SIEMENS CERT
01/14/2020
The EN100 Ethernet communication modules are affected by security vulnerabilities which could allow an attacker to disclose information. Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.
SIEMENS CERT
01/14/2020
Microsoft has released updates for several versions of Microsoft Windows, which fix a vulnerability in the Remote Desktop Service. The vulnerability could allow an unauthenticated remote attacker to execute arbitrary code on the target system if the system exposes the service to the network. RAPIDPoint® 500 systems operating on Windows …
SIEMENS CERT
01/14/2020
A vulnerability in SIMATIC WinAC RTX (F) 2010 controller software could allow an attacker to perform a denial-of-service attack if a large HTTP request is sent to the network port of the host where WinAC RTX is running. Siemens has released SIMATIC WinAC RTX (F) 2010 incl. SP3 Update 1 …
SIEMENS CERT
12/10/2019
There is an access mode used during manufacturing of SIMATIC S7-1200 and S7-200 SMART CPUs that allows additional diagnostic functionality. Using this functionality requires physical access to the UART interface during boot process. Siemens is working on a solution and recommends specific countermeasures until the solution is available.
SIEMENS CERT
12/10/2019
Two vulnerabilities have been identified in the SIMATIC S7-1200 and S7-1500 CPU families. One vulnerability could allow an attacker with network access to affected devices to modify the user program stored on these devices such that the source code differs from the actual running code. The other vulnerability could allow …
SIEMENS CERT
12/10/2019
Security researchers published information on vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
SIEMENS CERT
12/10/2019
SIMATIC CP 343-1 Advanced/CP-443-1 Advanced devices and SIMATIC S7-300/S7-400 CPUs are affected by two vulnerabilities. One of the vulnerabilities could allow remote attackers to perform operations as an authenticated user under certain conditions. Siemens has released updates for SIMATIC CP 343-1 Advanced and SIMATIC CP 443-1 Advanced devices. Siemens recommends …
SIEMENS CERT
12/10/2019
The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on …