SIEMENS CERT
02/10/2020
Siemens became aware that the discontinued products SIMATIC S7-1200 CPUs prior to version 4 could allow for the circumvention of user program block protection under certain conditions.
SIEMENS CERT
02/10/2020
A potential vulnerability was discovered in the web server’s authentication of SCALANCE X-200 switches that might allow attackers to hijack web sessions over the network without authentication. Siemens addresses the issue with a firmware update.
SIEMENS CERT
02/10/2020
SIEMENS CERT
02/10/2020
The latest product release of the SIMATIC S7-1200 CPU fixes two vulnerabilities. The more severe of these vulnerabilities could allow an attacker to inject HTTP headers if unsuspecting users are tricked to click on a malicious link. Another vulnerability resolved in this product release is discussed below.
SIEMENS CERT
02/10/2020
SIMATIC S7-400 CPUs are affected by a security vulnerability which could lead to a Denial-of-Service condition of the PLC if specially crafted packets are received and processed. The affected SIMATIC S7-400 CPU hardware versions are in the product cancellation phase or already phased-out. Siemens recommends customers either upgrading to a …
SIEMENS CERT
02/10/2020
The latest update for SIMATIC Panel software and SIMATIC WinCC (TIA Portal) fixes a vulnerability that could allow an attacker with network access to the web server to perform a HTTP header injection attack.
SIEMENS CERT
02/10/2020
The latest firmware update for the SCALANCE X-200IRT switch family fixes a vulnerability which could allow attackers to impersonate legitimate users of the web interface.
SIEMENS CERT
02/10/2020
The latest update for TIM 1531 IRC fixes a vulnerability. The device was missing proper authentication when connecting on port 102/tcp, although configured. An attacker needs to be able to connect to port 102/tcp of an affected device in order to exploit this vulnerability. The vulnerability could allow an attacker …