us-cert

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Deserialization of Untrusted Data, Improper Access Control, Exposed Dangerous Method or Function, Path Traversal, Improper Authentication, Command Injection, Incorrect Permission Assignment for Critical Resource, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to obtain access to files and credentials, escalate privileges, and remotely execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of InfraSuite Device Master, a real-time device monitoring software, are affected: Versions prior to 1.0.5 3.2 VULNERABILITY OVERVIEW 3.2.1    DESERIALIZATION OF UNTRUSTED DATA CWE-502 Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-stat...

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity  Vendor: VISAM  Equipment: VBASE  Vulnerabilities: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive information from the target device.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS VISAM reports these vulnerabilities affect the following VBASE products:   VBASE Automation Base: versions prior to 11.7.5  3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611  Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.  CVE-2022-41696 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).  3.2.2 IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611  Versions of VISAM VBASE Automation Base prior t...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity/public exploits available  Vendor: Siemens ProductCERT  Equipment: RUGGEDCOM APE1808 Product Family  Vulnerabilities: Time-of-check Time-of-use (TOCTOU) Race Condition  2. RISK EVALUATION Exploitation of these vulnerabilities on affected products could lead to system crashing or escalation of privileges.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected:  RUGGEDCOM APE1808 ADM (6GK6015-0AL20-0GL0) - vers:all/*  RUGGEDCOM APE1808 ADM CC (6GK6015-0AL20-0GL1) - vers:all/*  RUGGEDCOM APE1808 CKP (6GK6015-0AL20-0GK0) - vers:all/*  RUGGEDCOM APE1808 CKP CC (6GK6015-0AL20-0GK1)...

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity   Vendor: Rockwell Automation   Equipment: ThinManager ThinServer  Vulnerabilities: Path Traversal, Heap-Based Buffer Overflow  2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to potentially perform remote code execution on the target system/device or crash the software.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation ThinManager ThinServer, a thin client and remote desktop protocol (RDP) server management software, are affected:  ThinManager ThinServer: Versions 6.x – 10.x  ThinManager ThinServer: Versions 11.0.0 – 11.0.5  ThinManager ThinServer: Versions 11.1.0 – 11.1.5  ThinManager ThinServer: Versions 11.2.0 – 11.2.6  ThinManager ThinServer: Versions 12.0.0 – 12.0.4  ThinManager ThinServer: Versions 12.1.0 – 12.1.5  ThinManager ThinServer: Versions 13.0.0 – 13.0.1  3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER LIMIT...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely  Vendor: Siemens  Equipment: Various third-party components used in SCALANCE W-700 devices  Vulnerabilities: Generation of Error Message Containing Sensitive Information, Out-of-bounds Write, NULL Pointer Dereference, Out-of-bounds Read, Improper Input Validation, Release of Invalid Pointer or Reference, Use After Free, Prototype Pollution  2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or disclose sensitive data.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected:  SCALANCE WAM763-1 (6GK57...

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity   Vendor: Rockwell Automation   Equipment: ThinManager ThinServer  Vulnerabilities: Path Traversal, Heap-Based Buffer Overflow  2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to potentially perform remote code execution on the target system/device or crash the software.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation ThinManager ThinServer, a thin client and remote desktop protocol (RDP) server management software, are affected:  ThinManager ThinServer: Versions 6.x – 10.x  ThinManager ThinServer: Versions 11.0.0 – 11.0.5  ThinManager ThinServer: Versions 11.1.0 – 11.1.5  ThinManager ThinServer: Versions 11.2.0 – 11.2.6  ThinManager ThinServer: Versions 12.0.0 – 12.0.4  ThinManager ThinServer: Versions 12.1.0 – 12.1.5  ThinManager ThinServer: Versions 13.0.0 – 13.0.1  3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER LIMIT...

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Keysight Technologies Equipment: N6854A Geolocation Sever Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges in the affected device’s default configuration, resulting in remote code execution or deleting system files and folders. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Keysight monitoring products are affected: N6854A Geolocation Server versions 2.4.2 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1    DESERIALIZATION OF UNTRUSTED DATA CWE-502 N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and achieve remote code execution. CVE-2023-1399 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely / low attack complexity  Vendor: Siemens  Equipment: Mendix SAML Module  Vulnerability: Incorrect Implementation of Authentication Algorithm  2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated remote attackers to bypass authentication and gain access to the application.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected:  Mendix SAML (Mendix 7 compatible): Versions 1.16.4 to 1.17.2  Mendix SAML (Mendix 8 compatible): Versions 2.2.0 to 2.2.3  Mendix SAML (Mendix 9 compatible, New Track): Versions 3.1.9 to 3.2.5  Mendix SAML (Mendix ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely   Vendor: Siemens   Equipment: RUGGEDCOM CROSSBOW  Vulnerabilities: Missing Authorization  2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated remote attackers to perform unauthorized actions.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected:  Siemens RUGGEDCOM CROSSBOW: All versions prior to V5.2  3.2 VULNERABILITY OVERVIEW 3.2.1 MISSING AUTHORIZATION CWE-862  The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to...

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Honeywell  Equipment: OneWireless Wireless Device Manager (WDM)  Vulnerabilities: Command Injection, Use of Insufficiently Random Values, Missing Authentication for Critical Function  2. RISK EVALUATION Successful exploitation of these vulnerabilities could disclose sensitive information, allow privilege escalation, or allow remote code execution.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Honeywell reports these vulnerabilities affect the following versions of OneWireless WDM:   All versions up to R322.1 3.2 VULNERABILITY OVERVIEW 3.2.1 COMMAND INJECTION CWE-77  While a backup is in progress, malicious users could enter a system command along with a backup configuration, which could result in the execution of unwanted commands.   CVE-2022-46361 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:...