https://cert-portal.siemens.com/productcert/rss/advisories_energy_management_products.atomSiemens ProductCERT Security Advisories2024-03-12T00:00:00+00:00Siemens ProductCERTproductcert@siemens.comSiemens ProductCERTSiemens Security Advisorieshttps://cert-portal.siemens.com/productcert/html/ssa-552874.htmlSSA-552874 V1.3 (Last Update: 2024-03-12): Denial of Service Vulnerability in SIPROTEC 5 Devices2024-03-12T00:00:00+00:00<p>Devices of the SIPROTEC 5 family contain a vulnerability related to secure client-initiated renegotiation. This could allow an unauthenticated attacker to cause a denial of service condition for the duration of the attack.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/html/ssa-322980.htmlSSA-322980 V1.3 (Last Update: 2024-03-12): Denial of Service Vulnerability in SIPROTEC 5 Devices2024-03-12T00:00:00+00:00<p>SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/html/ssa-583634.htmlSSA-583634 V1.0: Command Injection Vulnerability in the CPCI85 Firmware of SICAM A8000 Devices2024-01-09T00:00:00+00:00<p>The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by a command injection vulnerability that could allow an authenticated remote attacker to inject commands that are executed on the device with root privileges during device startup.</p>
<p>Siemens has released new versions for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-570294.htmlSSA-570294 V1.1 (Last Update: 2024-01-09): Multiple Vulnerabilities in SICAM Q100 Before V2.502024-01-09T00:00:00+00:00<p>SICAM Q100 devices contain multiple vulnerabilities that could allow an attacker to take over the session of a logged in user or to inject custom code.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-480095.htmlSSA-480095 V1.1 (Last Update: 2024-01-09): Vulnerabilities in the Web Interface of SICAM Q100 Devices before V2.602024-01-09T00:00:00+00:00<p>The web server of SICAM Q100 devices, versions before V2.60, contains a Cross Site Request Forgery (CSRF) vulnerability and is missing cookie protection flags. This could allow an attacker to perform arbitrary actions on the device on behalf of a legitimate user, or impersonate that user.</p>
<p>Siemens has released new versions for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-480095.htmlSSA-480095 V1.0: Vulnerabilities in the Web Interface of SICAM Q100 Devices before V2.602023-12-12T00:00:00+00:00<p>The web server of SICAM Q100 devices, versions before V2.60, contains a Cross Site Request Forgery (CSRF) vulnerability and is missing cookie protection flags. This could allow an attacker to perform arbitrary actions on the device on behalf of a legitimate user, or impersonate that user.</p>
<p>Siemens has released new versions for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-617233.htmlSSA-617233 V1.0: Urgent/11 TCP/IP Stack Vulnerabilities in SIPROTEC 4 7SJ66 Devices2023-11-14T00:00:00+00:00<p>SIPROTEC 4 7SJ66 devices are affected by multiple security vulnerabilities due to the underlying Wind River VxWorks network stack. This stack is affected by nine of the eleven vulnerabilities that are also known as “URGENT/11”.</p>
<p>The vulnerabilities could allow an attacker to execute a variety of exploits for the purpose of denial of service (DoS), data extraction, remote code execution, etc. targeting availability, integrity and confidentiality of the devices and data.</p>
<p>Siemens has released a new version for SIPROTEC 4 7SJ66 and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/html/ssa-770890.htmlSSA-770890 V1.0: Path Traversal Vulnerability in the Web Server of CPCI85 Firmware of SICAM A8000 Devices2023-10-10T00:00:00+00:00<p>The web server in the CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by a path traversal vulnerability that could allow an authenticated remote attacker to traverse directories on the system, download arbitrary files and potentially escalate privileges to the administrator role.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-134651.htmlSSA-134651 V1.0: Hard Coded SSH ID in CPCI85 Firmware of SICAM A8000 Devices2023-10-10T00:00:00+00:00<p>The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 contains a hard-coded ID in the SSH <code>authorized_keys</code> configuration file. An attacker with knowledge of the corresponding credential could login to the device via SSH. Only devices with activated debug support are affected.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-035466.htmlSSA-035466 V1.0: Incorrect Permission Assignment in SICAM PAS/PQS2023-10-10T00:00:00+00:00<p>SICAM PAS/PQS is affected by insecure permission assignments in application folders that could allow an authenticated local attacker to read and modify configuration data or to escalate privileges.</p>
