us-cert

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Omron Equipment: Sysmac Studio Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Omron engineering software are affected: Sysmac Studio: version 1.54 and prior 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHORIZATION CWE-285 Omron engineering applications install executables with low privileged user "write" permissions. This could allow an attacker to alter the files to execute arbitrary code. CVE-2022-45793 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: Japan 3.4 RESEARCHER Reid Wightman of D...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Omron Equipment: Sysmac CJ/CS/CP Series Vulnerability: Improper Control of Interaction Frequency 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information in memory. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Omron CJ/CS/CP series, programmable logic controllers, are affected: Smart Security Manager: Versions 1.4 and prior to 1.31 Smart Security Manager: Versions 1.5 and prior CJ2H-CPU ** (-EIP): version 1.4 and prior CJ2M-CPU ** : version 2.0 and prior CS1H/G-CPU ** H、CJ1G-CPU ** P: version 4.0 and prior CS1D-CPU ** H / -CPU ** P: version 1.3 and prior CS1D-CPU ** S: version 2.0 and prior CP1E-E / -N: version 1.2 and prior 3.2 Vulnerability Overview 3.2.1 IMPROPER CONTROL OF INTERACTION FREQUENCY CWE-799 Omron CJ/CS/CP series programmable logic controllers use the FINS protocol, which is vulner...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: low attack complexity Vendor: Siemens Equipment: SIMATIC PCS neo Administration Console Vulnerability: Insertion of Sensitive Information into Externally-Accessible File or Directory 2. RISK EVALUATION Successful exploitation of this vulnerability could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SIMATIC PCS neo (Administration Console): V4.0 SIMATIC PCS neo (Administration Console): V4.0 Update 1 3.2 Vulnerability Overview 3.2.1 Insertion of Sensitive Informat...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: WIBU Systems CodeMeter Vulnerability: Heap-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to escalate privileges or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: PSS(R)CAPE V14: All versions prior to V14.2023-08-23 PSS(R)CAPE V15: All versions prior to V15.0.22 PSS(R)E V34: All versions prior to V34.9.6 PSS(R)E V35: All versions PSS(R)ODMS V13.0: All versions PSS(R)ODMS V13.1: All versions prior to V13.1.12.1 SIMATIC PCS neo V3:...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC, SIPLUS Products Vulnerability: Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to create a denial-of-service condition by sending a specially crafted certificate. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00): All versions prior to v2.2 SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00): All versions prior to v2.2 SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Pavilion8 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve other user's sessions data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation Pavilion8, a model predictive control software, are affected: Pavilion8: versions v5.17.00 and v5.17.01 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHENTICATION CWE-287 The JMX Console within the Pavilion is exposed to application users and does not require authentication. If exploited, a malicious user could retrieve other application users' session data and or log users out of their sessions. CVE-2023-29463 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). 3.3 BACKGROUND CRITICAL INFRA...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Parasolid Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code in the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens Parasolid, a 3D geometric modeling tool, are affected: Parasolid V34.1: all versions prior to V34.1.258 Parasolid V35.0: all versions prior to V35.0.253 Parasolid V35.0: all versions prior to V35.0.260 Parasolid V35.1: all versions prior to V35.1.184 Parasolid V35.1: all versions prior to V35.1.246 Parasolid ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: SIMATIC Field PG and SIMATIC IPC Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local user to potentially read other users' data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: SIMATIC Field PG M6: All Versions SIMATIC IPC BX-39A: All Versions SIMATIC IPC PX-39A: All Versions SIMATIC IPC PX-39A PRO: All Versions SIMATIC IPC RW-543A: All Versions SIMATIC IPC627E: All Versions SIMATIC IPC647E: All Versions SIMATIC...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Product Family Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Buffer Underflow, Classic Buffer Overflow, Time-of-check Time-of-use Race Condition, Out-of-bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Improper Input Validation, Missing Release of Memory after Effective Lifetime, Improperly Implemented Security Check for Standard, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities on affected products could lead to inform...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: QMS Automotive Vulnerabilities: Plaintext Storage of a Password, Cleartext Storage of Sensitive Information in Memory, Generation of Error Message Containing Sensitive Information, Server-generated Error Message Containing Sensitive Information, Improper Verification of Cryptographic Signature, Insecure Storage of Sensitive Information, Cleartext Transmission of Sensitive Information, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of these vulnerabilitie...