Bulletins | CERT@VDE

This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability in the Siemens PROFINET Stack Integrated on Interniche Stack.

17:08

US CERT (ICS)

Siemens Mendix

Title

Siemens Mendix

Published

April 14, 2022, 5:08 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-07

Summary

This advisory contains mitigations for an Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Siemens Mendix, a software platform to build mobile and web applications.

17:06

US CERT (ICS)

Siemens SCALANCE W1700

Title

Siemens SCALANCE W1700

Published

April 14, 2022, 5:06 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-08

Summary

This advisory contains mitigations for Race Condition, and Improper Input Validation vulnerabilities in the Siemens SCALANCE W1700 wireless communication device.

17:04

US CERT (ICS)

Siemens SCALANCE X-300 Switches

Title

Siemens SCALANCE X-300 Switches

Published

April 14, 2022, 5:04 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-104-09

Summary

This advisory contains mitigations for Improper Input Validation, Use of Insufficiently Random Values, Stack-based Buffer Overflow, Cross-site Request Forgery, Improper Access Control, Basic XSS, Classic Buffer Overflow, Out-of-bounds Read vulnerabilities in Siemens SCALANCE X-300 Switches.

Wednesday, 13.04.2022

19:00

US CERT

AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices

Title

AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices

Published

April 13, 2022, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa22-103a

Summary

Original release date: April 13, 2022SummaryActions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to ...

Tuesday, 12.04.2022

16:20

US CERT (ICS)

Valmet DNA

Title

Valmet DNA

Published

April 12, 2022, 4:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-01

Summary

This advisory contains mitigations for an Inadequate Encryption Strength vulnerability in Valmet DNA distributed control system products.

16:15

US CERT (ICS)

Mitsubishi Electric MELSEC-Q Series C Controller Module

Title

Mitsubishi Electric MELSEC-Q Series C Controller Module

Published

April 12, 2022, 4:15 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-02

Summary

This advisory contains mitigations for a Heap-based Buffer Overflow vulnerability in some MELSEC-Q Series C Controller Modules using Wind River VxWorks Version 6.4.

16:05

US CERT (ICS)

Mitsubishi Electric GT25-WLAN

Title

Mitsubishi Electric GT25-WLAN

Published

April 12, 2022, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-04

Summary

This advisory contains mitigations for Improper Removal of Sensitive Information Before Storage or Transfer, Inadequate Encryption Strength, Missing Authentication for Critical Function, Injection, and Improper Input Validation vulnerabilities in Mitsubishi Electric GT25-WLAN wireless communication units.

16:00

US CERT (ICS)

Aethon TUG Home Base Server

Title

Aethon TUG Home Base Server

Published

April 12, 2022, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-102-05

Summary

This advisory contains mitigations for Missing Authorization, Channel Accessible by Non-endpoint, and Cross-site Scripting vulnerabilities in the Aethon TUG Home Base Server; a server used to control and communicate with autonomous mobile robots in hospitals.

Last Updates

By Source

Archive

2024

2023

2022

2021

2020

2019

2018

2017

Feeds