<p>Siemens has prepared a security patch and recommends to run it on affected systems to fix the permissions of the impacted folders. This security patch will be integral part of the upcoming SICAM PAS/PQS V8.22 and later versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-552874.htmlSSA-552874 V1.2 (Last Update: 2023-09-12): Denial of Service Vulnerability in SIPROTEC 5 Devices2023-09-12T00:00:00+00:00<p>Devices of the SIPROTEC 5 family contain a vulnerability related to secure client-initiated renegotiation. This could allow an unauthenticated attacker to cause a denial of service condition for the duration of the attack.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/html/ssa-322980.htmlSSA-322980 V1.2 (Last Update: 2023-09-12): Denial of Service Vulnerability in SIPROTEC 5 Devices2023-09-12T00:00:00+00:00<p>SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/html/ssa-975961.htmlSSA-975961 V1.0: Privilege Escalation Vulnerabilities in SICAM TOOLBOX II before V07.102023-08-08T00:00:00+00:00<p>SICAM TOOLBOX II contains two vulnerabilities that could allow local attackers to execute code on the system with elevated privileges.</p>
<p>Siemens has released an update for SICAM TOOLBOX II and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/html/ssa-223771.htmlSSA-223771 V1.3 (Last Update: 2023-08-08): SISCO Stack Vulnerability in SIPROTEC 5 Devices2023-08-08T00:00:00+00:00<p>A vulnerability in the third party component SISCO MMS-EASE could allow attackers to cause a denial of service condition with SIPROTEC 5 devices.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-887249.htmlSSA-887249 V1.0: Multiple Vulnerabilities in the Web Interface of SICAM Q200 Devices2023-06-13T00:00:00+00:00<p>Multiple vulnerabilities were identified in the webserver of Q200 devices. These include Cross Site Request Forgery (CSRF), session fixation, missing secure flags in HTTP cookies and memory corruption issues due to missing input validation that could lead to remote code execution.</p>
<p>Siemens has released an update for POWER METER SICAM Q200 family and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/html/ssa-731916.htmlSSA-731916 V1.0: Multiple Vulnerabilities in CPCI85 Firmware of SICAM A8000 Devices2023-06-13T00:00:00+00:00<p>The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by multiple vulnerabilities such as authenticated remote command injection, exposure of serial UART interface, and hard coded credentials (for UART login).</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-572005.htmlSSA-572005 V1.2 (Last Update: 2023-06-13): Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices2023-06-13T00:00:00+00:00<p>Session fixation and multiple incorrect parameter parsing vulnerabilities that could potentially lead to remote code execution were identified in the web server of SICAM P850 and SICAM P855 devices.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-552874.htmlSSA-552874 V1.1 (Last Update: 2023-05-09): Denial of Service Vulnerability in SIPROTEC 5 Devices2023-05-09T00:00:00+00:00<p>Devices of the SIPROTEC 5 family contain a vulnerability related to secure client-initiated renegotiation. This could allow an unauthenticated attacker to cause a denial of service condition for the duration of the attack.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/html/ssa-322980.htmlSSA-322980 V1.1 (Last Update: 2023-05-09): Denial of Service Vulnerability in SIPROTEC 5 Devices2023-05-09T00:00:00+00:00<p>SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/html/ssa-472454.htmlSSA-472454 V1.0: Command Injection Vulnerability in CPCI85 Firmware of SICAM A8000 Devices2023-04-11T00:00:00+00:00<p>The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 is affected by unauthenticated command injection vulnerability. This could allow an attacker to perfom remote code execution.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-322980.htmlSSA-322980 V1.0: Denial of Service Vulnerability in SIPROTEC 5 Devices2023-04-11T00:00:00+00:00<p>SIPROTEC 5 devices contain a null pointer dereference vulnerability in the web service. This could allow an attacker to send unauthenticated maliciously crafted http request that could cause denial of service condition of the device.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/html/ssa-726834.htmlSSA-726834 V1.0: Denial of Service Vulnerability in the RADIUS Client of SIPROTEC 5 Devices2023-03-14T00:00:00+00:00<p>The RADIUS client implementation of the VxWorks platform in SIPROTEC 5 devices contains a denial of service vulnerability that could be triggered when a specially crafted packet is sent by a RADIUS server.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/html/ssa-223771.htmlSSA-223771 V1.2 (Last Update: 2023-03-14): SISCO Stack Vulnerability in SIPROTEC 5 Devices2023-03-14T00:00:00+00:00<p>A vulnerability in the third party component SISCO MMS-EASE could allow attackers to cause a denial of service condition with SIPROTEC 5 devices.</p>
