Bulletins | CERT@VDE

Boston Scientific Zoom Latitude

Title

Boston Scientific Zoom Latitude

Published

Sept. 30, 2021, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsma-21-273-01

Summary

This advisory contains mitigations for Use of Password Hash with Insufficient Computational Effort, Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques, Improper Access Control, Missing Support for Integrity Check, and Reliance on Component That is Not Updateable vulnerabilities in the Boston Scientific Zoom Latitude programmer/recorder/monitor (PRM) ...

Tuesday, 28.09.2021

SSA-728618 V1.0: Multiple Vulnerabilities in Solid Edge before SE2021MP8

Title

SSA-728618 V1.0: Multiple Vulnerabilities in Solid Edge before SE2021MP8

Published

Sept. 28, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf

Summary

Siemens has released a new version for Solid Edge that fixes multiple file parsing vulnerabilities which could be triggered when the application reads files in IFC, JT or OBJ formats. If a user is tricked to opening a malicious file using the affected application this could lead the application to ...

Thursday, 23.09.2021

16:10

https://us-cert.cisa.gov/ics/advisories/icsa-21-266-01

Trane Symbio

Title

Trane Symbio

Published

Sept. 23, 2021, 4:10 p.m.

URL

Summary

This advisory contains mitigations for a Code Injection vulnerability in Trane Symbio 700 and Symbio 800 controllers.

16:05

https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02

Trane Tracer

Title

Trane Tracer

Published

Sept. 23, 2021, 4:05 p.m.

URL

Summary

This advisory contains mitigations for a Code Injection vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge building automation products.

16:00

Ovarro TBox (Update A)

Title

Ovarro TBox (Update A)

Published

Sept. 23, 2021, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-054-04

Summary

This updated advisory is a follow-up to the advisory update titled ICSA-21-054-04 Ovarro TBox that was published March 23, 2021, to the ICS webpage on us-cert.cisa.gov. The original advisory was titled ICSA-21-054-04P Ovarro TBox and posted to the HSIN ICS library on February 23, 2021. This advisory contains mitigations for ...

Wednesday, 22.09.2021

19:00

US CERT

AA21-265A: Conti Ransomware

Title

AA21-265A: Conti Ransomware

Published

Sept. 22, 2021, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa21-265a

Summary

Original release date: September 22, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. ...

Thursday, 16.09.2021

19:00

US CERT

AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

Title

AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

Published

Sept. 16, 2021, 7 p.m.

URL

https://us-cert.cisa.gov/ncas/alerts/aa21-259a

Summary

Original release date: September 16, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation ...

16:05

Siemens RUGGEDCOM ROX

Title

Siemens RUGGEDCOM ROX

Published

Sept. 16, 2021, 4:05 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-259-01

Summary

This advisory contains mitigations for Exposure of Sensitive Information to an Unauthorized Actor, Execution with Unnecessary Privileges, and Improper Handling of Insufficient Permissions or Privileges vulnerabilities in Siemens RUGGEDCOM ROX devices.

16:00

Schneider Electric EcoStruxure and SCADAPack

Title

Schneider Electric EcoStruxure and SCADAPack

Published

Sept. 16, 2021, 4 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-259-02

Summary

This advisory contains mitigations for a Path Traversal vulnerability in Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, SCADAPack RemoteConnect software designed for the x70 SCADAPack system.

Tuesday, 14.09.2021

17:26

Digi PortServer TS 16

Title

Digi PortServer TS 16

Published

Sept. 14, 2021, 5:26 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-01

Summary

This advisory contains mitigations for an Improper Authentication vulnerability in Digi PortServer TS 16 terminal servers.

17:24

Johnson Controls Sensormatic Electronics KT-1

Title

Johnson Controls Sensormatic Electronics KT-1

Published

Sept. 14, 2021, 5:24 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-02-0

Summary

This advisory contains mitigations for an Authentication Bypass by Capture-replay vulnerability in Sensormatic Electronics KT-1 door controllers. Sensormatic Electronics is a subsidiary of Johnson Controls.

17:22

Schneider Electric Struxureware Data Center Expert

Title

Schneider Electric Struxureware Data Center Expert

Published

Sept. 14, 2021, 5:22 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-03

Summary

This advisory contains mitigations for OS Command Injection, and Path Traversal vulnerabilities in Schneider Electric Struxureware Data Center Expert monitoring software.

17:20

Siemens Simcenter Femap

Title

Siemens Simcenter Femap

Published

Sept. 14, 2021, 5:20 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-04

Summary

This advisory contains mitigations for an Out-of-bounds Read vulnerability in the Siemens Simenter Femap simulation application.

