Bulletins | CERT@VDE

SSA-593272 V2.0 (Last Update: 2023-02-14): SegmentSmack in Interniche IP-Stack based Industrial Devices

Title

SSA-593272 V2.0 (Last Update: 2023-02-14): SegmentSmack in Interniche IP-Stack based Industrial Devices

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf

Summary

A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released updates for several ...

SSA-617755 V1.0: Denial of Service Vulnerability in the SNMP Agent of SCALANCE X-200IRT Products

Title

SSA-617755 V1.0: Denial of Service Vulnerability in the SNMP Agent of SCALANCE X-200IRT Products

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-617755.pdf

Summary

Products of the SCALANCE X-200IRT switch family are affected by a denial of service vulnerability in the SNMP agent that could allow remote attackers to cause a denial of service condition. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-744259 V1.0: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1

Title

SSA-744259 V1.0: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf

Summary

Siemens has released a new version for Brownfield Connectivity - Gateway that contains fixes for multiple vulnerabilities in the underlying Golang implementation. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Gateway and recommends to update to the ...

SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation

Title

SSA-847261 V1.0: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf

Summary

Siemens Tecnomatix Plant Simulation has released an update, 2201 Update 6, that fixes multiple vulnerabilities that could be triggered when the application reads SPP files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary ...

SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid

Title

SSA-836777 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf

Summary

JT Open Toolkit, JT Utilities and Parasolid are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary ...

SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15

Title

SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf

Summary

Siemens has released a new version for Brownfield Connectivity - Client that contains fixes for multiple vulnerabilities in the underlying OpenSSL library. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Client and recommends to update to the ...

AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

Title

AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

Published

Feb. 9, 2023, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa23-040a

Summary

Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...

Control By Web X-400, X-600M

Title

Control By Web X-400, X-600M

Published

Feb. 9, 2023, 4:25 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-01

Summary

LS ELECTRIC XBC-DN32U

Title

LS ELECTRIC XBC-DN32U

Published

Feb. 9, 2023, 4:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-02

Summary

Johnson Controls System Configuration Tool (SCT)

Title

Johnson Controls System Configuration Tool (SCT)

Published

Feb. 9, 2023, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-03

Summary

Horner Automation Cscape Envision RV

Title

Horner Automation Cscape Envision RV

Published

Feb. 9, 2023, 4:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-04

Summary

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Title

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Published

Feb. 9, 2023, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-179-02

Summary

This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.

08.02.2023

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Title

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Published

Feb. 8, 2023, 5:14 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa23-039a

Summary

Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...

07.02.2023

https://us-cert.cisa.gov/ics/advisories/icsa-23-037-01

EnOcean SmartServer

Title

EnOcean SmartServer

Published

Feb. 7, 2023, 4 p.m.

URL

Summary

Delta Electronics DIAScreen

Title

Delta Electronics DIAScreen

Published

Feb. 2, 2023, 4:25 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-01

Summary

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000

Title

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000

Published

Feb. 2, 2023, 4:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-02

Summary

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-03

Baicells Nova

Title

Baicells Nova

Published

Feb. 2, 2023, 4:15 p.m.

URL

Summary

Delta Electronics DVW-W02W2-E2

Title

Delta Electronics DVW-W02W2-E2

Published

Feb. 2, 2023, 4:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-04

Summary

Delta Electronics DX-2100-L1-CN

Title

Delta Electronics DX-2100-L1-CN

Published

Feb. 2, 2023, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-05

Summary

Mitsubishi Electric Multiple Factory Automation Products (Update D)

Title

Mitsubishi Electric Multiple Factory Automation Products (Update D)

Published

Feb. 2, 2023, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-221-01

Summary

January 2023

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a

#StopRansomware: Cuba Ransomware

Title

<a href="/news-events/cybersecurity-advisories/aa22-335a" hreflang="en">#StopRansomware: Cuba Ransomware</a>

Published

Jan. 31, 2023, 10:32 p.m.

URL

Summary

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a

Protecting Against Malicious Use of Remote Monitoring a...

Title

<a href="/news-events/cybersecurity-advisories/aa23-025a" hreflang="en">Protecting Against Malicious Use of Remote Monitoring and Management Software</a>

Published

Jan. 31, 2023, 10:32 p.m.

URL

Summary

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a

#StopRansomware: Hive Ransomware

Title

<a href="/news-events/cybersecurity-advisories/aa22-321a" hreflang="en">#StopRansomware: Hive Ransomware</a>

Published

Jan. 31, 2023, 10:32 p.m.

URL

Summary

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-294a

#StopRansomware: Daixin Team

Title

<a href="/news-events/cybersecurity-advisories/aa22-294a" hreflang="en">#StopRansomware: Daixin Team</a>

Published

Jan. 31, 2023, 10:32 p.m.

URL

Summary