<p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-223771.pdfSSA-223771 V1.1 (Last Update: 2022-12-21): SISCO Stack Vulnerability in SIPROTEC 5 Devices2022-12-21T00:00:00+00:00<p>A vulnerability in the third party component SISCO MMS-EASE could allow attackers to cause a denial of service condition with SIPROTEC 5 devices.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-849072.pdfSSA-849072 V1.0: Several Vulnerabilities in SICAM PAS before V8.062022-12-13T00:00:00+00:00<p>SICAM PAS/PQS before V8.06 is affected by three vulnerabilities which could lead to remote code execution, privilege escalation or the creation of a denial of service condition.</p>
<p>Siemens has released several updates for SICAM PAS/PQS and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdfSSA-572005 V1.1 (Last Update: 2022-12-13): Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices2022-12-13T00:00:00+00:00<p>Session fixation and incorrect parameter parsing vulnerabilities were identified in the web server of SICAM P850 and SICAM P855 devices.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-552874.pdfSSA-552874 V1.0: Denial of Service Vulnerability in SIPROTEC 5 Devices2022-12-13T00:00:00+00:00<p>Devices of the SIPROTEC 5 family contain a vulnerability related to secure client-initiated renegotiation. This could allow an unauthenticated attacker to cause a denial of service condition for the duration of the attack.</p>
<p>Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-223771.pdfSSA-223771 V1.0: SISCO Stack Vulnerability in SIPROTEC 5 Devices2022-12-13T00:00:00+00:00<p>A vulnerability in the third party component SISCO MMS-EASE could allow attackers to cause a denial of service condition with SIPROTEC 5 devices.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfSSA-570294 V1.0: Multiple Vulnerabilities in SICAM Q100 Before V2.502022-11-08T00:00:00+00:00<p>SICAM Q100 devices contain multiple vulnerabilities that could allow an attacker to take over the session of a logged in user or to inject custom code.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdfSSA-572005 V1.0: Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices2022-10-11T00:00:00+00:00<p>Session fixation and incorrect parameter parsing vulnerabilities were identified in the web server of SICAM P850 and SICAM P855 devices.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-669737.pdfSSA-669737 V1.2 (Last Update: 2022-08-09): Improper Access Control Vulnerability in SICAM TOOLBOX II2022-08-09T00:00:00+00:00<p>
SICAM TOOLBOX II contains a vulnerability that could allow an attacker access through a circumventable access control.
</p>
<p>
Siemens recommends countermeasures for products where updates are not, or not yet available.
</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-185638.pdfSSA-185638 V1.0: Authentication Bypass Vulnerability in SICAM A8000 Web Server Module2022-08-09T00:00:00+00:00<p>
A vulnerability was identified in the web server module used in the SICAM A8000 CP-8000, CP-8021 and CP-8022 devices’ protocol firmwares.
</p>
<ul>
<li>
AGPMT0 (AGP Master)
</li>
<li>
DNPiT1 (DNP3 TCP/IP Server)
</li>
<li>
DNPiT2 (DNP3 TCP/IP Client)
</li>
<li>
DNPMT0 (DNP3 Master seriell)
</li>
<li>
DNPST0 (DNP3 Slave seriell)
</li>
<li>
ET83 (61850 Ed.1)
</li>
<li>
ET85 (61850 Ed.2)
</li>
<li>
MBCiT0 (MODBUS TCP/IP Client)
</li>
<li>
MBSiT0 (MODBUS TCP/IP Server)
</li>
<li>
MODMT2 (MODBUS Master seriell)
</li>
<li>
OPUPT0 (OPCUA Pub/Sub)
</li>
<li>
OPUPT1 (Mindconnect)
</li>
</ul>
<p>
The vulnerability could allow unauthenticated access to the web interface of the affected web server module. The module is used for diagnostic purposes as well as commissioning and has to be activated manually within the protocol firmwares. For this reason the protocol firmwares are <em>secure by default</em>. Siemens updated the manual to make the situation transparent and raise awareness for operators.
