• 1
  • 2
  • 3 (current)
Tuesday, 14.02.2023
Title
SSA-491245 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge
Published
Feb. 14, 2023, 1 a.m.
Summary
Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as X_B, DWG, DXF, STL, STP, SLDPRT and PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker ...
Title
SSA-482757 V1.1 (Last Update: 2023-02-14): Missing Immutable Root of Trust in S7-1500 CPU devices
Published
Feb. 14, 2023, 1 a.m.
Summary
Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot ...
Title
SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family
Published
Feb. 14, 2023, 1 a.m.
Summary
Insyde has published information on vulnerabilities in Insyde BIOS in November 2022. These vulnerabilities also affect the RUGGEDCOM APE1808 product family. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
Title
SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
Published
Feb. 14, 2023, 1 a.m.
Summary
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...
Title
SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
Published
Feb. 14, 2023, 1 a.m.
Summary
Title
SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products
Published
Feb. 14, 2023, 1 a.m.
Summary
Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
Title
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Published
Feb. 14, 2023, 1 a.m.
Summary
Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.
Thursday, 09.02.2023
Title
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Published
Feb. 9, 2023, 7 p.m.
Summary
Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...
Title
Control By Web X-400, X-600M
Published
Feb. 9, 2023, 4:25 p.m.
Summary
Title
LS ELECTRIC XBC-DN32U
Published
Feb. 9, 2023, 4:20 p.m.
Summary
Title
Johnson Controls System Configuration Tool (SCT)
Published
Feb. 9, 2023, 4:15 p.m.
Summary
Title
Horner Automation Cscape Envision RV
Published
Feb. 9, 2023, 4:10 p.m.
Summary
Title
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)
Published
Feb. 9, 2023, 4:05 p.m.
Summary
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.
Wednesday, 08.02.2023
Title
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Published
Feb. 8, 2023, 5:14 p.m.
Summary
Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...
Tuesday, 07.02.2023
Title
EnOcean SmartServer
Published
Feb. 7, 2023, 4 p.m.
Summary
Thursday, 02.02.2023
Title
Delta Electronics DIAScreen
Published
Feb. 2, 2023, 4:25 p.m.
Summary
Title
Mitsubishi Electric GOT2000 Series and GT SoftGOT2000
Published
Feb. 2, 2023, 4:20 p.m.
Summary
Title
Baicells Nova
Published
Feb. 2, 2023, 4:15 p.m.
Summary
Title
Delta Electronics DVW-W02W2-E2
Published
Feb. 2, 2023, 4:10 p.m.
Summary
Title
Delta Electronics DX-2100-L1-CN
Published
Feb. 2, 2023, 4:05 p.m.
Summary
Title
Mitsubishi Electric Multiple Factory Automation Products (Update D)
Published
Feb. 2, 2023, 4 p.m.
Summary
  • 1
  • 2
  • 3 (current)

Last Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
26.11.2024
US CERT
08.11.2024
US CERT (ICS)
03.12.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds