• 1
  • 2 (current)
Dienstag, 08.12.2020
Titel
SSA-415783 V1.0: Insecure SSL configuration in SICAM A8000 CP-8000, CP-8021 and CP-8022
Veröffentlicht
8. Dezember 2020 01:00
Text
Some firmware versions of the affected products use outdated and insecure ciphers or can be downgraded to use outdated and insecure ciphers.
Titel
SSA-478893 V1.0: TightVNC Vulnerabilities in Industrial Products
Veröffentlicht
8. Dezember 2020 01:00
Text
Multiple TightVNC (V1.x) vulnerabilities in the affected products could allow remote code execution and Denial-of-Service attacks under certain conditions. Siemens has released updates for several affected products, is working on updates for the remaining affected products and recommends specific countermeasures until fixes are available.
Titel
SSA-480824 V1.0: Multiple Vulnerabilities in LOGO! 8 BM
Veröffentlicht
8. Dezember 2020 01:00
Text
The latest update for LOGO! 8 BM fixes multiple vulnerabilities. The most severe could allow an attacker with network access to gain full control over the device. Siemens has released updates for the affected products and recommends that customers update to the latest version.
Titel
SSA-541017 V1.0: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SIRIUS 3RW5 Modbus TCP and SENTRON PAC Devices
Veröffentlicht
8. Dezember 2020 01:00
Text
Recently security researchers discovered and disclosed 33 vulnerabilities in several open-source TCP/IP stacks for embedded devices, also known as “AMNESIA:33” vulnerabilities. The Siemens products mentioned below are affected by one of these vulnerabilities (CVE-2020-13988). Siemens has released updates for SENTRON PAC devices, is working on updates for SIRIUS 3RW5 communication ...
Dienstag, 01.12.2020
Titel
AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
Veröffentlicht
1. Dezember 2020 19:00
Text
Original release date: December 1, 2020

Summary

This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have ...

Titel
Schneider Electric EcoStruxure Operator Terminal Expert runtime (Vijeo XD)
Veröffentlicht
1. Dezember 2020 16:00
Text
This advisory contains mitigations for an Improper Privilege Management vulnerability in Schneider Electric EcoStruxure Operator Terminal Expert products.
  • 1
  • 2 (current)

Letzte Updates

BOSCH PSIRT
22.06.2022
CODESYS
23.06.2022
SIEMENS CERT
21.06.2022
US CERT
30.06.2022
US CERT (ICS)
30.06.2022

Nach Quelle

Archiv

2022
2021
2020
2019
2018
2017

Feeds