</p>
<p>
Siemens recommends countermeasures for products where updates are not, or not yet available.
</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-865333.pdfSSA-865333 V1.0: Memory Corruption Vulnerability in EN100 Ethernet Module2022-07-12T00:00:00+00:00<p>
EN100 Ethernet module is affected by memory corruption vulnerability (CVE-2022-30938).
</p>
<p>
Siemens has released an update for the EN100 Ethernet module IEC 61850 variant and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-491621.pdfSSA-491621 V1.0: Denial of Service Vulnerability in CPC80 Firmware of SICAM A8000 Devices2022-07-12T00:00:00+00:00<p>
A vulnerability was identified in the CPC80 firmware of SICAM A8000 devices. It could allow an unauthenticated remote attacker to cause a permanent denial of service condition.
</p>
<p>
Siemens has released updates for the affected products and recommends to update to the latest versions.
</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-225578.pdfSSA-225578 V1.0: Improper Access Control in SICAM GridEdge2022-07-12T00:00:00+00:00<p>
The SICAM GridEdge software contains a improper access control vulnerability. This could allow persons with local access to the host system to inject an SSH key.
</p>
<p>
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-693555.pdfSSA-693555 V1.0: Memory Corruption Vulnerability in EN100 Ethernet Module2022-06-14T00:00:00+00:00<p>EN100 Ethernet module is affected by memory corruption vulnerability (CVE-2022-30937).</p>
<p>Siemens has released an update for the EN100 Ethernet module IEC 61850 variant and recommends to update to the latest version. Siemens recommends specific countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdfSSA-631336 V1.0: Multiple Web Server Vulnerabilities in SICAM GridEdge Software2022-06-14T00:00:00+00:00<p>Multiple vulnerabilities were identified in the webserver of the SICAM GridEdge application which includes missing authentication for critical API functions, absent cross-origin resource sharing restrictions and access to credentials.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-388239.pdfSSA-388239 V1.0: Default Password Leakage affecting the Component Shared HIS used in Spectrum Power Systems2022-06-14T00:00:00+00:00<p>Siemens has been made aware of a default password leakage in the internet affecting the component Shared HIS (SHHIS) used in Spectrum Power systems.</p>
<p>The products listed below are affected by this default password leakage. This could allow an attacker to access the component Shared HIS of those products with administrative privileges by using an account with default credentials.</p>
<p>Siemens offers configuration recommendations for the affected products in order to mitigate the issue.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdfSSA-165073 V1.0: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices2022-05-10T00:00:00+00:00<p>Multiple vulnerabilities were identified in the webserver of SICAM P850 and SICAM P855 devices. These include unauthenticated access to web-interface functionality, missing HTTPS or impersonation as well as cross-site scripting related vulnerabilities.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-316850.pdfSSA-316850 V1.0: Unauthenticated File Access in SICAM A8000 Devices2022-04-12T00:00:00+00:00<p>SICAM A8000 CP-8050 and CP-8031 devices contain vulnerabilities that could allow an attacker to access files without authentication.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-669737.pdfSSA-669737 V1.1 (Last Update: 2022-03-08): Improper Access Control Vulnerability in SICAM TOOLBOX II2022-03-08T00:00:00+00:00<p>SICAM TOOLBOX II contains a vulnerability that could allow an attacker access through a circumventable access control.</p>
<p>Siemens is preparing updates and recommends countermeasures for products where updates are not, or not yet available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-831168.pdfSSA-831168 V1.0: Cross-Site Scripting Vulnerability in Spectrum Power 42022-02-08T00:00:00+00:00<p>A Cross-Site Scripting (XSS) vulnerability is found in the integrated web application “Online Help” of Spectrum Power 4.</p>
