November 2021
Titel
Siemens NX OBJ Translator
Veröffentlicht
11. November 2021 16:50
Text
This advisory contains mitigation for an Use After Free, and Access of Uninitialized Pointer vulnerabilities in Siemens NX OBJ Translator design software.
Titel
Siemens NX OBJ Translator
Veröffentlicht
11. November 2021 16:50
Text
This advisory contains mitigation for an Use After Free, and Access of Uninitialized Pointer vulnerabilities in Siemens NX OBJ Translator design software.
Titel
Siemens Climatix POL909
Veröffentlicht
11. November 2021 16:45
Text
This advisory contains mitigation for a Missing Encryption of Sensitive Data vulnerability in Siemens Climatix POL909, an advanced web module.
Titel
Siemens Climatix POL909
Veröffentlicht
11. November 2021 16:45
Text
This advisory contains mitigation for a Missing Encryption of Sensitive Data vulnerability in Siemens Climatix POL909, an advanced web module.
Titel
Siemens SENTRON powermanager
Veröffentlicht
11. November 2021 16:40
Text
This advisory contains mitigations for an Incorrect Permission Assignment for Critical Resource vulnerability in Siemens SENTRON powermanager power monitoring software.
Titel
Siemens SENTRON powermanager
Veröffentlicht
11. November 2021 16:40
Text
This advisory contains mitigations for an Incorrect Permission Assignment for Critical Resource vulnerability in Siemens SENTRON powermanager power monitoring software.
Titel
Philips MRI 1.5T and 3T
Veröffentlicht
9. November 2021 16:35
Text
This advisory contains mitigations for Improper Access Control, Incorrect Ownership Assignment, and Exposure of Sensitive Information to an Unauthorized Actor vulnerabilities in Philips MRI 1.5T and 3T products.
Titel
Schneider Electric NMC cards and Embedded Devices
Veröffentlicht
9. November 2021 16:30
Text
This advisory contains mitigations for Cross-site Scripting, and Exposure of Sensitive Information to an Unauthorized Actor vulnerabilities in Schneider Electric NMC cards and Embedded Devices.
Titel
Schneider Electric GUIcon
Veröffentlicht
9. November 2021 16:25
Text
This advisory contains mitigations for Out-of-bounds Write, Use After Free, and Out-of-bounds Read vulnerabilities in Schneider Electric GUIcon software.
Titel
Siemens Nucleus RTOS TCP/IP Stack
Veröffentlicht
9. November 2021 16:20
Text
This advisory contains mitigations for several vulnerabilities found in Siemens Nucleus Net, Nucleus ReadyStart, and Capital VSTAR products. These vulnerabilities are related to real-time operating system (RTOS) networking and related services, including the TCP/IP stack.
Titel
Siemens Nucleus RTOS TCP/IP Stack
Veröffentlicht
9. November 2021 16:20
Text
This advisory contains mitigations for several vulnerabilities found in Siemens Nucleus Net, Nucleus ReadyStart, and Capital VSTAR products. These vulnerabilities are related to real-time operating system (RTOS) networking and related services, including the TCP/IP stack.
Titel
mySCADA myDESIGNER
Veröffentlicht
9. November 2021 16:15
Text
This advisory contains mitigations for a Relative Path Traversal vulnerability in mySCADA myDESIGNER project creation software.
Titel
mySCADA myDESIGNER
Veröffentlicht
9. November 2021 16:15
Text
This advisory contains mitigations for a Relative Path Traversal vulnerability in mySCADA myDESIGNER project creation software.
Titel
OSIsoft PI Vision
Veröffentlicht
9. November 2021 16:10
Text
This advisory contains mitigations for Cross-site Scripting, and Incorrect Authorization vulnerabilities in the OSIsoft PI Vision data management platform.
Titel
OSIsoft PI Vision
Veröffentlicht
9. November 2021 16:10
Text
This advisory contains mitigations for Cross-site Scripting, and Incorrect Authorization vulnerabilities in the OSIsoft PI Vision data management platform.
Titel
OSIsoft PI Web API
Veröffentlicht
9. November 2021 16:05
Text
