• 1 (current)
  • 2
  • 3
Dienstag, 28.12.2021
01:00
SIEMENS CERT
SSA-784507 V1.0: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products
Titel
SSA-784507 V1.0: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products
Veröffentlicht
28. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf
Text
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) contain a vulnerability (CVE-2021-44832) that could allow an attacker with permission to modify the logging configuration file to execute arbitrary code, when the JDBC Appender is used [1]. This advisory informs about the impact of CVE-2021-44832 to ...
01:00
SIEMENS CERT
SSA-661247 V2.1 (Last Update: 2021-12-28): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V2.1 (Last Update: 2021-12-28): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
28. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Montag, 27.12.2021
01:00
SIEMENS CERT
SSA-661247 V2.0 (Last Update: 2021-12-27): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V2.0 (Last Update: 2021-12-27): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
27. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Donnerstag, 23.12.2021
16:05
US CERT (ICS)
Moxa MGate Protocol Gateways
Titel
Moxa MGate Protocol Gateways
Veröffentlicht
23. Dezember 2021 16:05
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-357-01
Text
This advisory contains mitigations for a Cross-site Scripting vulnerability in the Moxa MGate Protocol Gateways, a serial-to-Ethernet Modbus gateway.
16:00
US CERT (ICS)
Johnson Controls exacq Enterprise Manager
Titel
Johnson Controls exacq Enterprise Manager
Veröffentlicht
23. Dezember 2021 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-357-02
Text
This advisory contains mitigations for an Improper Input Validation vulnerability in the Johnson Controls exacq Enterprise Manager tool.
01:00
SIEMENS CERT
SSA-479842 V1.1 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platf...
Titel
SSA-479842 V1.1 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platform, Basic and Advanced)
Veröffentlicht
23. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
01:00
SIEMENS CERT
SSA-661247 V1.9 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V1.9 (Last Update: 2021-12-23): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
23. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Mittwoch, 22.12.2021
16:00
US CERT
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Titel
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Veröffentlicht
22. Dezember 2021 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-356a
Text
Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ ...
01:00
BOSCH PSIRT
Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)
Titel
Log4j Vulnerabilities - Impact on PRAESENSA Advanced Public Address Server (PRA-APAS)
Veröffentlicht
22. Dezember 2021 01:00
URL
https://psirt.bosch.com/security-advisories/bosch-sa-993110-bt.html
Text

BOSCH-SA-993110-BT: The 1.0.31 software version of the PRAESENSA Advanced Public Address Server (PRA-APAS) contains version 2.10.0 of the Apache Log4j logging service. Recently Apache has warned that this Log4j version contains multiple vulnerabilities, including the Log4Shell vulnerability (CVE-2021-44228).This Log4Shell vulnerability allows remote code execution by sending a specifically crafted log ...

01:00
SIEMENS CERT
SSA-661247 V1.8 (Last Update: 2021-12-22): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V1.8 (Last Update: 2021-12-22): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
22. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Dienstag, 21.12.2021
16:25
US CERT (ICS)
Fresenius Kabi Agilia Connect Infusion System
Titel
Fresenius Kabi Agilia Connect Infusion System
Veröffentlicht
21. Dezember 2021 16:25
URL
https://us-cert.cisa.gov/ics/advisories/icsma-21-355-01
Text
This advisory contains mitigations for several vulnerabilities in the Fresenius Kabi Agilia Connect Infusion System.
16:20
US CERT (ICS)
mySCADA myPRO
Titel
mySCADA myPRO
Veröffentlicht
21. Dezember 2021 16:20
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-355-01
Text
This advisory contains mitigations for Authentication Bypass Using an Alternate Path or Channel, Use of Password Hash with Insufficient Computational Effort, Hidden Functionality, and OS Command Injection vulnerabilities in the mySCADA myPRO HMI/SCADA system.
16:15
US CERT (ICS)
Horner Automation Cscape EnvisionRV
Titel
Horner Automation Cscape EnvisionRV
Veröffentlicht
21. Dezember 2021 16:15
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-355-02
Text
This advisory contains mitigations for an Improper Input Validation vulnerability in Horner Automation Cscape EnvisionRV industrial remote viewing software.
16:00
US CERT (ICS)
Schneider Electric Rack PDU (Update A)
Titel
Schneider Electric Rack PDU (Update A)
Veröffentlicht
21. Dezember 2021 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-348-02
Text
This updated advisory is a follow-up to the original advisory titled ICSA-21-348-02 Schneider Electric Rack PDU that was published December 14, 2021, to the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for an Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Schneider Electric Rack Power Distribution Unit ...
01:00
BOSCH PSIRT
Apache Log4j Vulnerabilities - Impact on Bosch Rexroth Products
Titel
Apache Log4j Vulnerabilities - Impact on Bosch Rexroth Products
Veröffentlicht
21. Dezember 2021 01:00
URL
https://psirt.bosch.com/security-advisories/bosch-sa-572602.html
Text

