• 1
  • 2 (current)
Tuesday, 14.04.2020
02:00
SIEMENS CERT
SSA-473245 (Last Update: 2020-04-14): Denial-of-Service Vulnerability in Profinet Devices
Title
SSA-473245 (Last Update: 2020-04-14): Denial-of-Service Vulnerability in Profinet Devices
Published
April 14, 2020, 2 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf
Summary
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates ...
02:00
SIEMENS CERT
SSA-629512 (Last Update: 2020-04-14): Local Privilege Escalation Vulnerability in TIA Portal
Title
SSA-629512 (Last Update: 2020-04-14): Local Privilege Escalation Vulnerability in TIA Portal
Published
April 14, 2020, 2 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdf
Summary
The latest updates for TIA Portal fix a vulnerability that could allow a local attacker to execute arbitrary code with SYSTEM privileges. Siemens has released updates for TIA Portal V15 and V16, and is working on updates for TIA Portal V14. Siemens recommends specific countermeasures as there are currently no ...
02:00
SIEMENS CERT
SSA-102233 (Last Update: 2020-04-14): SegmentSmack in VxWorks-based Industrial Devices
Title
SSA-102233 (Last Update: 2020-04-14): SegmentSmack in VxWorks-based Industrial Devices
Published
April 14, 2020, 2 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf
Summary
The latest updates for the affected products fix a vulnerability that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens is ...
02:00
SIEMENS CERT
SSA-398519 (Last Update: 2020-04-14): Vulnerabilities in Intel CPUs (November 2019)
Title
SSA-398519 (Last Update: 2020-04-14): Vulnerabilities in Intel CPUs (November 2019)
Published
April 14, 2020, 2 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf
Summary
Intel has published information on vulnerabilities in Intel products in November 2019. In this advisory Siemens only explicitly mentions the vulnerabilities from the "Intel® CPU Security Advisory" and one vulnerability from "Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory" and lists the Siemens IPC ...
02:00
SIEMENS CERT
SSB-382508 (Last Update: 2020-04-14): ActiveX used in Industrial Products
Title
SSB-382508 (Last Update: 2020-04-14): ActiveX used in Industrial Products
Published
April 14, 2020, 2 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssb-382508.pdf
Summary
Monday, 13.04.2020
02:00
SIEMENS CERT
SSA-589272 (Last Update: 2020-04-13): Security vulnerability in SIMATIC S7-400 V6 PN CPUs
Title
SSA-589272 (Last Update: 2020-04-13): Security vulnerability in SIMATIC S7-400 V6 PN CPUs
Published
April 13, 2020, 2 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-589272.pdf
Summary
When receiving specially crafted ICMP network packets, SIMATIC S7-400 V6 PN CPU products may go into defect mode. This could allow attackers to perform a Denial-of-Service attack on the CPUs. Siemens has released updates for the affected products.
02:00
SIEMENS CERT
SSA-617264 (Last Update: 2020-04-13): Multiple Security Vulnerabilities in SIMATIC S7-400 V5 PN CPUs
Title
SSA-617264 (Last Update: 2020-04-13): Multiple Security Vulnerabilities in SIMATIC S7-400 V5 PN CPUs
Published
April 13, 2020, 2 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-617264.pdf
Summary
When receiving malformed network data, SIMATIC S7-400 V5 PN CPUs may go into defect mode. This would allow attackers to perform a Denial-of-Service attack on the CPUs. Siemens will not publish a fix for this vulnerability as this product version is discontinued since October 2011 [1]. Version V6 is not ...
Wednesday, 08.04.2020
14:00
US CERT
AA20-099A: COVID-19 Exploited by Malicious Cyber Actors
Title
AA20-099A: COVID-19 Exploited by Malicious Cyber Actors
Published
April 8, 2020, 2 p.m.
URL
https://www.us-cert.gov/ncas/alerts/aa20-099a
Summary
Original release date: April 8, 2020SummaryThis is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on exploitation by cybercriminal and advanced persistent threat (APT) groups of the ...
Tuesday, 07.04.2020
16:25
US CERT (ICS)
Advantech WebAccess/NMS
Title
Advantech WebAccess/NMS
Published
April 7, 2020, 4:25 p.m.
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-01
Summary
This advisory contains mitigations for multiple vulnerabilities in Advantech's WebAccess/NMS network management system.
16:20
US CERT (ICS)
GE Digital CIMPLICITY
Title
GE Digital CIMPLICITY
Published
April 7, 2020, 4:20 p.m.
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-02
Summary
This advisory contains mitigations for a privilege escalation vulnerability in GE Digital CIMPLICITY HMI/SCADA products.
16:15
US CERT (ICS)
HMS Networks eWON Flexy and Cosy
Title
HMS Networks eWON Flexy and Cosy
Published
April 7, 2020, 4:15 p.m.
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-03
Summary
This advisory contains mitigations for a cross-site scripting vulnerability in HMS Networks eWON Flexy and Cosy Industrial VPN routers.
16:05
US CERT (ICS)
KUKA.Sim Pro
Title
KUKA.Sim Pro
Published
April 7, 2020, 4:05 p.m.
URL
https://www.us-cert.gov/ics/advisories/icsa-20-098-05
Summary
This advisory contains mitigations for a ### vulnerability in ###, a ###
16:00
US CERT (ICS)
Synergy Systems & Solutions HUSKY RTU (Update A)
Title
Synergy Systems & Solutions HUSKY RTU (Update A)
Published
April 7, 2020, 4 p.m.
URL
https://www.us-cert.gov/ics/advisories/icsa-20-042-01
Summary
This updated advisory is a follow-up to the original advisory titled ICSA-20-042-01 Synergy Systems & Solutions HUSKY RTU that was published February 11, 2020, to the ICS webpage on us-cert.gov. This advisory contains mitigations for improper authentication and improper input validation vulnerabilities in Synergy Systems & Solutions HUSKY RTU, a ...
Thursday, 02.04.2020
16:00
US CERT (ICS)
B&R Automation Studio
Title
B&R Automation Studio
Published
April 2, 2020, 4 p.m.
URL
https://www.us-cert.gov/ics/advisories/icsa-20-093-01
Summary
This advisory contains mitigations for improper privilege management, missing required cryptographic step, and path traversal vulnerabilities in B&R Automation Studio software.
  • 1
  • 2 (current)

Last Updates

BOSCH PSIRT
15.05.2024
SIEMENS CERT
14.05.2024
US CERT
10.05.2024
US CERT (ICS)
16.05.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds