Schneider Electric EcoStruxure (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Schneider Electric Uni-Telway Driver (Update D)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Siemens SIMATIC PCS neo, TIA Administrator, and TIA Portal

SUMMARY Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout. Siemens has released new versions for several...

Siemens Opcenter Intelligence

SUMMARY The Tableau Server component in Opcenter Intelligence contains multiple vulnerabilities as described below. Siemens has released a new version for Opcenter Intelligence and recommends to update to the latest version and to install the latest available version of Tableau Server as...

Siemens Questa and ModelSim

SUMMARY Questa and ModelSim incl. OEM Editions are affected by a vulnerability that could allow a local attacker to inject arbitrary code and escalate privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL...

Siemens RUGGEDCOM APE1808

SUMMARY Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications. 2. GENERAL...

Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor

SUMMARY SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor contain a weak registry permission vulnerability that could allow an authenticated attacker to perform privilege escalation or bypass security measures. Siemens recommends specific countermeasures for products where fixes are not, or not...

Siemens Apogee PXC100 Devices

SUMMARY Apogee PXC and Talon TC contain a vulnerability that could allow an attacker to perform a denial of service using a out-of-bounds read forcing the device to enter a cold state and a vulnerability that would allow an attacker to decrypt the passwords of the device. Siemens recommends...

Siemens Teamcenter

SUMMARY The SSO login service in Teamcenter contains an open redirect vulnerability that could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. Siemens has released a new version for Teamcenter and recommends to update to the latest...

Siemens SCALANCE W700 IEEE 802.11ax

SUMMARY SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

Siemens SIPROTEC 5 Devices

SUMMARY An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is...

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices contain a development shell which is accessible via a physical interface which is not properly restricted. This could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device. Siemens has released...

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices do not encrypt certain data within the on-board flash storage on their PCB. This could allow an attacker with physical access to read the sensitive information from the filesystem of the device. Siemens is preparing fix versions and recommends specific...

Siemens SIMATIC

SUMMARY The webserver of several SIMATIC products is affected by a user enumeration vulnerability that could allow an unauthenticated remote attacker to identify valid usernames. Siemens has released new versions for several affected products and recommends to update to the latest versions...

Siemens SIMATIC S7-1200 CPU Family

SUMMARY SIMATIC S7-1200 CPU family before V4.7 is affected by two denial of service vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

Siemens OpenV2G

SUMMARY The open source software OpenV2G contains a buffer overflow vulnerability that could allow an attacker to trigger a memory corruption. Siemens has released an update for the OpenV2G and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure,...

MicroDicom DICOM Viewer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to alter network traffic and perform a machine-in-the-middle MITM attack. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

Trimble Cityworks (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to perform a remote code execution. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides...

Orthanc Server

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify records, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

ABB ASPECT-Enterprise NEXUS and MATRIX Series

SUMMARY ABB became aware of vulnerabilities in the product versions listed as affected in the advisory. ASPECT devices are not intended to be internet-facing. A product advisory issued in June 2023 informed customers of this already. An attacker who successfully exploits these vulnerabilities...

Schneider Electric Web Designer for Modicon

RISK EVALUATION Successful exploitation of this vulnerability could result in information disclosure, workstation integrity and potential remote code execution on the compromised computer. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

AutomationDirect C-more EA9 HMI

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition or achieve remote code execution on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

Elber Communications Equipment

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker unauthorized administrative access to the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as:...

Western Telematic Inc NPS Series, DSM Series, CPM Series

RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to gain privileged access to files on the device's filesystem. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

Rockwell Automation GuardLogix 5380 and 5580 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote, non-privileged user to send malicious requests resulting in a major nonrecoverable fault causing a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

Contec Health CMS8000 Patient Monitor (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely send specially formatted UDP requests or connect to an unknown external network that would allow them to write arbitrary data, resulting in remote code execution. The device may also leak patient...

Rockwell Automation KEPServer

RISK EVALUATION Successful exploitation of this vulnerability could cause the device to crash. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...

New Rock Technologies Cloud Connected Devices

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker full control of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

Rockwell Automation FactoryTalk AssetCentre

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to extract passwords, access, credentials, or impersonate other users. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

Rockwell Automation FactoryTalk View Site Edition

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain unauthenticated access to system configuration files and execute DLLs with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

Rockwell Automation FactoryTalk

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code on the device with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

Schneider Electric Power Logic

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to modify data or cause a denial-of-service condition on web interface functionality. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

Rockwell Automation DataMosaix Private Cloud

RISK EVALUATION Successful exploitation of these vulnerabilities could overwrite reports, including user projects. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

mySCADA myPRO Manager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

HMS Networks Ewon Flexy 202

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive user credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

ABB FLXEON Controllers

SUMMARY An update is available that resolves a privately reported vulnerability in the product versions listed as affected in this advisory. FLXEON devices are not intended to be internet-facing. A product advisory issued in June 2023 informed customers of this parameter. An attacker can...

ECOVACS lawnmower and vacuum vulnerabilities

RISK EVALUATION ECOVACS lawnmowers, vacuums, and other robots contain multiple vulnerabilities. In some cases, using a combination of vulnerabilities, an attacker within Bluetooth range or with appropriate network access can take complete control of a robot device. Some vulnerabilities allow an...

Fedora Repository fedoraIntCallUser default credentials and insecure archive extraction

RISK EVALUATION Fedora Repository 3.8 includes default user credentials and allows path traversal when extracting uploaded archive files. An attacker can exploit these vulnerabilities to read sensitive data and execute arbitrary commands with the privileges of the Java web application server...

ZF Roll Stability Support Plus (RSSPlus)

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely proximal/adjacent with RF equipment call diagnostic functions which could impact both the availability and integrity. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

Fuji Electric Alpha5 SMART

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

TrueFiling authorization bypass via user-controlled keys

RISK EVALUATION TrueFiling trusts some client-controlled identifiers passed in URL requests to retrieve information. Platform users must self-register for an account, and once authenticated, could manipulate those identifiers to gain partial access to case information and the ability to...

B&R Automation Runtime

SUMMARY An update is available that resolves a privately reported vulnerability in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability may masquerade as services on affected devices. 2. WORKAROUNDS The mechanism of creating self...

Belledonne Communications Linphone-Desktop

RISK EVALUATION Successful exploitation of this vulnerability could could result in a remote attacker causing a denial-of-service condition on the affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

Schneider Electric EcoStruxure (Update D)

RISK EVALUATION Successful exploitation of this vulnerability allows for local privilege escalation, which could lead to the execution of a malicious DLL. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service of the product when an unauthenticated user sends a crafted HTTPS packet to the webserver. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior...

Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could cause information disclosure of a restricted web page, modification of a web page and a denial of service when specific web pages are modified and restricted functions are invoked. 2. RECOMMENDED PRACTICES CISA reminds...

Schneider Electric EcoStruxure Power Build Rapsody

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Siemens Siveillance Video Camera

SUMMARY Several camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions. Siemens has released an update...

Siemens SIMATIC S7-1200 CPUs

SUMMARY The web interface of SIMATIC S7-1200 CPUs before V4.7 is affected by a cross-site request forgery CSRF vulnerability. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure,...

Schneider Electric Pro-face GP-Pro EX and Remote HMI (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow man-in-the-middle attacks which could result in information disclosure, integrity issues and operational failures. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...