Bulletins | CERT@VDE

https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-02

OSCAT Basic Library

Title

OSCAT Basic Library

Published

Nov. 21, 2024, 1 p.m.

URL

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Low attack complexity Vendor: CODESYS GmbH Equipment: OSCAT Basic Library Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability allows an local, unprivileged attacker to access limited internal data of the PLC, which may lead to a crash of ...

21.11.2024

mySCADA myPRO Manager

Title

mySCADA myPRO Manager

Published

Nov. 21, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-07

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: OS Command Injection, Improper Authentication, Missing Authentication for Critical Function, Path Traversal. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands or disclose sensitive ...

18.11.2024

SSA-824503 V1.0: Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation Before V2302.0018 and V2404.0007

Title

SSA-824503 V1.0: Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation Before V2302.0018 and V2404.0007

Published

Nov. 18, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-824503.html

Summary

Siemens Tecnomatix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code ...

Rockwell Automation Verve Reporting (Update A)

Title

Rockwell Automation Verve Reporting (Update A)

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-13

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Verve Reporting Vulnerability: Dependency on Vulnerable Third-Party Component 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Verve ...

Siemens SCALANCE M-800 Family

Title

Siemens SCALANCE M-800 Family

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06

Summary

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...

Siemens OZW672 and OZW772 Web Server

Title

Siemens OZW672 and OZW772 Web Server

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-03

Summary

Siemens Engineering Platforms

Title

Siemens Engineering Platforms

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-07

Summary

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-17

2N Access Commander

Title

2N Access Commander

Published

Nov. 14, 2024, 1 p.m.

URL

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: 2N Equipment: Access Commander Vulnerabilities: Path Traversal, Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate their privileges, execute arbitrary code, or gain root access to ...

Rockwell Automation Arena Input Analyzer

Title

Rockwell Automation Arena Input Analyzer

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-15

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Input Analyzer Vulnerability: Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code on the program. 3. ...

Rockwell Automation FactoryTalk Updater

Title

Rockwell Automation FactoryTalk Updater

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-14

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Updater Vulnerabilities: Insecure Storage of Sensitive Information, Improper Input Validation, Improperly Implemented Security Check for Standard 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an authentication bypass, remote code ...

Siemens TeleControl Server

Title

Siemens TeleControl Server

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-10

Summary

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-02

Siemens SIPORT

Title

Siemens SIPORT

Published

Nov. 14, 2024, 1 p.m.

URL

Summary

Rockwell Automation FactoryTalk Updater (Update A)

Title

Rockwell Automation FactoryTalk Updater (Update A)

Published

Nov. 14, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-14

Summary

13.11.2024

SSA-472448 V1.0: Security Bypass Vulnerability in the SQL Client-Server Communication in Siveillance Video

Title

SSA-472448 V1.0: Security Bypass Vulnerability in the SQL Client-Server Communication in Siveillance Video

Published

Nov. 13, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-472448.html

Summary

Siveillance Video is affected by a security bypass vulnerability in the Microsoft .NET implementation of SQL Client as described in CVE-2024-0056. Siemens has released new versions for the affected products and recommends to update to the latest versions.

Hitachi Energy TRO600

Title

Hitachi Energy TRO600

Published

Nov. 12, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-317-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TRO600 Series Vulnerabilities: Command Injection, Improper Removal of Sensitive Information Before Storage or Transfer 2. RISK EVALUATION Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for ...

SSA-654798 V1.0: Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices

Title

SSA-654798 V1.0: Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-654798.html

Summary

SIMATIC CP 1543-1 devices contain an Incorrect Authorization vulnerability that could allow an unauthenticated attacker to gain access to the filesystem. Siemens has released a new version for SIMATIC CP 1543-1 V4.0 and recommends to update to the latest version.

SSA-331112 V1.0: Multiple Vulnerabilities in SINEC NMS Before V3.0 SP1

Title

SSA-331112 V1.0: Multiple Vulnerabilities in SINEC NMS Before V3.0 SP1

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-331112.html

Summary

SINEC NMS before V3.0 SP1 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC NMS and recommends to update to the latest version.

SSA-876787 V1.1 (Last Update: 2024-11-12): Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs

Title

SSA-876787 V1.1 (Last Update: 2024-11-12): Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-876787.html

Summary

Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link. Siemens ...

SSA-883918 V1.2 (Last Update: 2024-11-12): Information Disclosure Vulnerability in SIMATIC WinCC

Title

SSA-883918 V1.2 (Last Update: 2024-11-12): Information Disclosure Vulnerability in SIMATIC WinCC

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-883918.html

Summary

Multiple versions of SIMATIC WinCC and SIMATIC PCS 7 do not properly handle certain requests to their web application (WinCC WebNavigator, PCS 7 Web Server, and PCS 7 Web Diagnostics Server), which may lead to the leak of privileged information. This could allow an unauthenticated remote attacker to retrieve information ...

SSA-914892 V1.0: Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime

Title

SSA-914892 V1.0: Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-914892.html

Summary

The basic authentication mechanism of Mendix Runtime contains a race condition vulnerability which could allow unauthenticated remote attackers to circumvent default account lockout measures. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are ...

SSA-354112 V1.0: Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2

Title

SSA-354112 V1.0: Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-354112.html

Summary

SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-773256 V1.1 (Last Update: 2024-11-12): Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products

Title

SSA-773256 V1.1 (Last Update: 2024-11-12): Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-773256.html

Summary

A Socket.IO vulnerability affects multiple Siemens industrial products. This vulnerability consists of a specially crafted Socket.IO packet that triggers an uncaught exception on the Socket.IO server killing the Node.js process allowing a remote attacker to cause Denial-of-Service condition in the affected products. Siemens has released new versions for several affected ...

SSA-454789 V1.0: Deserialization Vulnerability in TeleControl Server Basic V3.1

Title

SSA-454789 V1.0: Deserialization Vulnerability in TeleControl Server Basic V3.1

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-454789.html

Summary

TeleControl Server Basic V3.1 contains a deserialization vulnerability that could allow an unauthenticated attacker to execute arbitrary code on the device. Siemens has released new versions for the affected products and recommends to update to the latest versions.

SSA-039007 V1.2 (Last Update: 2024-11-12): Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)

Title

SSA-039007 V1.2 (Last Update: 2024-11-12): Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)

Published

Nov. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-039007.html

Summary

Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for ...