• 1
  • 2 (current)
Tuesday, 13.07.2021
Title
SSA-462066 V2.4 (Last Update: 2021-07-13): Vulnerability known as TCP SACK PANIC in Industrial Products
Published
July 13, 2021, 2 a.m.
Summary
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition. Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further ...
Title
SSA-913875 V1.0: Frame Aggregation and Fragmentation Vulnerabilities in 802.11
Published
July 13, 2021, 2 a.m.
Summary
Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published. Successful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation. The ...
Title
SSA-941426 V1.0: Multiple LLDP Vulnerabilities in Industrial Products
Published
July 13, 2021, 2 a.m.
Summary
There are multiple vulnerabilities in an underlying Link Layer Discovery Protocol (LLDP) third party library. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
Title
SSA-203306 V1.5 (Last Update: 2021-07-13): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families
Published
July 13, 2021, 2 a.m.
Summary
SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules. Siemens has released updates for several affected products, and recommends specific countermeasures for the remaining products.
Title
SSA-324955 V1.2 (Last Update: 2021-07-13): SAD DNS Attack in Linux Based Products
Published
July 13, 2021, 2 a.m.
Summary
A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. The Siemens products which are affected are listed below. For more information please see https://www.saddns.net/. Siemens has released updates for several affected products and ...
Thursday, 01.07.2021
Title
Sensormatic Electronics C-CURE 9000
Published
July 1, 2021, 4:20 p.m.
Summary
This advisory contains mitigations for an Improper Input Validation vulnerability in Sensormatic Electronics C-CURE 9000 industrial software.
Title
Delta Electronics DOPSoft
Published
July 1, 2021, 4:15 p.m.
Summary
This advisory contains mitigations for Out-of-bounds Read vulnerabilities in Delta Electronics DOPSoft software.
Title
Mitsubishi Electric Air Conditioning System
Published
July 1, 2021, 4:10 p.m.
Summary
This advisory contains mitigations for an Incorrect Implementation of Authentication Algorithm vulnerability in Mitsubishi Electric air conditioning systems.
Title
Mitsubishi Electric Air Conditioning Systems
Published
July 1, 2021, 4:05 p.m.
Summary
This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air Conditioning Systems.
Title
All Bachmann M1 System Processor Modules
Published
July 1, 2021, 4 p.m.
Summary
This updated advisory is a follow-up to the advisory titled ICSA-21-026-01P All Bachmann M1 System Processor Modules, posted to the HSIN ICS library on January 26, 2021. This advisory is now being released to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for a Use of Password Hash with ...
  • 1
  • 2 (current)

Last Updates

BOSCH PSIRT
07.12.2022
CODESYS
27.01.2023
SIEMENS CERT
10.01.2023
US CERT
25.01.2023
US CERT (ICS)
26.01.2023

By Source

Archive

2023
2022
2021
2020
2019
2018
2017

Feeds