Bulletins | CERT@VDE

Siemens RUGGEDCOM Devices (Update A)

Title

Siemens RUGGEDCOM Devices (Update A)

Published

April 15, 2022, 4:46 a.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-01

Summary

This updated advisory is a follow-up to the original advisory titled ICSA-22-069-01 Siemens RUGGEDCOM Devices that was published March 10, 2022, to the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for a Missing Encryption of Sensitive Data vulnerability in devices using the Siemens RUGGEDCOM software platform.

Delta Electronics DMARS

Title

Delta Electronics DMARS

Published

April 14, 2022, 5:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-01

Summary

This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in the Delta Electronics DMARS program development tool.

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-03

Red Lion DA50N

Title

Red Lion DA50N

Published

April 14, 2022, 5:16 p.m.

URL

Summary

This advisory contains mitigation for Insufficient Verification of Data Authenticity, Weak Password Requirements, Use of Unmaintained Third-Party Components, and Insufficiently Protected Credentials vulnerabilities in the Red Lion DA50N networking gateway.

Siemens SCALANCE FragAttacks

Title

Siemens SCALANCE FragAttacks

Published

April 14, 2022, 5:14 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-04

Summary

This advisory contains mitigations for Improper Authentication, Injection, Improper Validation of Integrity Check, and Improper Input Validation vulnerabilities in the Siemens SCALANCE FragAttacks.

Siemens OpenSSL Vulnerabilities in Industrial Products

Title

Siemens OpenSSL Vulnerabilities in Industrial Products

Published

April 14, 2022, 5:12 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-05

Summary

This advisory contains mitigations for a NULL Pointer Dereference vulnerability in the Siemens OpenSSL.

Siemens PROFINET Stack Integrated on Interniche Stack

Title

Siemens PROFINET Stack Integrated on Interniche Stack

Published

April 14, 2022, 5:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-06

Summary

This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability in the Siemens PROFINET Stack Integrated on Interniche Stack.

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-07

Siemens Mendix

Title

Siemens Mendix

Published

April 14, 2022, 5:08 p.m.

URL

Summary

This advisory contains mitigations for an Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Siemens Mendix, a software platform to build mobile and web applications.

Siemens SCALANCE W1700

Title

Siemens SCALANCE W1700

Published

April 14, 2022, 5:06 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-08

Summary

This advisory contains mitigations for Race Condition, and Improper Input Validation vulnerabilities in the Siemens SCALANCE W1700 wireless communication device.

Siemens SCALANCE X-300 Switches

Title

Siemens SCALANCE X-300 Switches

Published

April 14, 2022, 5:04 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-09

Summary

This advisory contains mitigations for Improper Input Validation, Use of Insufficiently Random Values, Stack-based Buffer Overflow, Cross-site Request Forgery, Improper Access Control, Basic XSS, Classic Buffer Overflow, Out-of-bounds Read vulnerabilities in Siemens SCALANCE X-300 Switches.

13.04.2022

US CERT

AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices

Title

AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices

Published

April 13, 2022, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-103a

Summary

Original release date: April 13, 2022SummaryActions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to ...

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-01

Valmet DNA

Title

Valmet DNA

Published

April 12, 2022, 4:20 p.m.

URL

Summary

This advisory contains mitigations for an Inadequate Encryption Strength vulnerability in Valmet DNA distributed control system products.

Mitsubishi Electric MELSEC-Q Series C Controller Module

Title

Mitsubishi Electric MELSEC-Q Series C Controller Module

Published

April 12, 2022, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-02

Summary

This advisory contains mitigations for a Heap-based Buffer Overflow vulnerability in some MELSEC-Q Series C Controller Modules using Wind River VxWorks Version 6.4.

Mitsubishi Electric GT25-WLAN

Title

Mitsubishi Electric GT25-WLAN

Published

April 12, 2022, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-04

Summary

This advisory contains mitigations for Improper Removal of Sensitive Information Before Storage or Transfer, Inadequate Encryption Strength, Missing Authentication for Critical Function, Injection, and Improper Input Validation vulnerabilities in Mitsubishi Electric GT25-WLAN wireless communication units.

