Bulletins | CERT@VDE

Hitachi ABB Power Grids System Data Manager

Title

Hitachi ABB Power Grids System Data Manager

Published

Sept. 7, 2021, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-250-02

Summary

This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in Hitachi ABB Power Grids System Data Manager products.

02.09.2021

Johnson Controls Sensormatic Electronics Illustra

Title

Johnson Controls Sensormatic Electronics Illustra

Published

Sept. 2, 2021, 4:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-245-01

Summary

This advisory contains mitigations for an Off-by-one Error vulnerability in Johnson Controls Sensormatic Electronics Illustra camera systems.

02.09.2021

JTEKT TOYOPUC Products

Title

JTEKT TOYOPUC Products

Published

Sept. 2, 2021, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-245-02

Summary

This advisory contains mitigations for a Allocation of Resources Without Limits or Throttling vulnerability in JTEKT TOYOPUC industrial system hardware products.

August 2021

31.08.2021

US CERT

AA21-243A: Ransomware Awareness for Holidays and Weekends

Title

AA21-243A: Ransomware Awareness for Holidays and Weekends

Published

Aug. 31, 2021, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa21-243a

Summary

Original release date: August 31, 2021 | Last revised: September 2, 2021SummaryImmediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and ...

31.08.2021

Sensormatic Electronics KT-1

Title

Sensormatic Electronics KT-1

Published

Aug. 31, 2021, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-243-01

Summary

This advisory contains mitigations for a Use of Unmaintained Third-party Components vulnerability in Sensormatic Electronics KT-1 Ethernet-ready single-door controller.

31.08.2021

Philips Patient Monitoring Devices (Update A)

Title

Philips Patient Monitoring Devices (Update A)

Published

Aug. 31, 2021, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01

Summary

This updated advisory is a follow-up to the original advisory titled ICSMA-20-254-01 Philips Patient Monitoring Devices that was published September 10, 2020, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for Improper Neutralization of Formula Elements in a CSV File, Cross-site Scripting, Improper Authentication, Improper Check for Certificate ...

26.08.2021

Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000

Title

Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000

Published

Aug. 26, 2021, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-238-01

Summary

This advisory contains mitigation for an Improper Authorization vulnerability in Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000, an enterprise access control and integrated security management system.

26.08.2021

Annke Network Video Recorder

Title

Annke Network Video Recorder

Published

Aug. 26, 2021, 4:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-238-02

Summary

This advisory contains mitigation for a Stack-based Buffer Overflow vulnerability in the Annke N48PBB Network Video Recorder.

26.08.2021

Delta Electronics DIAEnergie

Title

Delta Electronics DIAEnergie

Published

Aug. 26, 2021, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-238-03

Summary

This advisory contains mitigations for Use of Password Hash with Insufficient Computational Effort, Incorrect Authorization, Unrestricted Upload of File with Dangerous Type, SQL Injection, and Cross-site Request Forgery vulnerabilities in the Delta Electronics DIAEnergie industrial energy management system.

24.08.2021

Hitachi ABB Power Grids TropOS

Title

Hitachi ABB Power Grids TropOS

Published

Aug. 24, 2021, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-236-01

Summary

This advisory contains mitigations for Injection, Inadequate Encryption Strength, Missing Authentication for Critical Function, Improper Authentication, Improper Validation of Integrity Check Value, and Improper Input Validation vulnerabilities in Hitachi ABB Power Grids TropOS firmware.

19.08.2021

SSA-816035 V1.0: Code Execution Vulnerability in SINEMA Remote Connect Client

Title

SSA-816035 V1.0: Code Execution Vulnerability in SINEMA Remote Connect Client

Published

Aug. 19, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-816035.pdf

Summary

The latest update for SINEMA Remote Connect Client fixes a vulnerability that could allow a local attacker to escalate privileges or even allow remote code execution under certain circumstances. Siemens has released a firmware update for SINEMA Remote Connect Client and proposes mitigations if an update is not possible.

17.08.2021

US CERT

AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

Title

AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

Published

Aug. 17, 2021, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa21-229a

Summary

Original release date: August 17, 2021 | Last revised: August 23, 2021SummaryOn August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.[1] A remote attacker could exploit CVE-2021-22156 ...

SSA-830194 V1.0: Missing Authentication Vulnerability in S7-1200 Devices

Title

SSA-830194 V1.0: Missing Authentication Vulnerability in S7-1200 Devices

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf

Summary

SIMATIC S7-1200 PLC, version V4.5.0 fails to authenticate against configured passwords when the affected device was provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V17 or later versions to bypass authentication and download arbitrary programs to the PLC. Siemens has released an update for SIMATIC ...

