Bulletins | CERT@VDE

SSA-491245 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge

Titel

SSA-491245 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf

Text

Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as X_B, DWG, DXF, STL, STP, SLDPRT and PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker ...

SSA-482757 V1.1 (Last Update: 2023-02-14): Missing Immutable Root of Trust in S7-1500 CPU devices

Titel

SSA-482757 V1.1 (Last Update: 2023-02-14): Missing Immutable Root of Trust in S7-1500 CPU devices

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf

Text

Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot ...

SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family

Titel

SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf

Text

Insyde has published information on vulnerabilities in Insyde BIOS in November 2022. These vulnerabilities also affect the RUGGEDCOM APE1808 product family. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Titel

SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf

Text

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...

SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...

Titel

SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf

Text

SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products

Titel

SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf

Text

Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime

Titel

SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime

Veröffentlicht

14. Februar 2023 01:00

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf

Text

Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.

Donnerstag, 09.02.2023

19:00

US CERT

AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

Titel

AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

Veröffentlicht

9. Februar 2023 19:00

URL

https://us-cert.cisa.gov/ncas/alerts/aa23-040a

Text

Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...

16:25

Control By Web X-400, X-600M

Titel

Control By Web X-400, X-600M

Veröffentlicht

9. Februar 2023 16:25

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-01

Text

16:20

LS ELECTRIC XBC-DN32U

Titel

LS ELECTRIC XBC-DN32U

Veröffentlicht

9. Februar 2023 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-02

Text

16:15

Johnson Controls System Configuration Tool (SCT)

Titel

Johnson Controls System Configuration Tool (SCT)

Veröffentlicht

9. Februar 2023 16:15

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-03

Text

16:10

Horner Automation Cscape Envision RV

Titel

Horner Automation Cscape Envision RV

Veröffentlicht

9. Februar 2023 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-040-04

Text

16:05

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Titel

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Veröffentlicht

9. Februar 2023 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-179-02

Text

This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.

Mittwoch, 08.02.2023

17:14

US CERT

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Titel

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Veröffentlicht

8. Februar 2023 17:14

URL

https://us-cert.cisa.gov/ncas/alerts/aa23-039a

Text

Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...

Dienstag, 07.02.2023

16:00