Bulletins | CERT@VDE

https://us-cert.cisa.gov/ics/advisories/icsma-22-088-01

Philips e-Alert

Title

Philips e-Alert

Published

March 29, 2022, 4:25 p.m.

URL

Summary

This advisory contains mitigations for Missing Authentication for Critical Function vulnerability in the Philips e-Alert MRI system monitoring platform.

Rockwell Automation ISaGRAF

Title

Rockwell Automation ISaGRAF

Published

March 29, 2022, 4:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-088-01

Summary

This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Rockwell Automation ISaGRAF software products.

https://us-cert.cisa.gov/ics/advisories/icsa-22-088-02

Omron CX-Position

Title

Omron CX-Position

Published

March 29, 2022, 4:15 p.m.

URL

Summary

This advisory contains mitigations for Stack-based Buffer Overflow, Improper Restriction of Operations Within the Bounds of a Memory Buffer, Use After Free, and Out-of-bounds Write vulnerabilities in the Omron CX-Position control software.

Hitachi Energy LinkOne WebView

Title

Hitachi Energy LinkOne WebView

Published

March 29, 2022, 4:10 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-088-03

Summary

This advisory contains mitigations for Cross-site Scripting, Use of a Password System for Primary Authentication, Configuration, and Exposure of Sensitive Information to an Unauthorized Actor vulnerabilities in the Hitachi Energy LinkOne WebView graphical parts catalog.

Modbus Tools Modbus Slave

Title

Modbus Tools Modbus Slave

Published

March 29, 2022, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-088-04

Summary

This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in the Modbus Tools Modbus Slave PLC programming simulation tool.

Delta Electronics DIAEnergie (Update A)

Title

Delta Electronics DIAEnergie (Update A)

Published

March 29, 2022, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-081-01

Summary

This updated advisory is a follow-up to the original advisory titled ICSA-22-081-01 Delta Electronics DIAEnergie that was published March 22, 2022, on the ICS webpage at www.cisa.gov/uscert. This advisory contains mitigations for Path Traversal, Incorrect Default Permissions, and SQL Injection vulnerabilities in the Delta Electronics DIAEnergie industrial energy management system.

28.03.2022

SSA-593272 V1.5 (Last Update: 2022-03-28): SegmentSmack in Interniche IP-Stack based Industrial Devices

Title

SSA-593272 V1.5 (Last Update: 2022-03-28): SegmentSmack in Interniche IP-Stack based Industrial Devices

Published

March 28, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf

Summary

A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.

24.03.2022

US CERT

AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

Title

AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

Published

March 24, 2022, 3 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-083a

Summary

Original release date: March 24, 2022SummaryActions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts. This joint Cybersecurity ...

23.03.2022

BOSCH PSIRT

Bosch Fire Monitoring System (FSM) affected by log4net Vulnerability

Title

Bosch Fire Monitoring System (FSM) affected by log4net Vulnerability

Published

March 23, 2022, 1 a.m.

URL

https://psirt.bosch.com/security-advisories/bosch-sa-479793-bt.html

Summary

BOSCH-SA-479793-BT: A vulnerability has been discovered affecting the Bosch Fire Monitoring System (FSM-2500, FSM-5000, FSM-10k and obsolete FSM-10000). The issue applies to FSM server with version 5.6.630 and lower, and FSM client with version 5.6.2131 and lower. Bosch recommends customers to update vulnerable components with the provided patch. The vulnerability ...

22.03.2022

Delta Electronics DIAEnergie (Update B)

Title

Delta Electronics DIAEnergie (Update B)

Published

March 22, 2022, 3 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-238-03

Summary

This updated advisory is a follow-up to the advisory update titled ICSA-21-238-03 Delta Electronics DIAEnergie (Update A) that was published December 16, 2021, on the ICS webpage at www.cisa.gov/uscert. This advisory contains mitigations for several vulnerabilities in the Delta Electronics DIAEnergie industrial energy management system.

17.03.2022

US CERT

AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers

Title

AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers

Published

March 17, 2022, 8 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-076a

Summary

Original release date: March 17, 2022SummaryActions to Take Today: • Use secure methods for authentication. • Enforce principle of least privilege. • Review trust relationships. • Implement encryption. • Ensure robust patching and system configuration audits. • Monitor logs for suspicious activity. • Ensure incident response, resilience, and continuity of ...

17.03.2022

Treck TCP/IP Stack (Update H)

Title

Treck TCP/IP Stack (Update H)

Published

March 17, 2022, 3 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-20-168-01

Summary

This updated advisory is a follow-up to the advisory update titled ICSA-20-168-01 Treck TCP/IP Stack (Update G) that was published Aug 20, 2020, to the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or ...

