SIEMENS CERT
02/11/2020
Intel has published information on vulnerabilities in Intel products in November 2019. In this advisory Siemens only explicitly mentions the vulnerabilities from the "Intel® CPU Security Advisory" and one vulnerability from "Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory" and lists the Siemens IPC …
SIEMENS CERT
02/11/2020
S7-300/S7-400 and S7-1200 CPU families are affected by a vulnerability that could allow remote attackers to perform a Denial-of-Service attack by sending a specially crafted HTTP request to the web server of an affected device. Siemens has released updates for several affected products, is working on updates for the remaining …
SIEMENS CERT
02/11/2020
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing …
SIEMENS CERT
02/11/2020
Security researchers published information on vulnerabilities known as ZombieLoad and Microarchitectural Data Sampling (MDS). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
SIEMENS CERT
02/11/2020
The firmware for SCALANCE S-600 family devices contains multiple web vulnerabilities. The vulnerabilities could allow an remote attacker to conduct Denial-of-Service attacks or perform Cross-Site Scripting attacks. Siemens recommends to migrate to SCALANCE SC-600 Industrial Security Appliances.
SIEMENS CERT
02/11/2020
A vulnerability in affected devices could allow an attacker to perform a denial-of-service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates …
SIEMENS CERT
02/11/2020
OZW672 and OZW772 Web Server versions < 10.00 contain a vulnerability that could allow unauthenticated users to access project files under certain conditions. Siemens has released Version 10.00 that fixes the vulnerability and recommends to update all web servers.