Bulletins | CERT@VDE

Circutor COMPACT DC-S BASIC

Title

Circutor COMPACT DC-S BASIC

Published

May 17, 2022, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-137-01

Summary

This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in the Circutor COMPACT DC-S BASIC smart metering concentrator.

17.05.2022

US CERT

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access

Title

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access

Published

May 17, 2022, 3 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-137a

Summary

Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security ...

Mitsubishi Electric MELSOFT iQ AppPortal

Title

Mitsubishi Electric MELSOFT iQ AppPortal

Published

May 12, 2022, 4:50 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-02

Summary

This advisory contains mitigations for Missing Authorization, Out-of-bounds Write, NULL Pointer Dereference, Classic Buffer Overflow, HTTP Request Smuggling, and Infinite Loop vulnerabilities in Mitsubishi Electric MELSOFT iQ AppPortal products.

Inkscape in Industrial Products

Title

Inkscape in Industrial Products

Published

May 12, 2022, 4:48 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-03

Summary

This advisory contains mitigations for Out-of-bounds Read, Access of Uninitialized Pointer, and Out-of-bounds Write vulnerabilities in the Inkscape open-source graphics editor.

Cambium Networks cnMaestro

Title

Cambium Networks cnMaestro

Published

May 12, 2022, 4:46 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-04

Summary

This advisory contains mitigations for OS Command Injection, SQL Injection, Path Traversal, and Use of Potentially Dangerous Function vulnerabilities in the Cambium Networks cnMaestro network management system.

Siemens Industrial PCs and CNC devices

Title

Siemens Industrial PCs and CNC devices

Published

May 12, 2022, 4:44 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-05

Summary

This advisory contains mitigations for Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, and Improper Privilege Management vulnerabilities in Siemens Industrial PCs and CNC devices.

Siemens SIMATIC WinCC

Title

Siemens SIMATIC WinCC

Published

May 12, 2022, 4:42 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-06

Summary

This advisory contains mitigations for a, Insecure Default Initialization of Resource vulnerability in SIMATIC PCS and WinCC industrial products.

Siemens SICAM P850 and SICAM P855

Title

Siemens SICAM P850 and SICAM P855

Published

May 12, 2022, 4:40 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-07

Summary

This advisory contains mitigations for Improper Neutralization of Parameter/Argument Delimiters, Cleartext Transmission of Sensitive Information, Cross-site Scripting, Missing Authentication for Critical Function, Authentication Bypass by Capture-replay, and Improper Authentication vulnerabilities in Siemens SICAM P850 and SICAM P855.

Siemens JT2GO and Teamcenter Visualization

Title

Siemens JT2GO and Teamcenter Visualization

Published

May 12, 2022, 4:36 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-09

Summary

This advisory contains mitigations for Infinite Loop, Null Pointer Dereference, Integer Overflow to Buffer Overflow, Double Free, and Access of Uninitialized Pointer vulnerabilities in Siemens JT2GO, Teamcenter Visualization products.

Siemens Desigo PXC and DXR Devices

Title

Siemens Desigo PXC and DXR Devices

Published

May 12, 2022, 4:34 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-132-10

Summary

This advisory contains mitigations for an Uncaught Exception vulnerability in the Siemens Desigo DXR and PXC controllers.

11.05.2022

US CERT

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers

Title

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers

Published

May 11, 2022, 1 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-131a

Summary

Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership ...

Adminer in Industrial Products

Title

Adminer in Industrial Products

Published

May 10, 2022, 4:25 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-130-01

Summary

This advisory contains mitigations for a Files or Directories Accessible to External Parties vulnerability in the Adminer database tool.

Eaton Intelligent Power Protector

Title

Eaton Intelligent Power Protector

Published

May 10, 2022, 4:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-130-02

Summary

This advisory contains mitigations for a Cross-site Scripting vulnerability in the Eaton Intelligent Power Protector (IPP) power protection platform.

Eaton Intelligent Power Manager Infrastructure

Title

Eaton Intelligent Power Manager Infrastructure

Published

May 10, 2022, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-130-03

Summary

This advisory contains mitigations for Cross-site Scripting, Reflected Cross-site Scripting, and Improper Neutralization of Formula in a CSV File vulnerabilities in Eaton Intelligent Power Manager Infrastructure power monitoring products.

AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere

Title

AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere

Published

May 10, 2022, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-130-05

Summary

This advisory contains mitigations for an Exposure of Resource to Wrong Sphere vulnerability in AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere HMI products.

Mitsubishi Electric MELSOFT GT OPC UA

Title

Mitsubishi Electric MELSOFT GT OPC UA

Published

May 10, 2022, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-130-06

Summary

This advisory contains mitigations for Out-of-bounds Read, and Integer Overflow or Wraparound vulnerabilities in Mitsubishi Electric MELSOFT GT OPC UA client connection products.

SSA-162616 V1.0: File Parsing Vulnerabilities in Simcenter Femap before V2022.2

Title

SSA-162616 V1.0: File Parsing Vulnerabilities in Simcenter Femap before V2022.2

Published

May 10, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-162616.pdf

Summary

Siemens Simcenter Femap versions before V2022.2 are affected by an out of bounds write vulnerability that could be triggered when the application reads files in .NEU format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to perform remote ...

SSA-914168 V1.2 (Last Update: 2022-05-10): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Title

SSA-914168 V1.2 (Last Update: 2022-05-10): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Published

May 10, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf

Summary

Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow attackers to retrieve and brute force password hashes and access other systems. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products ...

SSA-840188 V1.4 (Last Update: 2022-05-10): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Title

SSA-840188 V1.4 (Last Update: 2022-05-10): Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

Published

May 10, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf

Summary

Multiple vulnerabilities were found in SIMATIC WinCC that ultimately could allow local or remote attackers to escalate privileges and read, write or delete critical files. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures ...

SSA-787292 V1.2 (Last Update: 2022-05-10): Denial of Service Vulnerability in SIMATIC RFID Readers

Title

SSA-787292 V1.2 (Last Update: 2022-05-10): Denial of Service Vulnerability in SIMATIC RFID Readers

Published

May 10, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf

Summary

The latest updates for SIMATIC RF products fix a vulnerability that could allow an unauthorized attacker to crash the OPC UA service of the affected devices. Siemens has released updates for the affected products and recommends to update to the latest versions.

SSA-772220 V1.9 (Last Update: 2022-05-10): OpenSSL Vulnerabilities in Industrial Products

Title

SSA-772220 V1.9 (Last Update: 2022-05-10): OpenSSL Vulnerabilities in Industrial Products

Published

May 10, 2022, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf

Summary

OpenSSL has published a security advisory [0] about a vulnerability in OpenSSL versions 1.1.1 < 1.1.1k, that allows an unauthenticated attacker to cause a Denial-of-Service (DoS) if a maliciously crafted renegotiation message is sent . Siemens has released updates for several affected products and recommends to update to the latest ...