16.03.2022

BOSCH PSIRT

Improper Restriction of XML External Entity Reference in BVMS

Title

Improper Restriction of XML External Entity Reference in BVMS

Published

March 16, 2022, 1 a.m.

URL

https://psirt.bosch.com/security-advisories/bosch-sa-506619-bt.html

Summary

BOSCH-SA-506619-BT: When BVMS is installed in an installation folder where low-priviledged users have write access, BVMS is affected by a security vulnerability, which potentially allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.Bosch rates the vulnerability with a CVSS v3.1 Base Score of 5.7 (Medium) when the ...

15.03.2022

ABB OPC Server for AC 800M

Title

ABB OPC Server for AC 800M

Published

March 15, 2022, 3:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-074-01

Summary

This advisory contains mitigations for an Execution with Unnecessary Privileges vulnerability in the ABB OPC Server for AC 800M run-time data reader.

15.03.2022

PTC Axeda agent and Axeda Desktop Server (Update B)

Title

PTC Axeda agent and Axeda Desktop Server (Update B)

Published

March 15, 2022, 3 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-067-01

Summary

This updated advisory is a follow-up to the original advisory titled ICSA-22-067-01 PTC Axeda agent and Axeda Desktop Server (Update A) that was published March 10, 2022, on the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for Use of Hard-coded Credentials, Missing Authentication for Critical Function, Exposure of Sensitive ...

15.03.2022

US CERT

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols ...

Title

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Published

March 15, 2022, 3 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-074a

Summary

Original release date: March 15, 2022SummaryMultifactor Authentication (MFA): A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization should ...

Siemens RUGGEDCOM Devices

Title

Siemens RUGGEDCOM Devices

Published

March 11, 2022, 5:55 a.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-01

Summary

This advisory contains mitigations for a Missing Encryption of Sensitive Data vulnerability in devices using the Siemens RUGGEDCOM software platform.

SSA-764417 V1.1 (Last Update: 2022-03-11): Multiple Vulnerabilities in RUGGEDCOM Devices

Title

SSA-764417 V1.1 (Last Update: 2022-03-11): Multiple Vulnerabilities in RUGGEDCOM Devices

Published

March 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf

Summary

There is an insecure cryptographic vulnerability for the affected RUGGEDCOM devices. If an attacker were to exploit this, they could gain privileged functions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

SSA-593272 V1.4 (Last Update: 2022-03-11): SegmentSmack in Interniche IP-Stack based Industrial Devices

Title

SSA-593272 V1.4 (Last Update: 2022-03-11): SegmentSmack in Interniche IP-Stack based Industrial Devices

Published

March 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf

Summary

SSA-256353 V1.1 (Last Update: 2022-03-11): Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Title

SSA-256353 V1.1 (Last Update: 2022-03-11): Third-Party Component Vulnerabilities in RUGGEDCOM ROS

Published

March 11, 2022, 1 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-256353.pdf

Summary

Multiple vulnerabilities affect various third-party components of the RUGGEDCOM ROS, and a cross-site scripting exploit. If exploited, an attacker could cause a denial-of-service, act as a man-in-the-middle or retrieval of sensitive information or gain privileged functions. Siemens has released updates for several affected products and recommends to update to the ...

Siemens SIMOTICS CONNECT 400

Title

Siemens SIMOTICS CONNECT 400

Published

March 10, 2022, 5:50 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02

Summary

This advisory contains mitigations for Type Confusion, Improper Validation of Specified Quantity in Input, Wrap or Wraparound, Improper Handling of Inconsistent Structural Elements vulnerabilities in the Siemens SIMOTICS CONNECT 400 connectivity module.

Siemens SINEMA Mendix Forgot Password Appstore

Title

Siemens SINEMA Mendix Forgot Password Appstore

Published

March 10, 2022, 5:40 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-04

Summary

This advisory contains mitigations for Improper Access Control, an d Improper Restriction of Excessive Authentication Attempts vulnerabilities in the Siemens SINEMA Mendix Forgot Password Appstore password management module.

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-06

Siemens COMOS

Title

Siemens COMOS

Published

March 10, 2022, 5:30 p.m.

URL

Summary

This advisory contains mitigations for Memory Allocation with Excessive Size Value, Untrusted Pointer Dereference, Type Confusion, Stack-based Buffer Overflow, Out-of-bounds Write, Out-of-bounds Read, Use After Free, Improper Check for Unusual or Exceptional Conditions vulnerabilities in Siemens COM collaborative plan design software.

Siemens Climatix POL909

Title

Siemens Climatix POL909

Published

March 10, 2022, 5:25 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-069-07

Summary

This advisory contains mitigations for Cross-site Scripting, and Improper Access Control vulnerabilities in of Climatix POL909 AWM and AWB web modules.