February 2023
14.02.2023
SIEMENS CERT
SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products
Title
SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf
Summary
Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
14.02.2023
SIEMENS CERT
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Title
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf
Summary
Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.
09.02.2023
US CERT
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Title
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Published
Feb. 9, 2023, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-040a
Summary
Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...
09.02.2023
US CERT (ICS)
Control By Web X-400, X-600M
Title
Control By Web X-400, X-600M
Published
Feb. 9, 2023, 4:25 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-01
Summary
09.02.2023
US CERT (ICS)
LS ELECTRIC XBC-DN32U
Title
LS ELECTRIC XBC-DN32U
Published
Feb. 9, 2023, 4:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-02
Summary
09.02.2023
US CERT (ICS)
Johnson Controls System Configuration Tool (SCT)
Title
Johnson Controls System Configuration Tool (SCT)
Published
Feb. 9, 2023, 4:15 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-03
Summary
09.02.2023
US CERT (ICS)
Horner Automation Cscape Envision RV
Title
Horner Automation Cscape Envision RV
Published
Feb. 9, 2023, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-04
Summary
09.02.2023
US CERT (ICS)
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)
Title
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)
Published
Feb. 9, 2023, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-179-02
Summary
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.
08.02.2023
US CERT
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Title
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Published
Feb. 8, 2023, 5:14 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-039a
Summary
Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...
07.02.2023
US CERT (ICS)
EnOcean SmartServer
Title
EnOcean SmartServer
Published
Feb. 7, 2023, 4 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-037-01
Summary
02.02.2023
US CERT (ICS)
Delta Electronics DIAScreen
Title
Delta Electronics DIAScreen
Published
Feb. 2, 2023, 4:25 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-01
Summary
02.02.2023
US CERT (ICS)
Mitsubishi Electric GOT2000 Series and GT SoftGOT2000
Title
Mitsubishi Electric GOT2000 Series and GT SoftGOT2000
Published
Feb. 2, 2023, 4:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-02
Summary
02.02.2023
US CERT (ICS)
Baicells Nova
Title
Baicells Nova
Published
Feb. 2, 2023, 4:15 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-03
Summary
02.02.2023
US CERT (ICS)
Delta Electronics DVW-W02W2-E2
Title
Delta Electronics DVW-W02W2-E2
Published
Feb. 2, 2023, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-04
Summary
02.02.2023
US CERT (ICS)
Delta Electronics DX-2100-L1-CN
Title
Delta Electronics DX-2100-L1-CN
Published
Feb. 2, 2023, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-05
Summary
02.02.2023
US CERT (ICS)
Mitsubishi Electric Multiple Factory Automation Products (Update D)
Title
Mitsubishi Electric Multiple Factory Automation Products (Update D)
Published
Feb. 2, 2023, 4 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-221-01
Summary
January 2023
31.01.2023
US CERT
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Title
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a
Summary
Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In the course of incident response activities, CISA determined that cyber threat actors exploited the Log4Shell vulnerability in an unpatched VMware ...
31.01.2023
US CERT
#StopRansomware: Hive Ransomware
Title
#StopRansomware: Hive Ransomware
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a
Summary
Summary Actions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords • Close unused ports and remove any application not deemed necessary for day-to-day operations. Note: This joint Cybersecurity Advisory (CSA) is part of an ...
31.01.2023
US CERT
Impacket and Exfiltration Tool Used to Steal Sensitive ...
Title
<a href="/news-events/cybersecurity-advisories/aa22-277a" hreflang="en">Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-277a
Summary
31.01.2023
US CERT
Iranian Government-Sponsored APT Actors Compromise Fede...
Title
<a href="/news-events/cybersecurity-advisories/aa22-320a" hreflang="en">Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a
Summary
31.01.2023
US CERT
Protecting Against Malicious Use of Remote Monitoring and Management Software
Title
Protecting Against Malicious Use of Remote Monitoring and Management Software
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a
Summary
Summary The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders about malicious use of legitimate remote monitoring and management (RMM) software. In ...
31.01.2023
US CERT
#StopRansomware: Daixin Team
Title
<a href="/news-events/cybersecurity-advisories/aa22-294a" hreflang="en">#StopRansomware: Daixin Team</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-294a
Summary
31.01.2023
US CERT
Top CVEs Actively Exploited By People’s Republic of Chi...
Title
<a href="/news-events/cybersecurity-advisories/aa22-279a" hreflang="en">Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-279a
Summary
31.01.2023
US CERT
#StopRansomware: Hive Ransomware
Title
<a href="/news-events/cybersecurity-advisories/aa22-321a" hreflang="en">#StopRansomware: Hive Ransomware</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a
Summary
31.01.2023
US CERT
#StopRansomware: Cuba Ransomware
Title
#StopRansomware: Cuba Ransomware
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a
Summary
Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for ...

Last Updates

BOSCH PSIRT
10.06.2025
SIEMENS CERT
21.07.2025
US CERT
29.07.2025
US CERT (ICS)
07.08.2025

By Source

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds