Philips Engage Software

Published

Jan. 6, 2022, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsma-22-006-01

Summary

This advisory contains mitigations for an Improper Access Control vulnerability in Philips Engage customer support software platform.

06.01.2022

https://us-cert.cisa.gov/ics/advisories/icsa-22-006-02

Fernhill SCADA

Title

Fernhill SCADA

Published

Jan. 6, 2022, 4:05 p.m.

URL

Summary

This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability the Fernhill SCADA Server background service (daemon).

06.01.2022

https://us-cert.cisa.gov/ics/advisories/icsa-22-006-03

IDEC PLCs

Title

IDEC PLCs

Published

Jan. 6, 2022, 4 p.m.

URL

Summary

This advisory contains mitigations for Unprotected Transport of Credentials, and Plaintext Storage of a Password vulnerabilities in the IDEC PLC program.

05.01.2022

SSA-661247 V2.2 (Last Update: 2022-01-05): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Title

SSA-661247 V2.2 (Last Update: 2022-01-05): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Published

Jan. 5, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Summary

On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...

December 2021

28.12.2021

SSA-784507 V1.0: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products

Title

SSA-784507 V1.0: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products

Published

Dec. 28, 2021, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf

Summary

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) contain a vulnerability (CVE-2021-44832) that could allow an attacker with permission to modify the logging configuration file to execute arbitrary code, when the JDBC Appender is used [1]. This advisory informs about the impact of CVE-2021-44832 to ...

28.12.2021

SSA-661247 V2.1 (Last Update: 2021-12-28): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Title

SSA-661247 V2.1 (Last Update: 2021-12-28): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Published

Dec. 28, 2021, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Summary

27.12.2021

SSA-661247 V2.0 (Last Update: 2021-12-27): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Title

SSA-661247 V2.0 (Last Update: 2021-12-27): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Published

Dec. 27, 2021, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Summary

Moxa MGate Protocol Gateways

Title

Moxa MGate Protocol Gateways

Published

Dec. 23, 2021, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-357-01

Summary

This advisory contains mitigations for a Cross-site Scripting vulnerability in the Moxa MGate Protocol Gateways, a serial-to-Ethernet Modbus gateway.

Johnson Controls exacq Enterprise Manager

Title

Johnson Controls exacq Enterprise Manager

Published

Dec. 23, 2021, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-357-02

Summary

This advisory contains mitigations for an Improper Input Validation vulnerability in the Johnson Controls exacq Enterprise Manager tool.

SSA-661247 V1.9 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Title

SSA-661247 V1.9 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Published

Dec. 23, 2021, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Summary

SSA-479842 V1.1 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platf...

Title

SSA-479842 V1.1 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platform, Basic and Advanced)

Published

Dec. 23, 2021, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf

Summary

22.12.2021

US CERT

AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Title

AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Published

Dec. 22, 2021, 4 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa21-356a

Summary

Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ ...

22.12.2021

BOSCH PSIRT

Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)

Title

Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)

Published

Dec. 22, 2021, 1 a.m.

URL

https://psirt.bosch.com/security-advisories/bosch-sa-993110-bt.html

Summary

BOSCH-SA-993110-BT: The 1.0.31 software version of the PRAESENSA Advanced Public Address Server (PRA-APAS) contains version 2.10.0 of the Apache Log4j logging service. Recently Apache has warned that this Log4j version contains multiple vulnerabilities, including the Log4Shell vulnerability (CVE-2021-44228).This Log4Shell vulnerability allows remote code execution by sending a specifically crafted log ...

22.12.2021

SSA-661247 V1.8 (Last Update: 2021-12-22): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...

Title

SSA-661247 V1.8 (Last Update: 2021-12-22): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products

Published

Dec. 22, 2021, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Summary

21.12.2021

Fresenius Kabi Agilia Connect Infusion System

Title

Fresenius Kabi Agilia Connect Infusion System

Published

Dec. 21, 2021, 4:25 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsma-21-355-01

Summary

This advisory contains mitigations for several vulnerabilities in the Fresenius Kabi Agilia Connect Infusion System.

21.12.2021

https://us-cert.cisa.gov/ics/advisories/icsa-21-355-01

mySCADA myPRO

Title

mySCADA myPRO

Published

Dec. 21, 2021, 4:20 p.m.

URL

Summary

This advisory contains mitigations for Authentication Bypass Using an Alternate Path or Channel, Use of Password Hash with Insufficient Computational Effort, Hidden Functionality, and OS Command Injection vulnerabilities in the mySCADA myPRO HMI/SCADA system.

21.12.2021