Aethon TUG Home Base Server

Title

Aethon TUG Home Base Server

Published

April 12, 2022, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-05

Summary

This advisory contains mitigations for Missing Authorization, Channel Accessible by Non-endpoint, and Cross-site Scripting vulnerabilities in the Aethon TUG Home Base Server; a server used to control and communicate with autonomous mobile robots in hospitals.

SSA-301589 V1.2 (Last Update: 2022-04-12): Multiple File Parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization

Title

SSA-301589 V1.2 (Last Update: 2022-04-12): Multiple File Parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf

Summary

Siemens has released updates for JT2Go, Solid Edge and Teamcenter Visualization to fix multiple file parsing vulnerabilities. If a user is tricked to open a malicious file (crafted as PDF, DXF or PAR) with any of the affected products, this could lead the application to crash or potentially lead to ...

SSA-772220 V1.8 (Last Update: 2022-04-12): OpenSSL Vulnerabilities in Industrial Products

Title

SSA-772220 V1.8 (Last Update: 2022-04-12): OpenSSL Vulnerabilities in Industrial Products

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf

Summary

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent . Siemens has released updates for several affected products and recommends to update to the latest ...

SSA-446448 V1.0: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Title

SSA-446448 V1.0: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf

Summary

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

SSA-273799 V1.3 (Last Update: 2022-04-12): Message Integrity Protection Bypass Vulnerability in SIMATIC Products

Title

SSA-273799 V1.3 (Last Update: 2022-04-12): Message Integrity Protection Bypass Vulnerability in SIMATIC Products

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf

Summary

A message integrity protection bypass vulnerability has been identified in several SIMATIC products. The vulnerability could allow an attacker in a Man-in-the-Middle position to modify network traffic exchanged on port 102/tcp to PLCs of the SIMATIC S7-1200, SIMATIC S7-1500 and SIMATIC SoftwareController CPU families. Siemens has released updates for several ...

SSA-316850 V1.0: Unauthenticated File Access in SICAM A8000 Devices

Title

SSA-316850 V1.0: Unauthenticated File Access in SICAM A8000 Devices

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-316850.pdf

Summary

SICAM A8000 CP-8050 and CP-8031 devices contain vulnerabilities that could allow an attacker to access files without authentication. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-913875 V1.3 (Last Update: 2022-04-12): Frame Aggregation and Fragmentation Vulnerabilities in 802.11

Title

SSA-913875 V1.3 (Last Update: 2022-04-12): Frame Aggregation and Fragmentation Vulnerabilities in 802.11

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

Summary

Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published. Successful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation. The ...

SSA-114589 V1.2 (Last Update: 2022-04-12): Multiple Vulnerabilities in Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Prod...

Title

SSA-114589 V1.2 (Last Update: 2022-04-12): Multiple Vulnerabilities in Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf

Summary

Multiple vulnerabilities (also known as “NUCLEUS:13”) have be identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-044112: https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf. The products listed below use affected versions of the Nucleus software and inherently contain these vulnerabilities. Siemens has released updates for several affected products and ...

SSA-787292 V1.1 (Last Update: 2022-04-12): Denial-of-Service Vulnerability in SIMATIC RFID Readers

Title

SSA-787292 V1.1 (Last Update: 2022-04-12): Denial-of-Service Vulnerability in SIMATIC RFID Readers

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf

Summary

The latest updates for SIMATIC RF products fix a vulnerability that could allow an unauthorized attacker to crash the OPC UA service of the affected devices. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific ...

SSA-312271 V2.0 (Last Update: 2022-04-12): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications

Title

SSA-312271 V2.0 (Last Update: 2022-04-12): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications

Published

April 12, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf

Summary

Several industrial products as listed below contain a local privilege escalation vulnerabilities that could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges. Siemens has released updates for the affected products and recommends to update to the latest versions.