SIEMENS CERT
02/10/2020
A potential vulnerability was discovered in the SINAMICS S/G converter family which might allow attackers to access administrative functions on the device without authentication. Siemens addresses the issue by a firmware update.
SIEMENS CERT
02/10/2020
Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
02/10/2020
Versions of SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET200SP Open Controller are affected by a denial-of-service vulnerability. An attacker with network access to the PLC can cause a Denial-of-Service condition on the network stack.
SIEMENS CERT
02/10/2020
Siemens has released a firmware update for the SIMATIC S7-300 CPU family which fixes a vulnerability that could allow remote attackers to perform a Denial-of-Service attack under certain conditions.
SIEMENS CERT
02/10/2020
Siemens became aware that the discontinued products SIMATIC S7-1200 CPUs prior to version 4 could allow for the circumvention of user program block protection under certain conditions.
SIEMENS CERT
02/10/2020
A potential vulnerability was discovered in the web server’s authentication of SCALANCE X-200 switches that might allow attackers to hijack web sessions over the network without authentication. Siemens addresses the issue with a firmware update.
SIEMENS CERT
02/10/2020
SIEMENS CERT
02/10/2020
The latest product release of the SIMATIC S7-1200 CPU fixes two vulnerabilities. The more severe of these vulnerabilities could allow an attacker to inject HTTP headers if unsuspecting users are tricked to click on a malicious link. Another vulnerability resolved in this product release is discussed below.