This advisory contains mitigations for a Cross-site Scripting vulnerability in the OSIsoft PI Web API data management platform.
Titel
OSIsoft PI Web API
Veröffentlicht
9. November 2021 16:05
Text
This advisory contains mitigations for a Cross-site Scripting vulnerability in the OSIsoft PI Web API data management platform.
Titel
Advantech WebAccess HMI Designer (Update A)
Veröffentlicht
9. November 2021 16:00
Text
This updated advisory is a follow-up to the original advisory titled ICSA-21-173-01 Advantech WebAccess HMI Designer that was published June 22, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigation for Heap-based Buffer overflow, Out-of-bounds Write, and Improper Restriction of Operation Within the Bounds of a Memory Buffer ...
Titel
SSA-044112 V1.0: Multiple Vulnerabilities (NUCLEUS:13) in the TCP/IP Stack of Nucleus RTOS
Veröffentlicht
9. November 2021 01:00
Text
The TCP/IP stack and related services (FTP, TFTP) of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contain several vulnerabilities, also known as “NUCLEUS:13” and as documented below. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures ...
Titel
SSA-114589 V1.0: Multiple Vulnerabilities in Nucleus RTOS based APOGEE and TALON Products
Veröffentlicht
9. November 2021 01:00
Text
Multiple vulnerabilities (also known as “NUCLEUS:13”) have be identified in the Nucleus RTOS (real-time operating system) and reported in the Siemens Security Advisory SSA-044112: https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf. The products listed below use affected versions of the Nucleus software and inherently contain these vulnerabilities. Siemens recommends specific countermeasures for products where updates are ...
Titel
SSA-145157 V1.0: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V2.12
Veröffentlicht
9. November 2021 01:00
Text
SIMATIC RTLS Locating Manager before V2.12 contains multiple vulnerabilities that could allow an attacker to read sensitive data or trigger a denial-of-service condition of the application service. Siemens has released an update for the SIMATIC RTLS Locating Manager and recommends to update to the latest version.
Titel
SSA-328042 V1.0: File Parsing Vulnerabilities in OBJ Translator in NX
Veröffentlicht
9. November 2021 01:00
Text
Siemens NX is affected by two vulnerabilities that could be triggered when the application reads OBJ files. If a user is tricked to open a malicious file with the affected application, this could lead to an access violation, and potentially also to arbitrary code execution on the target host system. ...
Titel
SSA-338732 V1.0: Information Disclosure Vulnerability in Mendix
Veröffentlicht
9. November 2021 01:00
Text
Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache. Mendix has released updates for the affected product lines, ...
Titel
SSA-537983 V1.0: Local Code Execution Vulnerability in SENTRON powermanager V3
Veröffentlicht
9. November 2021 01:00
Text
SENTRON powermanager V3 is affected by a vulnerability that could allow a local attacker to inject arbitrary code and escalate privileges. Siemens has released a security patch for SENTRON powermanager V3.6 HF1 and recommends to update to the latest version and apply this patch.
Titel
SSA-580693 V1.0: WIBU Systems CodeMeter Runtime Denial-of-Service Vulnerability in Siemens Products
Veröffentlicht
9. November 2021 01:00
Text
WIBU Systems published information about a denial-of-service vulnerability and an associated fix release version of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens products for license management. The vulnerability is described in the section “Vulnerability Classification” below and got assigned the CVE ID CVE-2021-41057. Successful ...

Letzte Updates

BOSCH PSIRT
04.10.2021
CODESYS
19.11.2021
SIEMENS CERT
09.11.2021
US CERT
17.11.2021
US CERT (ICS)
18.11.2021

Nach Quelle

Archiv

2021
2020
2019
2018
2017

Feeds