BOSCH PSIRT
10/02/2024
BOSCH-SA-200802: Multiple vulnerabilities were discovered in the open source library \"libexpat\", affecting the XML parser functionality. These vulnerabilities allow for integer overflows and invalid negative values for buffer sizes. As this may affect the \"Import\" and \"Restore\" functionality - which use libexpat to parse XML files - of the device, …
BOSCH PSIRT
10/01/2024
BOSCH-SA-981803-BT: A vulnerability was discovered during internal testing of the Bosch Configuration Manager, which may temporarily store sensitive information of the configured system.
US CERT
09/30/2024
Summary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) are releasing this joint Cybersecurity Advisory to warn network defenders …
SIEMENS CERT
09/12/2024
Mendix Runtime contains an observable response discrepancy vulnerability when validating usernames during authentication. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
09/10/2024
SCALANCE W700 802.11 AX Family is affected by multiple vulnerabilities. Siemens recommends countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
09/10/2024
Siemens User Management Component (UMC) is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures …
SIEMENS CERT
09/10/2024
Mendix Runtime contains an observable response discrepancy vulnerability when validating usernames during authentication. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and …
SIEMENS CERT
09/10/2024
Unified Automation .NET based OPC UA Server SDK before 3.2.2 used in several industrial products are affected by a similar vulnerability as documented in CVE-2023-27321 for the OPC Foundation UA .NET Standard implementation. A successful attack may lead to high load situation and memory exhaustion, and may block the OPC …