Dienstag, 12.04.2022
02:00
SIEMENS CERT
SSA-593272 V1.6 (Last Update: 2022-04-12): SegmentSmack in Interniche IP-Stack based Industrial Devices
Titel
SSA-593272 V1.6 (Last Update: 2022-04-12): SegmentSmack in Interniche IP-Stack based Industrial Devices
Veröffentlicht
12. April 2022 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf
Text
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.
02:00
SIEMENS CERT
SSA-599968 V1.5 (Last Update: 2022-04-12): Denial-of-Service Vulnerability in Profinet Devices
Titel
SSA-599968 V1.5 (Last Update: 2022-04-12): Denial-of-Service Vulnerability in Profinet Devices
Veröffentlicht
12. April 2022 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf
Text
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of Profinet Discovery and Configuration Protocol (DCP) reset packets is sent to the affected devices. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens ...
02:00
SIEMENS CERT
SSA-913875 V1.3 (Last Update: 2022-04-12): Frame Aggregation and Fragmentation Vulnerabilities in 802.11
Titel
SSA-913875 V1.3 (Last Update: 2022-04-12): Frame Aggregation and Fragmentation Vulnerabilities in 802.11
Veröffentlicht
12. April 2022 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf
Text
Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published. Successful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation. The ...
02:00
SIEMENS CERT
SSA-661247 V2.7 (Last Update: 2022-04-12): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to...
Titel
SSA-661247 V2.7 (Last Update: 2022-04-12): Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Products
Veröffentlicht
12. April 2022 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
Text
On 2021-12-09, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”. On 2021-12-14 an additional denial of service vulnerability (CVE-2021-45046) ...
02:00
SIEMENS CERT
SSA-672373 V1.2 (Last Update: 2022-04-12): Vulnerabilities in CP 1543-1 before V2.0.28
Titel
SSA-672373 V1.2 (Last Update: 2022-04-12): Vulnerabilities in CP 1543-1 before V2.0.28
Veröffentlicht
12. April 2022 02:00
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-672373.pdf
Text
SIMATIC CP 1543-1 devices before V2.0.28 contain two vulnerabilities that could allow authorized users to escalate their privileges on the CP or create a denial of service condition. Siemens has released updates for the affected products and recommends to update to the latest versions.
Donnerstag, 07.04.2022
16:10
US CERT (ICS)
Pepperl+Fuchs WirelessHART-Gateway
Titel
Pepperl+Fuchs WirelessHART-Gateway
Veröffentlicht
7. April 2022 16:10
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-097-01
Text
This advisory contains mitigations for several vulnerabilities in Pepperl+Fuchs WirelessHART-Gateway industrial networking devices.
16:05
US CERT (ICS)
ABB SPIET800 and PNI800
Titel
ABB SPIET800 and PNI800
Veröffentlicht
7. April 2022 16:05
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-097-02
Text
This advisory contains mitigations for Incomplete Internal State Distinction, Improper Handling of Unexpected Data Type, and Uncontrolled Resource Consumption vulnerabilities in ABB Symphony Plus SPIET800 and PNI800 network interface modules.
Mittwoch, 06.04.2022
08:54
CODESYS
Sicherheitsupdate: CODESYS Security Advisories 2022-02 bis 2022-07
Titel
Sicherheitsupdate: CODESYS Security Advisories 2022-02 bis 2022-07
Veröffentlicht
6. April 2022 08:54
URL
https://feedpress.me/link/15744/15204167/sicherheitsupdate-codesys-security-advisories-2022-02-bis-2022-07.html
Text
Please check source url for more information.
Dienstag, 05.04.2022
16:15
US CERT (ICS)
LifePoint Informatics Patient Portal
Titel
LifePoint Informatics Patient Portal
Veröffentlicht
5. April 2022 16:15
URL
https://us-cert.cisa.gov/ics/advisories/icsma-22-095-01
Text
This advisory contains mitigations for an Authentication Bypass Using Alternate Path or Channel vulnerability in the LifePoint Informatics Patient Portal, a website containing patient health data.
16:00
US CERT (ICS)
Philips Vue PACS (Update B)
Titel
Philips Vue PACS (Update B)
Veröffentlicht
5. April 2022 16:00
URL
https://us-cert.cisa.gov/ics/advisories/icsma-21-187-01
Text
This updated advisory is a follow-up to the advisory update titled ICSMA-21-87-01 Philips Vue PACS (Update A) that was published January 20, 2022, to the ICS webpage on www.cisa.gov/uscert/ics. This advisory contains mitigations for numerous vulnerabilities in Philips Vue PACS products.

Letzte Updates

BOSCH PSIRT
20.03.2024
CODESYS
28.06.2023
SIEMENS CERT
19.04.2024
US CERT
17.04.2024
US CERT (ICS)
25.04.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds