EUVD-2018-16619

Malware in sbrugna...

Siemens SIMATIC, SINUMERIK, and PROFINET IO Improper Input Validation (CVE-2018-4843)

A vulnerability has been identified in SIMATIC CP 343-1 incl. SIPLUS variants All versions, SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP 443-1 Advanced All versions V3.3, SIMATIC ET 200pro IM154-8...

Design/Logic Flaw

A vulnerability has been identified in RFID 181EIP All versions, RUGGEDCOM Win V4.4, V4.5, V5.0, and V5.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.3, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.4.1, SCALANCE X-200RNA switch family All...

CVE-2018-4833

Siemens CVE-2018-4833 affects RFID 181-EIP, RUGGEDCOM Win (V4.4–V5.1), SCALANCE X-200/X-IRT/X-200RNA/X-300/X408/X414, and SIMATIC RF182C. Root cause is a heap-based buffer overflow (CWE-122) that allows unprivileged remote attackers in the same L2 network to execute arbitrary code by sending a sp...

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update D)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from the same local network segment OSI Layer 2 Vendor: Siemens Equipment: SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C Vulnerability: Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions V7.0.3, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions V7.0.3, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions V7.0.3, SIMATIC S7-400 CPU 416F-3 PN/DP V7 All versions V7.0.3, SIMATIC CP 343-1 incl. SIPLUS varian...

CVE-2018-4843

CVE-2018-4843 affects Siemens SIMATIC/PROFINET devices (CP 343-1/CP 443-1, ET 200S/ET 200pro, S7-1500/300/400 families, WinAC RTX, SINUMERIK, Softnet PROFINET IO, etc.). The flaw is improper input validation in handling PROFINET DCP requests, allowing a specially crafted DCP packet to trigger a d...

Siemens SIMATIC, SINUMERIK, and PROFINET IO (Update D)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

[Windbgshark] Windbg extension for VM traffic manipulation and analysis

This project includes an extension for the windbg debugger as well as a driver code, which allow you to manipulate the virtual machine network traffic and to integrate the wireshark protocol analyzer with the windbg commands. The motivation of this work came from the intention to find a handy...