SIEMENS CERT
06/11/2019
Two vulnerabilities have been identified in SIEMENS LOGO!8 devices. The Session ID on the integrated webserver of LOGO!8 devices is not invalidated upon logout. The second vulnerability could allow an attacker with network access to port 10005/tcp to cause a Denial-of-Service condition by sending specifically crafted packages to the service. …
SIEMENS CERT
06/11/2019
The SIMATIC Ident MV420 and MV440 families are affected by two web vulnerabilities. The vulnerabilities could allow an authenticated user to escalate privileges, or might expose sensitive information to an attacker that is able to eavesdrop the communication. Siemens provides mitigations.
SIEMENS CERT
06/11/2019
SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C are affected by a vulnerability that could allow an unprivileged attacker located in the same local network segment (OSI Layer 2) to gain system privileges by sending a specially crafted DHCP response to a client's DHCP request. Siemens has released …
SIEMENS CERT
06/11/2019
Security researchers published information on vulnerabilities known as Foreshadow and L1 Terminal Fault (L1TF). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
SIEMENS CERT
06/11/2019
A vulnerability has been identified in the OPC UA server of several industrial products. The vulnerability could cause a Denial-of-Service condition on the service or the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and …
SIEMENS CERT
06/11/2019
A vulnerability in the affected devices could allow an unauthorized attacker with network access to the webserver of an affected device to perform a denial-of-service attack. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and recommends …
SIEMENS CERT
05/24/2019
Microsoft has released updates for several versions of Microsoft Windows, which fix a vulnerability in the Remote Desktop Service. The vulnerability could allow an unauthenticated remote attacker to execute arbitrary code on the target system if the system exposes the service to the network. Some Radiography and Mobile X-ray products …