SSA-756744 V1.0: OS Command Injection Vulnerability in SINEC NMS

Title

SSA-756744 V1.0: OS Command Injection Vulnerability in SINEC NMS

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-756744.pdf

Summary

The latest update for SINEC NMS fixes a vulnerability that could allow an authenticated remote attacker to execute arbitrary code on the system, with system privileges, under certain conditions. Siemens has released an update for SINEC NMS and recommends to update to the latest version.

SSA-679335 V1.0: Multiple Vulnerabilities in Embedded FTP Server of SIMATIC NET CP Modules

Title

SSA-679335 V1.0: Multiple Vulnerabilities in Embedded FTP Server of SIMATIC NET CP Modules

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-679335.pdf

Summary

SIMATIC CP 1543-1 and CP 1545-1 devices are affected by multiple vulnerabilities in ProFTPD, a third party component, that could allow a remote attacker to access sensitive information and execute arbitrary code. Siemens has released an update for SIMATIC NET CP 1543-1 and recommends to update to the latest version. ...

SSA-553445 V1.0: DNS "Name:Wreck" Vulnerabilities in Multiple Siemens Energy AGT and SGT solutions

Title

SSA-553445 V1.0: DNS "Name:Wreck" Vulnerabilities in Multiple Siemens Energy AGT and SGT solutions

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf

Summary

One of the DNS-related vulnerabilities that were reported as “Name:Wreck” may affect the following Siemens Energy products: Industrial Gas Turbines SGT-100, SGT-200, SGT-300 and SGT-400 with Allen Bradley control systems Aeroderivative Gas Turbines SGT-A20, SGT-A35 and SGT-A65 with FT125 control systems

SSA-365397 V1.0: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1

Title

SSA-365397 V1.0: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf

Summary

Siemens has released version V13.2.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (CGM, DGN, DXF, and DWG). If a user is tricked to open a malicious file with the affected products, this could lead the ...

SSA-309571 V1.0: IPU 2021.1 Vulnerabilities in Siemens Industrial Products using Intel CPUs (June 2021)

Title

SSA-309571 V1.0: IPU 2021.1 Vulnerabilities in Siemens Industrial Products using Intel CPUs (June 2021)

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf

Summary

Intel has published information on vulnerabilities in Intel products in June 2021. This advisory lists the related Siemens Industrial products affected by these vulnerabilities that can be patched by applying the corresponding BIOS update. In this advisory we summarize: “2021.1 IPU – Intel® CSME, SPS and LMS Advisory” Intel-SA-00459, “2021.1 ...

SSA-158827 V1.0: Denial-of-Service Vulnerability in Automation License Manager

Title

SSA-158827 V1.0: Denial-of-Service Vulnerability in Automation License Manager

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-158827.pdf

Summary

A vulnerability was identified in the Automation License Manager software that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial-of-service preventing legitimate users from using the system. Siemens has released an update for the Automation License Manager 6 and ...

SSA-772220 V1.1 (Last Update: 2021-08-10): OpenSSL Vulnerabilities in Industrial Products

Title

SSA-772220 V1.1 (Last Update: 2021-08-10): OpenSSL Vulnerabilities in Industrial Products

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf

Summary

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent. Siemens is preparing updates and recommends countermeasures for products where updates are not, or not yet ...

SSA-941426 V1.1 (Last Update: 2021-08-10): Multiple LLDP Vulnerabilities in Industrial Products

Title

SSA-941426 V1.1 (Last Update: 2021-08-10): Multiple LLDP Vulnerabilities in Industrial Products

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf

Summary

There are multiple vulnerabilities in an underlying Link Layer Discovery Protocol (LLDP) third party library. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

SSB-439005 V3.6 (Last Update: 2021-08-10): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Title

SSB-439005 V3.6 (Last Update: 2021-08-10): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf

Summary

SSA-324955 V1.3 (Last Update: 2021-08-10): SAD DNS Attack in Linux Based Products

Title

SSA-324955 V1.3 (Last Update: 2021-08-10): SAD DNS Attack in Linux Based Products

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf

Summary

A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. The Siemens products which are affected are listed below. For more information please see https://www.saddns.net/. Siemens has released updates for several affected products and ...

SSA-286838 V1.1 (Last Update: 2021-08-10): Multiple Vulnerabilities in SINAMICS Medium Voltage Products

Title

SSA-286838 V1.1 (Last Update: 2021-08-10): Multiple Vulnerabilities in SINAMICS Medium Voltage Products

Published

Aug. 10, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf

Summary

SINAMICS medium voltage products, with Sm@rtServer enabled on SIMATIC comfort HMI Panels, are affected by multiple vulnerabilities that could allow an attacker, under certain conditions, to gain full remote access to the HMI. Note that by default Sm@rtServer is disabled, but it can be enabled by the system integrator on ...