Siemens S7-300/400 PLC Vulnerabilities (Update E)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-300 and SIMATIC S7-400 Vulnerabilities: Information Exposure, Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...

ICSA-19-134-05 Siemens SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update D)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from the same local network segment OSI Layer 2 Vendor: Siemens Equipment: SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C Vulnerability: Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a...

Siemens SIMATIC CP 44x-1 Redundant Network Access Modules

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC CP 44x-1 Redundant Network Access RNA modules Vulnerability: Improper Authentication AFFECTED PRODUCTS The following versions of the SIMATIC CP 44x-1 RNA, which connect SIMATIC S7-400 CPUs t...