17:18

Siemens Simcenter STAR-CCM+ Viewer

Title

Siemens Simcenter STAR-CCM+ Viewer

Published

Sept. 14, 2021, 5:18 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-05

Summary

This advisory contains mitigations for an Out-of-bounds Write vulnerability in the Siemens Simcenter Star-CCM+ Viewer simulation application.

17:16

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-06

Siemens SIMATIC CP

Title

Siemens SIMATIC CP

Published

Sept. 14, 2021, 5:16 p.m.

URL

Summary

This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in Siemens SIMATIC CP communication processors.

17:14

Siemens APOGEE and TALON

Title

Siemens APOGEE and TALON

Published

Sept. 14, 2021, 5:14 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-07

Summary

This advisory contains mitigations for a Classic Buffer Overflow vulnerability in Siemens APOGEE and TALON building automation systems.

17:12

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-08

Siemens Teamcenter

Title

Siemens Teamcenter

Published

Sept. 14, 2021, 5:12 p.m.

URL

Summary

This advisory contains mitigations for Privilege Defined with Unsafe Actions, Authorization Bypass Through User-Controlled Key, and Improper Restriction of XML External Entity Reference vulnerabilities in the Siemens Teamcenter virtualization platform.

17:12

Siemens Teamcenter Active Workspace

Title

Siemens Teamcenter Active Workspace

Published

Sept. 14, 2021, 5:12 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-08

Summary

This advisory contains mitigations for a Path Traversal vulnerability in the Siemens Teamcenter Active Workspace product lifecycle management system.

17:10

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-09

Siemens NX

Title

Siemens NX

Published

Sept. 14, 2021, 5:10 p.m.

URL

Summary

This advisory contains mitigations for Use After Free, and Out-of-bounds Read vulnerabilities in Siemens NX industrial software.

17:08

Siemens SIPROTEC 5 relays

Title

Siemens SIPROTEC 5 relays

Published

Sept. 14, 2021, 5:08 p.m.

URL

https://us-cert.cisa.gov/ics/advisories/icsa-21-257-10

Summary

This advisory contains mitigations for Classic Buffer Overflow vulnerabilities in Siemens SIPROTEC 5 relays.

SSA-535380 V1.0: Command Injection Vulnerability in Siveillance OIS Affecting Several Building Management Systems

Title

SSA-535380 V1.0: Command Injection Vulnerability in Siveillance OIS Affecting Several Building Management Systems

Published

Sept. 14, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf

Summary

The Siveillance Open Interface Services (OIS) application used for integration of different subsystems to several Siemens building management systems contains a command injection vulnerability that could allow a remote unauthenticated attacker to execute code on the affected system with root privileges. Siemens has released patches and updates for Siveillance OIS ...

SSA-330339 V1.0: Web Vulnerabilities in SINEC NMS

Title

SSA-330339 V1.0: Web Vulnerabilities in SINEC NMS

Published

Sept. 14, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-330339.pdf

Summary

A recent update for SINEC NMS fixed multiple vulnerabilities. The most severe of these vulnerabilities could allow an attacker to manipulate the SINEC NMS configuration by tricking an admin to click on a malicious link. Siemens has released an update for SINEC NMS and recommends to update to the latest ...

SSA-316383 V1.0: NumberJack Vulnerability in LOGO! CMR family and SIMATIC RTU 3000 family

Title

SSA-316383 V1.0: NumberJack Vulnerability in LOGO! CMR family and SIMATIC RTU 3000 family

Published

Sept. 14, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-316383.pdf

Summary

A vulnerability has been identified in the underlying TCP/IP stack of LOGO! CMR family and SIMATIC RTU 3000 family devices. It could allow an attacker with network access to the LAN interface of an affected device to hijack an ongoing connection or spoof a new one. The WAN interface, however, ...

SSA-535997 V1.0: Cleartext Storage of Sensitive Information in Multiple SIMATIC Products

Title

SSA-535997 V1.0: Cleartext Storage of Sensitive Information in Multiple SIMATIC Products

Published

Sept. 14, 2021, 2 a.m.

URL

https://cert-portal.siemens.com/productcert/pdf/ssa-535997.pdf

Summary

A cleartext vulnerability was found in the SIMATIC communication processors CP 1543-1 and CP 1545-1 that could allow an attacker to read sensitive information. Siemens has released an update for the SIMATIC CP 1543-1 (incl. SIPLUS variants) and recommends to update to the latest version. Siemens is preparing further updates ...