85 matches found
EUVD-2020-20850
Malware in sbrugna...
EUVD-2020-7782
Malware in sbrugna...
EUVD-2018-16634
Malware in sbrugna...
EUVD-2013-5776
Malware in sbrugna...
EUVD-2013-5546
Malware in sbrugna...
EUVD-2019-16126
Malware in sbrugna...
EUVD-2013-3566
Malware in sbrugna...
EUVD-2019-2656
Malware in sbrugna...
EUVD-2020-17916
Malware in sbrugna...
EUVD-2013-3567
Malware in sbrugna...
CVE-2019-10942
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X204RNA HSR All versions, SCALANCE X204RNA PRP All versions, SCALANCE X204RNA EEC HSR All...
Siemens Multiple RTOS Integer Overflow or Wraparound (CVE-2020-28895)
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. SCALANCE X-200, X-200IRT, and X-300...
Siemens Multiple RTOS Integer Overflow or Wraparound (CVE-2020-35198)
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...
Siemens SCALANCE Switch Families
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
CISA Releases Fifteen Industrial Control Systems Advisories
CISA released fifteen 15 Industrial Control Systems ICS advisories on February 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories f...
Siemens SCALANCE X Products Missing Authentication For Critical Function (CVE-2020-15799)
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The vulnerability could allow an unauthenticated attacker to reboot the device over the network by usin...
Siemens SCALANCE X Products Heap-Based Buffer Overflow (CVE-2020-25226)
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0. The web server of the affected devices contains a vulnerability that may lead to a buffer overflow...
Siemens SCALANCE X-200 switches Insufficient Entropy Source (CVE-2013-5709)
The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a value. This plugin...
Siemens SCALANCE X Switches Use of Hard-Coded Cryptographic Key (CVE-2020-28391)
A vulnerability has been identified in SCALANCE X-200 switch family incl. SIPLUS NET variants All versions V5.2.5, SCALANCE X-200IRT switch family incl. SIPLUS NET variants All versions V5.5.0, SCALANCE X-200RNA switch family All versions V3.2.7. Devices create a new unique key upon factory reset...
Siemens SCALANCE X-200 and X-200IRT Families Improper Neutralization of Input During Web Page Generation (CVE-2022-40631)
A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.0, SCALANCE X201-3P IRT All versions V5.5.0, SCALANCE X201-3P IRT PRO All versions V5.5.0, SCALANCE X202-2IRT All versions V5.5.0, SCALANCE X202-2P IRT All versions V5.5.0, SCALANCE X202-2P IRT PRO All versions V5.5.0,...