Bulletins | CERT@VDE

SSA-078892 V1.0: Multiple Vulnerabilities in SINEC NMS Before V4.0

Title

SSA-078892 V1.0: Multiple Vulnerabilities in SINEC NMS Before V4.0

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-078892.html

Summary

Siemens SINEC NMS before V4.0 is affected by multiple vulnerabilities which could allow an attacker to elevate privilege and exceute arbitrary code. Siemens has released a new version for SINEC NMS and recommends to update to the latest version. Siemens is preparing further fix versions and recommends countermeasures for products ...

SSA-446545 V1.1 (Last Update: 2025-07-08): Impact of RegreSSHion (CVE-2024-6387) in Siemens Industrial Products

Title

SSA-446545 V1.1 (Last Update: 2025-07-08): Impact of RegreSSHion (CVE-2024-6387) in Siemens Industrial Products

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-446545.html

Summary

An OpenSSH vulnerability, known as regreSSHion, affects multiple Siemens industrial products. This security regression vulnerability consists in a race condition which may allow an unauthenticated remote attacker to achieve remote code execution with high impact on the affected system. Siemens has released new versions for several affected products and recommends ...

SSA-938066 V1.0: Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC

Title

SSA-938066 V1.0: Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-938066.html

Summary

SENTRON Powermanager and Desigo CC devices are not affected by a remote code execution vulnerability in Apache Tomcat that can be triggered via a partial PUT request due to a path equivalence issue. It could allow a remote attacker to execute arbitrary code, disclose sensitive information, or inject malicious content.

SSA-904646 V1.0: Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices

Title

SSA-904646 V1.0: Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-904646.html

Summary

A sensitive data exposure vulnerability in SIPROTEC 5 can allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.

SSA-876787 V1.8 (Last Update: 2025-07-08): Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs

Title

SSA-876787 V1.8 (Last Update: 2025-07-08): Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-876787.html

Summary

Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link. Siemens ...

SSA-864900 V1.1 (Last Update: 2025-07-08): Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices

Title

SSA-864900 V1.1 (Last Update: 2025-07-08): Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-864900.html

Summary

Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.

SSA-770770 V1.5 (Last Update: 2025-07-08): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices

Title

SSA-770770 V1.5 (Last Update: 2025-07-08): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-770770.html

Summary

Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.

SSA-763427 V1.6 (Last Update: 2025-07-08): Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices

Title

SSA-763427 V1.6 (Last Update: 2025-07-08): Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-763427.html

Summary

SIMATIC CP and TIM devices contain an authentication bypass vulnerability that could allow unauthenticated users to perform administrative operations under certain conditions. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not ...

SSA-725549 V1.1 (Last Update: 2025-07-08): Denial of Service of ICMP in Industrial Devices

Title

SSA-725549 V1.1 (Last Update: 2025-07-08): Denial of Service of ICMP in Industrial Devices

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-725549.html

Summary

A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The integrated ICMP services in the underlying TCP/IP stack is vulnerable to a denial of service attack through specially crafted ICMP packets. A successful attack will impact the availability ...

SSA-723487 V1.7 (Last Update: 2025-07-08): RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE,...

Title

SSA-723487 V1.7 (Last Update: 2025-07-08): RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-723487.html

Summary

This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SCALANCE, RUGGEDCOM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., SCALANCE or RUGGEDCOM devices) and a RADIUS server (e.g., SINEC INS), to ...

SSA-698820 V1.8 (Last Update: 2025-07-08): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices

Title

SSA-698820 V1.8 (Last Update: 2025-07-08): Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices

Published

July 8, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssa-698820.html

Summary

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.

Monday, 07.07.2025

SSB-104599 V1.0: Increasing Cyber Threats to Industrial Control Systems

Title

SSB-104599 V1.0: Increasing Cyber Threats to Industrial Control Systems

Published

July 7, 2025, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/html/ssb-104599.html

Summary

Thursday, 03.07.2025

Mitsubishi Electric MELSOFT Update Manager

Title

Mitsubishi Electric MELSOFT Update Manager

Published

July 3, 2025, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-184-03

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT Update Manager Vulnerabilities: Integer Underflow (Wrap or Wraparound), Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, disclose information, alter information, or ...

Hitachi Energy MicroSCADA X SYS600

Title

Hitachi Energy MicroSCADA X SYS600

Published

July 3, 2025, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-184-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA X SYS600 Vulnerabilities: Incorrect Default Permissions, External Control of File Name or Path, Improper Validation of Integrity Check Value, Exposure of Sensitive Information Through Data Queries, Improper Certificate Validation 2. RISK EVALUATION ...

Tuesday, 01.07.2025

https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-03

FESTO CODESYS

Title

FESTO CODESYS

Published

July 1, 2025, 2 p.m.

URL

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Equipment: CODESYS Vulnerabilities: Partial String Comparison, Uncontrolled Resource Consumption, Memory Allocation with Excessive Size Value 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to block legitimate user connections, crash the application, ...

FESTO Hardware Controller, Hardware Servo Press Kit

Title

FESTO Hardware Controller, Hardware Servo Press Kit

Published

July 1, 2025, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-04

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Equipment: Hardware Controller, Hardware Servo Press Kit Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute ...

Hitachi Energy Relion 670/650 and SAM600-IO Series

Title

Hitachi Energy Relion 670/650 and SAM600-IO Series

Published

July 1, 2025, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-06

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670/650 and SAM600-IO Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to cause a denial-of-service that disrupts critical functions in the ...

Voltronic Power and PowerShield UPS Monitoring Software

Title

Voltronic Power and PowerShield UPS Monitoring Software

Published

July 1, 2025, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-05

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Voltronic Power, PowerShield Equipment: Viewpower, NetGuard Vulnerabilities: Exposed Dangerous Method or Function, Forced Browsing 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker remotely to make configuration changes, resulting in shutting down ...

FESTO Didactic CP, MPS 200, and MPS 400 Firmware

Title

FESTO Didactic CP, MPS 200, and MPS 400 Firmware

Published

July 1, 2025, 2 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-01

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Didactic Equipment: CP, MPS 200, MPS 400 Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write arbitrary data ...