BOSCH-SA-572602: The Apache Software Foundation has published information about a vulnerability in the Java logging framework *log4j*, which allows an attacker to execute arbitrary code loaded from LDAP or JNDI related endpoints which are under control of the attacker. \[1\]Additionally, a further vulnerability might allow an attacker to cause a ...

01:00
SIEMENS CERT
SSA-479842 V1.0: Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer (Platform, Basic and Advanced)
Titel
SSA-479842 V1.0: Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer (Platform, Basic and Advanced)
Veröffentlicht
21. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
01:00
SIEMENS CERT
SSA-661247 V1.7 (Last Update: 2021-12-21): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V1.7 (Last Update: 2021-12-21): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
21. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Montag, 20.12.2021
01:00
SIEMENS CERT
SSA-397453 V1.0: Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Energy TraceAlert...
Titel
SSA-397453 V1.0: Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Energy TraceAlertServerPLUS
Veröffentlicht
20. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging library used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
01:00
SIEMENS CERT
SSA-661247 V1.6 (Last Update: 2021-12-20): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V1.6 (Last Update: 2021-12-20): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
20. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Sonntag, 19.12.2021
01:00
SIEMENS CERT
SSA-501673 V1.0: Apache Log4j Denial of Service Vulnerability (CVE-2021-45105) - Impact to Siemens Products
Titel
SSA-501673 V1.0: Apache Log4j Denial of Service Vulnerability (CVE-2021-45105) - Impact to Siemens Products
Veröffentlicht
19. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf
Text
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 contain a vulnerability (CVE-2021-45105) that could allow attackers to cause a denial of service condition in affected applications [1]. This advisory informs about the impact of CVE-2021-45105 to Siemens products and the corresponding remediation and mitigation measures. The vulnerability is different from the JNDI ...
01:00
SIEMENS CERT
SSA-661247 V1.5 (Last Update: 2021-12-19): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V1.5 (Last Update: 2021-12-19): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
19. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Samstag, 18.12.2021
01:00
SIEMENS CERT
SSA-661247 V1.4 (Last Update: 2021-12-18): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V1.4 (Last Update: 2021-12-18): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
18. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Freitag, 17.12.2021
04:36
US CERT (ICS)
Siemens SINUMERIK Edge
Titel
Siemens SINUMERIK Edge
Veröffentlicht
17. Dezember 2021 04:36
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-350-09
Text
This advisory contains mitigations for an Improper Certificate Validation vulnerability in the Siemens SINUMERIK Edge hardware and software digital production support and optimization platform.
01:00
SIEMENS CERT
SSA-661247 V1.3 (Last Update: 2021-12-17): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V1.3 (Last Update: 2021-12-17): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
17. Dezember 2021 01:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
Donnerstag, 16.12.2021
16:52
US CERT (ICS)
Xylem AquaView
Titel
Xylem AquaView
Veröffentlicht
16. Dezember 2021 16:52
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-350-01
Text
This advisory contains mitigations for a Use of Hard-coded Credentials vulnerability in the Xylem AquaView SCADA system.
  • 1 (current)
  • 2
  • 3

Letzte Updates

BOSCH PSIRT
20.03.2024
CODESYS
28.06.2023
SIEMENS CERT
19.04.2024
US CERT
17.04.2024
US CERT (ICS)
25.04.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds