• 1
  • 2
  • 3 (current)
Tuesday, 10.01.2023
01:00
SIEMENS CERT
SSA-552702 V1.3 (Last Update: 2023-01-10): Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Pr...
Title
SSA-552702 V1.3 (Last Update: 2023-01-10): Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products
Published
Jan. 10, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-552702.pdf
Summary
The products listed below do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific ...
01:00
SIEMENS CERT
SSA-592007 V1.9 (Last Update: 2023-01-10): Denial of Service Vulnerability in Industrial Products
Title
SSA-592007 V1.9 (Last Update: 2023-01-10): Denial of Service Vulnerability in Industrial Products
Published
Jan. 10, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf
Summary
Several industrial controllers are affected by a security vulnerability that could allow an attacker to cause a denial of service condition via PROFINET DCP network packets under certain circumstances. Precondition for this scenario is a direct OSI Layer 2 access to the affected products. PROFIBUS interfaces are not affected. Siemens ...
01:00
SIEMENS CERT
SSA-593272 V1.9 (Last Update: 2023-01-10): SegmentSmack in Interniche IP-Stack based Industrial Devices
Title
SSA-593272 V1.9 (Last Update: 2023-01-10): SegmentSmack in Interniche IP-Stack based Industrial Devices
Published
Jan. 10, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf
Summary
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service. Siemens has released updates for several ...
01:00
SIEMENS CERT
SSA-697140 V1.1 (Last Update: 2023-01-10): Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM P...
Title
SSA-697140 V1.1 (Last Update: 2023-01-10): Denial of Service Vulnerability in the TCP Event Service of SCALANCE and RUGGEDCOM Products
Published
Jan. 10, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf
Summary
The products listed below contain a denial of service vulnerability in the TCP event interface that could allow an unauthenticated remote attacker to render the device unusable. Siemens has released updates for the affected products and recommends to update to the latest versions.
01:00
SIEMENS CERT
SSA-710008 V1.2 (Last Update: 2023-01-10): Multiple Web Vulnerabilities in SCALANCE Products
Title
SSA-710008 V1.2 (Last Update: 2023-01-10): Multiple Web Vulnerabilities in SCALANCE Products
Published
Jan. 10, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf
Summary
SCALANCE devices contain multiple vulnerabilities in MSPS based product lines that could allow authenticated remote attackers to execute custom code or create a XSS situation, as well as unauthenticated remote attackers to create a denial of service condition. Siemens has released updates for several affected products and recommends to update ...
01:00
SIEMENS CERT
SSA-712929 V1.6 (Last Update: 2023-01-10): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Prod...
Title
SSA-712929 V1.6 (Last Update: 2023-01-10): Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products
Published
Jan. 10, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
Summary
A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released updates for several affected products and recommends to update to the latest ...
01:00
SIEMENS CERT
SSA-936212 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Solid Edge
Title
SSA-936212 V1.0: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Solid Edge
Published
Jan. 10, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf
Summary
JT Open Toolkit, JT Utilities and Solid Edge are affected by memory corruption vulnerabilities that could be triggered while parsing JT files. If a user is tricked to open a malicious JT file with any of the affected products, this could cause the application to crash or potentially lead to ...
Thursday, 05.01.2023
16:20
US CERT (ICS)
Hitachi Energy UNEM
Title
Hitachi Energy UNEM
Published
Jan. 5, 2023, 4:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-005-01
Summary
16:05
US CERT (ICS)
Hitachi Energy FOXMAN-UN
Title
Hitachi Energy FOXMAN-UN
Published
Jan. 5, 2023, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-005-02
Summary
16:00
US CERT (ICS)
Hitachi Energy Lumada Asset Performance Management
Title
Hitachi Energy Lumada Asset Performance Management
Published
Jan. 5, 2023, 4 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-005-03
Summary
  • 1
  • 2
  • 3 (current)

Last Updates

BOSCH PSIRT
15.05.2024
SIEMENS CERT
14.05.2024
US CERT
10.05.2024
US CERT (ICS)
16.05.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds