Bulletins | CERT@VDE

Schneider Electric PowerChute Serial Shutdown

Title

Schneider Electric PowerChute Serial Shutdown

Published

Jan. 10, 2025, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-010-01

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerChute Serial Shutdown Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of access to the web interface when someone on the local network repeatedly requests the ...

Schneider Electric Harmony HMI and Pro-face HMI Products

Title

Schneider Electric Harmony HMI and Pro-face HMI Products

Published

Jan. 10, 2025, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-010-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Harmony HMI and Pro-face HMI Products Vulnerability: Use of Unmaintained Third-Party Components 2. RISK EVALUATION Successful exploitation of this vulnerability could cause complete control of the device when an authenticated user installs malicious ...

Delta Electronics DRASimuCAD

Title

Delta Electronics DRASimuCAD

Published

Jan. 10, 2025, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-010-03-0

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DRASimuCAD Vulnerabilities: Out-of-bounds Write, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device or potentially allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ...

Delta Electronics DRASimuCAD (Update A)

Title

Delta Electronics DRASimuCAD (Update A)

Published

Jan. 10, 2025, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-010-03

Summary

07.01.2025

Nedap Librix Ecoreader

Title

Nedap Librix Ecoreader

Published

Jan. 7, 2025, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-007-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Nedap Librix Equipment: Ecoreader Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Ecoreader are ...

07.01.2025

ABB ASPECT-Enterprise, NEXUS, and MATRIX Series Products

Title

ABB ASPECT-Enterprise, NEXUS, and MATRIX Series Products

Published

Jan. 7, 2025, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-007-01

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: ASPECT-Enterprise, NEXUS, and MATRIX series Vulnerabilities: Files or Directories Accessible to External Parties, Improper Validation of Specified Type of Input, Cleartext Transmission of Sensitive Information, Cross-site Scripting, Server-Side Request Forgery (SSRF), Improper Neutralization of ...

December 2024

Hitachi Energy RTU500 series CMU

Title

Hitachi Energy RTU500 series CMU

Published

Dec. 19, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-01

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: RTU500 series CMU Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 ...

Schneider Electric Accutech Manager

Title

Schneider Electric Accutech Manager

Published

Dec. 19, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-06

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Accutech Manager Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation could allow an attacker to cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP. 3. ...

Hitachi Energy SDM600

Title

Hitachi Energy SDM600

Published

Dec. 19, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable from adjacent network Vendor: Hitachi Energy Equipment: SDM600 Vulnerabilities: Origin Validation Error, Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges and access sensitive information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi ...

Delta Electronics DTM Soft

Title

Delta Electronics DTM Soft

Published

Dec. 19, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-03

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DTM Soft Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Delta Electronics products ...

Siemens User Management Component

Title

Siemens User Management Component

Published

Dec. 19, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-04

Summary

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS ...

Tibbo AggreGate Network Manager

Title

Tibbo AggreGate Network Manager

Published

Dec. 19, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-05

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Tibbo Equipment: AggreGate Network Manager Vulnerability: Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve code execution on the affected device. 3. TECHNICAL DETAILS ...

ThreatQuotient ThreatQ Platform

Title

ThreatQuotient ThreatQ Platform

Published

Dec. 17, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-01

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ThreatQuotient Inc. Equipment: ThreatQ Platform Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ThreatQuotient ...

Schneider Electric Modicon

Title

Schneider Electric Modicon

Published

Dec. 17, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-04

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon M241 / M251 / M258 / LMC058 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a denial-of-service and a loss of confidentiality and integrity in ...

Rockwell Automation PowerMonitor 1000 Remote

Title

Rockwell Automation PowerMonitor 1000 Remote

Published

Dec. 17, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-03

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerMonitor 1000 Remote Vulnerabilities: Unprotected Alternate Channel, Heap-based Buffer Overflow, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform edit operations, create admin users, perform ...

Hitachi Energy TropOS Devices Series 1400/2400/6400

Title

Hitachi Energy TropOS Devices Series 1400/2400/6400

Published

Dec. 17, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TropOS Devices Series 1400/2400/6400 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following ...

16.12.2024

SIEMENS CERT

SSA-928984 V1.0: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)

Title

SSA-928984 V1.0: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)

Published

Dec. 16, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-928984.html

Summary

Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for ...

Siemens SENTRON Powercenter 1000

Title

Siemens SENTRON Powercenter 1000

Published

Dec. 12, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-10

Summary

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY ...

Siemens Teamcenter Visualization

Title

Siemens Teamcenter Visualization

Published

Dec. 12, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-09

Summary

Siemens Solid Edge SE2024

Title

Siemens Solid Edge SE2024

Published

Dec. 12, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-07

Summary

Siemens CPCI85 Central Processing/Communication

Title

Siemens CPCI85 Central Processing/Communication

Published

Dec. 12, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-01

Summary

SSA-979056 V1.1 (Last Update: 2024-12-12): Out of Bounds Write Vulnerability in Parasolid

SIEMENS CERT

Title

SSA-979056 V1.1 (Last Update: 2024-12-12): Out of Bounds Write Vulnerability in Parasolid

Published

Dec. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-979056.html

Summary

Parasolid is affected by an out of bounds write vulnerability that could be triggered when the application is parsing X_T data or a specially crafted file in X_T format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to ...

SSA-097435 V1.7 (Last Update: 2024-12-12): Usernames Disclosure Vulnerability in Mendix Runtime

SIEMENS CERT

Title

SSA-097435 V1.7 (Last Update: 2024-12-12): Usernames Disclosure Vulnerability in Mendix Runtime

Published

Dec. 12, 2024, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-097435.html

Summary

Mendix Runtime contains an observable response discrepancy vulnerability when validating usernames during authentication. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames. Siemens has released new versions for the affected products and recommends to update to the latest versions. Note that some, Mendix Runtime version lines ...

10.12.2024

Rockwell Automation Arena (Update A)

Title

Rockwell Automation Arena (Update A)

Published

Dec. 10, 2024, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-24-345-06

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Vulnerabilities: Use After Free, Out-of-bounds Write, Improper Initialization, Out-of-bounds Read, Dependency on Vulnerable Third-Party Component 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in execution of arbitrary code. 3. TECHNICAL DETAILS ...

10.12.2024