Bulletins

US CERT
02/19/2025

#StopRansomware: Ghost (Cring) Ransomware

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect …
SIEMENS CERT
02/19/2025

SSA-354569 V1.2 (Last Update: 2025-02-19): Multiple Vulnerabilities in Palo Alto Networks PAN-OS on RUGGEDCOM APE1808 Devices

Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. [1] https://security.paloaltonetworks.com/
SIEMENS CERT
02/17/2025

SSA-992434 V1.0: Directory Traversal Vulnerability in Third-Party Component in SiPass integrated

SiPass integrated is affected by a directory traversal vulnerability in the third-party component DotNetZip. The vulnerability could allow an attacker to execute arbitrary code on the application server, if a specially crafted backup set is used for a restore. Siemens has released a new version for SiPass integrated and recommends …
SIEMENS CERT
02/14/2025

SSA-246355 V1.1 (Last Update: 2025-02-14): Multiple Vulnerabilities in Tableau Server Component of Opcenter Intelligence

The Tableau Server component in Opcenter Intelligence contains multiple vulnerabilities as described below. Siemens has released a new version for Opcenter Intelligence and recommends to update to the latest version and to install the latest available version of Tableau Server as described in https://support.sw.siemens.com/knowledge-base/PL8822108.
SIEMENS CERT
02/11/2025

SSA-349422 V2.2 (Last Update: 2025-02-11): Denial of Service Vulnerability in Industrial Real-Time (IRT) Devices

A vulnerability in the affected products could allow an unauthorized attacker with network access to perform a denial-of-service attack resulting in loss of real-time synchronization. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes …
SIEMENS CERT
02/11/2025

SSA-354569 V1.1 (Last Update: 2025-02-11): Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices

Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. [1] https://security.paloaltonetworks.com/
SIEMENS CERT
02/11/2025

SSA-369369 V1.0: Weak Registry Permission Vulnerability in SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor

SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor contain a weak registry permission vulnerability that could allow an authenticated attacker to perform privilege escalation or bypass security measures. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
02/11/2025

SSA-398330 V2.3 (Last Update: 2025-02-11): Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). These GNU/Linux vulnerabilities have been externally identified. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not …