Latest News

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC S7-200 SMART devices Vulnerability: Use of Insufficiently Random Values 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to create a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens programmable logic controllers are affected: Siemens SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0): All versions Siemens SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0): All versions Siemens SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0): All versions Siemens SIMATIC S7-20...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC, SIPLUS Vulnerabilities: Inadequate Encryption Strength, Improper Restriction of Operations within the Bounds of a Memory Buffer, Race Condition, Injection, Double Free, Integer Overflow or Wraparound, Improper Locking, NULL Pointer Dereference, Use-After-Free, Improper Input Validation, Improper Certificate Validation, Missing Release of Memory after Effective Lifetime, Out-of-bounds Read, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leak memory, create a denial-of-service condition...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC Traffic Analyzer Vulnerabilities: Out-of-bounds Write, Insufficient Session Expiration, Cross-Site Request Forgery (CSRF), Insufficiently Protected Credentials, Exposed Dangerous Method or Function, Cleartext Transmission of Sensitive Information, Sensitive Cookie in HTTPS Session Without 'Secure' Attribute, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition, disclose sensitive information, or modify files. 3. TECHNICAL DETAILS 3.1 AFFECTED PRO...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View SE Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow low-privilege users to edit scripts, bypassing access control lists, and potentially gain further access within the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports that the following versions of FactoryTalk Software are affected: FactoryTalk View SE: v12.0 3.2 Vulnerability Overview 3.2.1 Incorrect Permission Assignment for Critical Resource CWE-732 A privilege escalation vulnerability exists in FactoryTalk View SE. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system. CVE-2024-37369 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: PowerSys Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to bypass authentication, thereby gaining administrative privileges for the managed remote devices. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens are affected: Siemens PowerSys: versions prior to V3.11 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHENTICATION CWE-287 Siemens PowerSys insufficiently protects responses to authentication requests. This could allow a local attacker to bypass authentication, th...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerabilities: Out-of-bounds Read, Allocation of Resources Without Limits or Throttling, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service condition or execute code within the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products, are affected: Siemens JT2Go: All versions prior to V2312.0004 Siemens Teamcenter Visualization V14.2: All Versions Siemens Teamcenter Visualization V14.3: All versi...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE XM-400/XR-500 Vulnerabilities: Inadequate Encryption Strength, Double Free, Use-After-Free, Improper Input Validation, Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a memory leak or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products, are affected: Siemens SCALANCE XM408-4C (6GK5408-4GP00-2AM2): All versions prior to V6.6.1 Siemens SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2): All versions prior to V6.6.1 Sieme...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator Vulnerabilities: Out-of-Bound Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local attacker to perform code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Fuji Electric Tellus Lite V-Simulator, a remote monitoring and operation software, are affected: Tellus Lite V-Simulator: Versions prior to v4.0.20.0 3.2 Vulnerability Overview 3.2.1 OUT-OF-BOUNDS WRITE CWE-787 The affected product is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code. CVE-2024-37022 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-37022. A base sc...

Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don’t have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy and practical way to bring visibility and initial

Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to Cisco Talos, which are administered using another standalone tool referred to as GravityAdmin. The