Bulletins | CERT@VDE

Siemens TIA Portal and SIMATIC STEP 7

Title

Siemens TIA Portal and SIMATIC STEP 7

Published

July 11, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-12

Summary

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).View CSAF 1. EXECUTIVE SUMMARY CVSS ...

Siemens SIMATIC and SIMIT

Title

Siemens SIMATIC and SIMIT

Published

July 11, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-07

Summary

Siemens Remote Connect Server

Title

Siemens Remote Connect Server

Published

July 11, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-01

Summary

https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-06

Siemens RUGGEDCOM

Title

Siemens RUGGEDCOM

Published

July 11, 2024, 2 p.m.

URL

Summary

Siemens RUGGEDCOM APE 1808

Title

Siemens RUGGEDCOM APE 1808

Published

July 11, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-02

Summary

Siemens SCALANCE, RUGGEDCOM, SIPLUS, and SINEC

Title

Siemens SCALANCE, RUGGEDCOM, SIPLUS, and SINEC

Published

July 11, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-05

Summary

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

US CERT

Title

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

Published

July 9, 2024, 4:09 p.m.

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-193a

Summary

EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the red team first performs a no-notice, long-term simulation of nation-state cyber operations. The team mimics the techniques, tradecraft, and behaviors ...

Johnson Controls Illustra Pro Gen 4

Title

Johnson Controls Illustra Pro Gen 4

Published

July 9, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-03

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Exploitable remotely Vendor: Johnson Controls, Inc. Equipment: Illustra Pro Gen 4 Vulnerability: Dependency on Vulnerable Third-Party Component 2. RISK EVALUATION Successful exploitation of this vulnerability could impact confidentiality and integrity of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls ...

Mitsubishi Electric MELIPC Series MI5122-VW

Title

Mitsubishi Electric MELIPC Series MI5122-VW

Published

July 9, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: MI5122-VW Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to tamper with, destroy, disclose, or delete information in the product, or cause a denial-of-service (DoS) condition ...

Johnson Controls Software House C●CURE 9000

Title

Johnson Controls Software House C●CURE 9000

Published

July 9, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-05

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Johnson Controls Inc. Equipment: Software House C●CURE 9000 Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to access credentials used for access to the application. 3. TECHNICAL DETAILS ...

Delta Electronics CNCSoft-G2

Title

Delta Electronics CNCSoft-G2

Published

July 9, 2024, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft-G2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write, Out-of-bounds Read, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a buffer overflow condition and allow remote code execution. 3. TECHNICAL DETAILS ...

SSA-825651 V1.0: Deserialization Vulnerability in SIMATIC STEP 7 (TIA Portal) before V18 Update 2

Title

SSA-825651 V1.0: Deserialization Vulnerability in SIMATIC STEP 7 (TIA Portal) before V18 Update 2

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-825651.html

Summary

Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user-controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released a new version for SIMATIC STEP 7 (TIA Portal) V18 and recommends to update to the ...

SSA-446448 V2.2 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Title

SSA-446448 V2.2 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-446448.html

Summary

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific ...

SSA-398330 V1.7 (Last Update: 2024-07-09): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Title

SSA-398330 V1.7 (Last Update: 2024-07-09): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Summary

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). These GNU/Linux vulnerabilities have been externally identified. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not ...

SSA-824889 V1.0: XML File Parsing Vulnerabilities in JT Open and PLM XML SDK

Title

SSA-824889 V1.0: XML File Parsing Vulnerabilities in JT Open and PLM XML SDK

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-824889.html

Summary

JT Open Toolkit and PLM XML SDK are affected by stack buffer overflow and null pointer dereference vulnerabilities that could be triggered while parsing XML file. If a user is tricked to open a malicious XML file with any of the affected products, this could cause the application to crash ...

SSA-484086 V1.1 (Last Update: 2024-07-09): Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.1

Title

SSA-484086 V1.1 (Last Update: 2024-07-09): Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.1

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-484086.html

Summary

SINEMA Remote Connect Server is affected by multiple vulnerabilities, including A cross-site scripting vulnerability in an error message pop up window (CVE-2022-29034) Several authentication bypass, privilege escalation and integrity check vulnerabilities (CVE-2022-32251 through -32261) A command injection vulnerability in the file upload service (CVE-2022-32262) A chosen-plaintext attack against HTTP over ...

SSA-722010 V1.0: Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go

Title

SSA-722010 V1.0: Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-722010.html

Summary

Siemens Teamcenter Visualization and JT2Go are affected by an out of bounds read vulnerability in the APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution. Siemens ...

SSA-698820 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 devices

Title

SSA-698820 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 devices

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-698820.html

Summary

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.

SSA-473245 V2.7 (Last Update: 2024-07-09): Denial of Service Vulnerability in Profinet Devices

Title

SSA-473245 V2.7 (Last Update: 2024-07-09): Denial of Service Vulnerability in Profinet Devices

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-473245.html

Summary

A vulnerability in affected devices could allow an attacker to perform a denial of service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific ...

SSA-381581 V1.0: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2 SP1

Title

SSA-381581 V1.0: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2 SP1

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-381581.html

Summary

SINEMA Remote Connect Server before V3.2 SP1 is affected by multiple vulnerabilities. Siemens has released a new version for SINEMA Remote Connect Server and recommends to update to the latest version.

SSA-265688 V1.2 (Last Update: 2024-07-09): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP ...

Title

SSA-265688 V1.2 (Last Update: 2024-07-09): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Summary

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.

SSA-832273 V1.4 (Last Update: 2024-07-09): Multiple Vulnerabilities in Fortigate NGFW before V7.4.3 on RUGGEDCOM APE1808 devices

Title

SSA-832273 V1.4 (Last Update: 2024-07-09): Multiple Vulnerabilities in Fortigate NGFW before V7.4.3 on RUGGEDCOM APE1808 devices

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-832273.html

Summary

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.

SSA-780073 V2.4 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets

Title

SSA-780073 V2.4 (Last Update: 2024-07-09): Denial of Service Vulnerability in PROFINET Devices via DCE-RPC Packets

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-780073.html

Summary

Products that include the Siemens PROFINET-IO (PNIO) stack in versions prior V06.00 are potentially affected by a denial of service vulnerability when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. Siemens has released new versions for several affected products and recommends to update to the latest versions. ...

SSA-170375 V1.0: Multiple Vulnerabilities in RUGGEDCOM ROS before V5.9

Title

SSA-170375 V1.0: Multiple Vulnerabilities in RUGGEDCOM ROS before V5.9

Published

July 9, 2024, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-170375.html

Summary

Multiple vulnerabilities affect the RUGGEDCOM Operating System (ROS). The common denominator to all vulnerabilities is the leak of confidential information. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.