Bulletins | CERT@VDE

SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15

Title

SSA-953464 V1.0: Multiple Vulnerabilites in Siemens Brownfield Connectivity - Client before V2.15

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf

Summary

Siemens has released a new version for Brownfield Connectivity - Client that contains fixes for multiple vulnerabilities in the underlying OpenSSL library. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS). Siemens has released an update for Brownfield Connectivity - Client and recommends to update to the ...

SSA-658793 V1.0: Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP

Title

SSA-658793 V1.0: Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-658793.pdf

Summary

SiPass integrated ACC (Advanced Central Controller) devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges. Siemens has released updates for the affected products and recommends to update to the ...

SSA-712929 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Prod...

Title

SSA-712929 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf

Summary

A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest ...

SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Title

SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf

Summary

SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Title

SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf

Summary

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime

Title

SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf

Summary

Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family

Title

SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf

Summary

Insyde has published information on vulnerabilities in Insyde BIOS in November 2022. These vulnerabilities also affect the RUGGEDCOM APE1808 product family. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

SSA-506569 V1.1 (Last Update: 2023-02-14): Multiple Vulnerabilities in SCALANCE W1750D

Title

SSA-506569 V1.1 (Last Update: 2023-02-14): Multiple Vulnerabilities in SCALANCE W1750D

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf

Summary

The SCALANCE W1750D device contains multiple vulnerabilities that could allow an attacker to inject commands or exploit buffer overflow vulnerabilities which could lead to denial of service, unauthenticated remote code execution or stored XSS. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-640968 V1.0: Untrusted Search Path Vulnerability in TIA Project-Server formerly known as TIA Multiuser Server

Title

SSA-640968 V1.0: Untrusted Search Path Vulnerability in TIA Project-Server formerly known as TIA Multiuser Server

Published

Feb. 14, 2023, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf

Summary

TIA Project-Server formerly known as TIA Multiuser Server contains an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path. Siemens has released updates for several affected products and recommends to update to the ...

AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

Title

AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

Published

Feb. 9, 2023, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa23-040a

Summary

Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...

Control By Web X-400, X-600M

Title

Control By Web X-400, X-600M

Published

Feb. 9, 2023, 4:25 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-01

Summary

LS ELECTRIC XBC-DN32U

Title

LS ELECTRIC XBC-DN32U

Published

Feb. 9, 2023, 4:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-02

Summary

Johnson Controls System Configuration Tool (SCT)

Title

Johnson Controls System Configuration Tool (SCT)

Published

Feb. 9, 2023, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-03

Summary

Horner Automation Cscape Envision RV

Title

Horner Automation Cscape Envision RV

Published

Feb. 9, 2023, 4:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-04

Summary

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Title

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Published

Feb. 9, 2023, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-179-02

Summary

This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.

08.02.2023

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Title

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Published

Feb. 8, 2023, 5:14 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa23-039a

Summary

Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...

07.02.2023

https://us-cert.cisa.gov/ics/advisories/icsa-23-037-01

EnOcean SmartServer

Title

EnOcean SmartServer

Published

Feb. 7, 2023, 4 p.m.

URL

Summary

Delta Electronics DIAScreen

Title

Delta Electronics DIAScreen

Published

Feb. 2, 2023, 4:25 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-01

Summary

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000

Title

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000

Published

Feb. 2, 2023, 4:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-02

Summary

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-03

Baicells Nova

Title

Baicells Nova

Published

Feb. 2, 2023, 4:15 p.m.

URL

Summary

Delta Electronics DVW-W02W2-E2

Title

Delta Electronics DVW-W02W2-E2

Published

Feb. 2, 2023, 4:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-04

Summary

Delta Electronics DX-2100-L1-CN

Title

Delta Electronics DX-2100-L1-CN

Published

Feb. 2, 2023, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-05

Summary

Mitsubishi Electric Multiple Factory Automation Products (Update D)

Title

Mitsubishi Electric Multiple Factory Automation Products (Update D)

Published

Feb. 2, 2023, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-221-01

Summary

January 2023

31.01.2023

#StopRansomware: Cuba Ransomware

Title

#StopRansomware: Cuba Ransomware

Published

Jan. 31, 2023, 10:32 p.m.

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a

Summary

Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for ...

31.01.2023