Today CISA’s NCCIC-ICS published 12 control system security advisories for products from Sungrow, Siemens (11). They also published a medical device security advisory for products from Philips.
Advisories
Sungrow Advisory -
This advisory
describes 15 vulnerabilities in the Sungrow iSolarCloud Android App and WiNet
Firmware products.
SIMATIC Advisory #1 -
This advisory
describes two protection measure failure vulnerabilities in the Siemens SIMATIC
IPC family.
SIMATIC Advisory #2 -
This advisory
discusses five vulnerabilities in the Siemens SIMATIC S7-1500 TM MFP product.
SINEMA Advisory #1 -
This advisory
discusses six vulnerabilities in the Siemens SINEMA Remote Connect Client.
SINEMA Advisory #2 -
This advisory
discusses two vulnerabilities in the Siemens SINEMA Remote Connect Server.
OPC UA Advisory -
This advisory
discusses two vulnerabilities in the OPC UA component of multiple Siemens
products.
Tecnomatix Advisory -
This advisory
describes two files or directories accessible to external parties
vulnerabilities in the Siemens Tecnomatix Plant Simulation product.
SCALANCE Advisory #1 -
This advisory
describes a partial string comparison vulnerability in the Siemens SCALANCE
M-800 family.
SCALANCE Advisory #2 -
This advisory
describes seven vulnerabilities in the Siemens SCALANCE LPE9403 product.
SIMANICS Advisory -
This advisory
describes an improper authentication vulnerability in the Siemens SINAMICS S200.
The vulnerability is self-reported.
SiPass Advisory -
This advisory
describes three vulnerabilities in the Siemens SiPass integrated AC5102 and
ACC-AP products.
Teamcenter Advisory -
This advisory
describes eight vulnerabilities in the Siemens Teamcenter Visualization and
Tecnomatrix Plant Simulation products.
Philips Advisory -
This advisory
describes two vulnerabilities in the Philips Intellispace Cardiovascular (ISCV)
image and information management product.
For more information on these advisories, including links to 3rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/13-advisories-published-3-13-25 - subscription required.
Posts
No comments:
Post a Comment