Stay connected

Trending News

Market, News, Reports, Uncategorized

Siemens Siveillance Video Mobile Server 

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Siemens Equipment: Siveillance Video 2022 R2 Vulnerability: Weak Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access the application without a valid account.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS…

Critical vulnerabiliities, News, Recommendations

Siemens LOGO! 8 BM Devices  

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: LOGO! 8 BM Devices Vulnerabilities: Buffer Copy without Checking Size of Input; Improper Input Validation; Improper Validation of Specified Index, Position, or Offset in Input. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could…

Critical vulnerabiliities, Industrial IoT (IIoT), IoT Security, Market, News, Recommendations

Siemens SINEC INS 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/Low attack complexity  Vendor: Siemens Equipment: SINEC INS Vulnerabilities: Improper Input Validation, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Command Injection, Inadequate Encryption Strength, Missing Encryption of Sensitive Data, Improper Restriction of Operations Within the Bounds of a Memory Buffer, Exposure…

ICS, IoT Security, News, Uncategorized

Siemens Linux-based Products (Update J) 

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Linux based products Vulnerability: Use of Insufficiently Random Values 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update I) that was published August 11, 2022, to the…

Industrial IoT (IIoT), News, Recommendations, Reports

Siemens EN100 Ethernet Module 

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the affected application leading to a…

Critical vulnerabiliities, News, Recommendations, Uncategorized, Vulnerabilities

Siemens PADS Standard/Plus Viewer 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: PADS Standard/Plus Viewer Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitations of these vulnerabilities could allow an attacker to trick a user into…

Critical vulnerabiliities, IoT Security, News, Recommendations, Vulnerabilities

Siemens SCALANCE LPE9403 Third-Party Vulnerabilities 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely, low attack complexity Vendor: Siemens Equipment: SCALANCE LPE9403 Vulnerabilities: Multiple 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause crashes and unrestricted file access, impacting the product’s confidentiality, integrity, and availability. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following…