SIEMENS CERT
07/14/2020
Intel has published information on vulnerabilities in Intel products in November 2019. In this advisory Siemens only explicitly mentions the vulnerabilities from the “Intel® CPU Security Advisory” and one vulnerability from “Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory” and lists the Siemens IPC …
SIEMENS CERT
07/14/2020
Several industrial products are affected by a vulnerability that could allow remote attackers to conduct a Denial-of-Service (DoS) attack by sending specially crafted packets to port 161/udp (SNMP). Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
07/14/2020
A clear text transmission vulnerability in SIMATIC HMI panels could allow an attacker to access sensitive information under certain circumstances. Siemens recommends specific countermeasures to mitigate this vulnerability.
SIEMENS CERT
06/09/2020
Multiple SIMATIC Software products are affected by two vulnerabilities that could allow an attacker to manipulate project files that may lead to Remote Code Execution or Denial-of-Service attacks. Siemens has released updates to some of the affected products and recommends that customers update to the latest version. Siemens is preparing …
SIEMENS CERT
06/09/2020
A missing authentication vulnerability has been identified in SIEMENS LOGO!8 BM devices. The vulnerability could lead to an attacker reading and modifying the device configuration and obtain project files from the devices if the attacker has access to port 135/tcp.
SIEMENS CERT
06/09/2020
UltraVNC (V1.2.2.3 and below) vulnerabilities in the affected products could allow remote code execution, information disclosure and Denial-of-Service attacks under certain conditions. Siemens has released updates for the affected products and recommends that customers update to the latest versions.
SIEMENS CERT
06/09/2020
SSA-352504 (Last Update: 2020-06-09): Urgent/11 TCP/IP Stack Vulnerabilities in Siemens Power Meters
Siemens low & high voltage power meters are affected by multiple security vulnerabilities due to the underlying Wind River VxWorks network stack. This stack is affected by eleven vulnerabilities known as the "URGENT/11". The vulnerability could allow an attacker to execute a variety of exploits for the purpose of Denial-of-Service …
SIEMENS CERT
06/09/2020
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition. Siemens has released updates for several affected products, and recommends that customers update to the latest version. Siemens is preparing …