SIEMENS CERT
11/10/2020
CISA and WIBU Systems disclosed six vulnerabilities in different versions of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens and Siemens Energy products for license management. The vulnerabilities are described in the section “Vulnerability Classification” below and got assigned the CVE IDs CVE-2020-14509, CVE-2020-14513, CVE-2020-14515, …
SIEMENS CERT
11/10/2020
A vulnerability has been identified in SIMATIC S7-300 and S7-400 CPU families and derived products, which could result in credential disclosure. Siemens recommends countermeasures as there are currently no fixes available.
SIEMENS CERT
11/10/2020
A vulnerability in S7-300 might allow an attacker to cause a Denial-of-Service condition on port 102 of the affected devices by sending specially crafted packets. Siemens is preparing updates and recommends specific countermeasures until fixes are available.
SIEMENS CERT
11/10/2020
Siemens SCALANCE W1750D is a brandlabled device. Aruba has released a related security advisory (ARUBA-PSA-2016-004) [0] disclosing vulnerabilities in its Aruba Instant product line. The advisory contains multiple related vulnerabilities that are summarized in CVE-2016-2031. This advisory is a reminder to customers that the PAPI protocol is not a secure …
SIEMENS CERT
10/13/2020
Multiple vulnerabilities have been identified in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224 devices. The highest scored vulnerability could allow a remote attacker to crash the DNS service or execute arbitrary code. The attacker must be able to craft malicious DNS responses and inject them into the network …
SIEMENS CERT
10/13/2020
SIPORT MP version 3.2.1 fixes an authentication bypass vulnerability which could enable an attacker to impersonate other users of the system and perform administrative actions. Siemens recommends to apply the update.
SIEMENS CERT
10/13/2020
A vulnerability has been identified in SIMATIC S7-300 and S7-400 CPU families and derived products, which could result in credential disclosure. Siemens recommends countermeasures as there are currently no fixes available.