• 1
  • 2
  • 3 (current)
Tuesday, 14.02.2023
01:00
SIEMENS CERT
SSA-491245 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge
Title
SSA-491245 V1.0: Multiple File Parsing Vulnerabilities in Solid Edge
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf
Summary
Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as X_B, DWG, DXF, STL, STP, SLDPRT and PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker ...
01:00
SIEMENS CERT
SSA-482757 V1.1 (Last Update: 2023-02-14): Missing Immutable Root of Trust in S7-1500 CPU devices
Title
SSA-482757 V1.1 (Last Update: 2023-02-14): Missing Immutable Root of Trust in S7-1500 CPU devices
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf
Summary
Affected models of the S7-1500 CPU product family do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot ...
01:00
SIEMENS CERT
SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family
Title
SSA-450613 V1.0: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf
Summary
Insyde has published information on vulnerabilities in Insyde BIOS in November 2022. These vulnerabilities also affect the RUGGEDCOM APE1808 product family. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
01:00
SIEMENS CERT
SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
Title
SSA-446448 V1.7 (Last Update: 2023-02-14): Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf
Summary
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, contains a vulnerability that could allow an attacker to cause a denial of service condition on affected industrial products. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further ...
01:00
SIEMENS CERT
SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 151...
Title
SSB-439005 V5.0 (Last Update: 2023-02-14): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssb-439005.pdf
Summary
01:00
SIEMENS CERT
SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products
Title
SSA-306654 V1.5 (Last Update: 2023-02-14): Insyde BIOS Vulnerabilities in Siemens Industrial Products
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf
Summary
Insyde has published information on vulnerabilities in Insyde BIOS in February 2022. This advisory lists the Siemens Industrial products affected by these vulnerabilities. Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.
01:00
SIEMENS CERT
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Title
SSA-252808 V1.0: XPath Constraint Vulnerability in Mendix Runtime
Published
Feb. 14, 2023, 1 a.m.
URL
https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf
Summary
Mendix applications contain an improper access control vulnerability that could allow an attacker to bypass XPath constraints and retrieve information using XPath queries that trigger errors. Siemens has released updates for the affected products and recommends to update to the latest versions.
Thursday, 09.02.2023
19:00
US CERT
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Title
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Published
Feb. 9, 2023, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-040a
Summary
Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...
16:25
US CERT (ICS)
Control By Web X-400, X-600M
Title
Control By Web X-400, X-600M
Published
Feb. 9, 2023, 4:25 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-01
Summary
16:20
US CERT (ICS)
LS ELECTRIC XBC-DN32U
Title
LS ELECTRIC XBC-DN32U
Published
Feb. 9, 2023, 4:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-02
Summary
16:15
US CERT (ICS)
Johnson Controls System Configuration Tool (SCT)
Title
Johnson Controls System Configuration Tool (SCT)
Published
Feb. 9, 2023, 4:15 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-03
Summary
16:10
US CERT (ICS)
Horner Automation Cscape Envision RV
Title
Horner Automation Cscape Envision RV
Published
Feb. 9, 2023, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-040-04
Summary
16:05
US CERT (ICS)
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)
Title
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)
Published
Feb. 9, 2023, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-179-02
Summary
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.
Wednesday, 08.02.2023
17:14
US CERT
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Title
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Published
Feb. 8, 2023, 5:14 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-039a
Summary
Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...
Tuesday, 07.02.2023
16:00
US CERT (ICS)
EnOcean SmartServer
Title
EnOcean SmartServer
Published
Feb. 7, 2023, 4 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-037-01
Summary
Thursday, 02.02.2023
16:25
US CERT (ICS)
Delta Electronics DIAScreen
Title
Delta Electronics DIAScreen
Published
Feb. 2, 2023, 4:25 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-01
Summary
16:20
US CERT (ICS)
Mitsubishi Electric GOT2000 Series and GT SoftGOT2000
Title
Mitsubishi Electric GOT2000 Series and GT SoftGOT2000
Published
Feb. 2, 2023, 4:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-02
Summary
16:15
US CERT (ICS)
Baicells Nova
Title
Baicells Nova
Published
Feb. 2, 2023, 4:15 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-03
Summary
16:10
US CERT (ICS)
Delta Electronics DVW-W02W2-E2
Title
Delta Electronics DVW-W02W2-E2
Published
Feb. 2, 2023, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-04
Summary
16:05
US CERT (ICS)
Delta Electronics DX-2100-L1-CN
Title
Delta Electronics DX-2100-L1-CN
Published
Feb. 2, 2023, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-23-033-05
Summary
16:00
US CERT (ICS)
Mitsubishi Electric Multiple Factory Automation Products (Update D)
Title
Mitsubishi Electric Multiple Factory Automation Products (Update D)
Published
Feb. 2, 2023, 4 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-22-221-01
Summary
  • 1
  • 2
  • 3 (current)

Last Updates

BOSCH PSIRT
20.03.2024
CODESYS
28.06.2023
SIEMENS CERT
19.04.2024
US CERT
17.04.2024
US CERT (ICS)
18.04.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds