SIEMENS CERT
07/14/2020
A clear text transmission vulnerability in SIMATIC HMI panels could allow an attacker to access sensitive information under certain circumstances. Siemens recommends specific countermeasures to mitigate this vulnerability.
SIEMENS CERT
07/14/2020
Intel has published information on vulnerabilities in Intel products in November 2019. In this advisory Siemens only explicitly mentions the vulnerabilities from the “Intel® CPU Security Advisory” and one vulnerability from “Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory” and lists the Siemens IPC …
SIEMENS CERT
07/14/2020
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
07/14/2020
The latest firmware update for the S7-300 CPUs fixes a vulnerability that could allow an unauthenticated attacker with network access to cause a denial-of-service condition. SINUMERIK 840D sl Controller, which contains a S7-300 CPU, is also affected, as well as SIMATIC TDC. Siemens has released updates for several affected products …
SIEMENS CERT
07/14/2020
The latest update for LOGO! 8 BM devices fixes a vulnerability that could allow remote code execution in the web server functionality. Siemens provides a firmware update for the latest versions of LOGO! BM.
SIEMENS CERT
07/14/2020
The latest update for SIMATIC S7-200 SMART fixes a vulnerability that could allow an attacker to cause a permanent Denial-of-Service of an affected device by sending a large number of crafted packets. Siemens has released an update for the SIMATIC S7-200 SMART CPU family and recommends that customers update to …
SIEMENS CERT
07/14/2020
SSA-604937 (Last Update: 2020-07-14): Multiple Web Server Vulnerabilities in Opcenter Execution Core
The latest update of Opcenter Execution Core fixes multiple vulnerabilities where the most severe could allow an attacker to perform a cross-site scripting (XSS) attack under certain conditions. Siemens has released an update for the Opcenter Execution Core and recommends that customers update to the latest version. Siemens recommends specific …
SIEMENS CERT
07/14/2020
SSA-631949 (Last Update: 2020-07-14): Ripple20 and Intel SPS Vulnerabilities in SPPA-T3000 Solutions
SPPA-T3000 solutions are affected by vulnerabilities that were recently dislosed by JSOF research lab (“Ripple20”) for the TCP/IP stack used in APC UPS systems, and by Intel for the Server Platform Services (SPS) used in SPPA-T3000 Application Server and Terminal Server hardware. The advisory provides information to what amount SPAA-T3000 …