SIEMENS CERT
04/12/2022
Vulnerabilities have been identified in devices of the SCALANCE W-1700 (11ac) family that could allow an attacker to cause various denial of service conditions. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
04/12/2022
An attacker could achieve privilege escalation on the web server of certain devices configured by SIMATIC STEP 7 (TIA Portal) due to incorrect handling of the webserver’s user management configuration during downloading. This only affects the S7-1200 and S7-1500 CPUs’ (incl. related ET200 CPUs and SIPLUS variants) web server, when …
SIEMENS CERT
04/12/2022
SICAM A8000 CP-8050 and CP-8031 devices contain vulnerabilities that could allow an attacker to access files without authentication. Siemens has released updates for the affected products and recommends to update to the latest versions.
SIEMENS CERT
04/12/2022
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The underlying TCP stack can be forced to make very computation expensive calls for every incoming packet which can lead to a Denial-of-Service.
SIEMENS CERT
04/12/2022
Vulnerabilities in the third-party component strongSwan could allow an attacker to cause a denial of service (DoS) condition in affected devices by exploiting integer overflow bugs. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends countermeasures …
SIEMENS CERT
04/12/2022
Various industrial products use the Discovery Service of the OPC UA protocol stack by the OPC foundation https://github.com/OPCFoundation/UA-.NETStandard and could therefore be affected by the remote resource consumption attacks (CVE-2017-12069).
SIEMENS CERT
04/12/2022
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition. Siemens has released updates for several affected products and recommends to update to the new versions. Siemens is preparing further …
SIEMENS CERT
04/12/2022
A Denial-of-Service vulnerability has been identified in SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional and SIMATIC NET PC-Software. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are …