<p>Siemens has released an update for the Spectrum Power 4 and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-173318.pdfSSA-173318 V1.0: Unquoted Search Path Vulnerability in SICAM PQ Analyzer2022-01-11T00:00:00+00:00<p>SICAM PQ Analyzer uses an unquoted registry entry and is thus vulnerable to an unquoted search path vulnerability.</p>
<p>Siemens has released an update for the SICAM PQ Analyzer and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdfSSA-439673 V1.0: Information Disclosure Vulnerability in SIPROTEC 5 Devices2022-01-11T00:00:00+00:00<p>An information disclosure vulnerability in SIPROTEC 5 products could allow an unauthenticated attacker to read device information.</p>
<p>Only devices with the hardware variants CP050, CP100 and CP300 are affected. The DIGSI engineering tool can be used to identify the hardware version of your devices.</p>
<p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-500748.pdfSSA-500748 V1.1 (Last Update: 2021-10-12): Denial-of-Service Vulnerabilities in SIPROTEC 5 Devices2021-10-12T00:00:00+00:00<p>The latest update for SIPROTEC 5 family devices fixes a vulnerability in the web interface which could allow unauthorized users to cause a Denial-of-Service situation by sending maliciously crafted web requests.</p>
<p>Siemens has released an update for the SIPROTEC 5 and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-847986.pdfSSA-847986 V1.1 (Last Update: 2021-10-12): Denial-of-Service Vulnerabilities in SIPROTEC 5 relays2021-10-12T00:00:00+00:00<p>The latest update for SIPROTEC 5 relays fixes two vulnerabilities that could allow a remote attacker to cause a denial-of-service or potentially trigger a remote code execution under certain circumstances.</p>
<p>Siemens has released an update for SIPROTEC 5 relays and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-500748.pdfSSA-500748 V1.0: Denial-of-Service Vulnerabilities in SIPROTEC 5 Devices2021-09-14T00:00:00+00:00<p>The latest update for SIPROTEC 5 family devices fixes a vulnerability in the web interface which could allow unauthorized users to cause a Denial-of-Service situation by sending maliciously crafted web requests.</p>
<p>Siemens has released an update for the SIPROTEC 5 and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-847986.pdfSSA-847986 V1.0: Denial-of-Service Vulnerabilities in SIPROTEC 5 relays2021-09-14T00:00:00+00:00<p>The latest update for SIPROTEC 5 relays fixes two vulnerabilities that could allow a remote attacker to cause a denial-of-service or potentially trigger a remote code execution under certain circumstances.</p>
<p>Siemens has released an update for SIPROTEC 5 relays and recommends to update to the latest version.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdfSSA-203306 V1.5 (Last Update: 2021-07-13): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families2021-07-13T00:00:00+00:00<p>SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.</p>
<p>Siemens has released updates for several affected products, and recommends specific countermeasures for the remaining products.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-415783.pdfSSA-415783 V1.0: Insecure SSL configuration in SICAM A8000 CP-8000, CP-8021 and CP-80222020-12-08T00:00:00+00:00<p>Some firmware versions of the affected products use outdated and insecure ciphers or can be downgraded to use outdated and insecure ciphers.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-568969.pdfSSA-568969 (Last Update: 2020-09-08): Insecure Storage of Sensitive Information in Spectrum Power™ 42020-09-08T00:00:00+00:00<p>Vulnerabilities in Spectrum Power™ 4 could allow an unauthorized attacker to retrieve a list of software users, or in certain cases to list the contents of a directory.</p>
<p>Siemens has released updates and configuration recommendations for Spectrum Power™ 4 in order to mitigate the issues.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-370042.pdfSSA-370042 (Last Update: 2020-08-11): Cross-Site-Scripting (XSS) in SICAM A8000 RTUs2020-08-11T00:00:00+00:00<p>The latest update for SICAM A8000 RTUs fixes a vulnerability that could allow attackers with network access to the device’s web server to perform a stored Cross-Site-Scripting attack.</p>
<p>Siemens has released an update for SICAM A8000 RTUs and recommends to update as soon as possible.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-305120.pdfSSA-305120 (Last Update: 2020-07-14): Vulnerabilities in SICAM MMU, SICAM T and SICAM SGU2020-07-14T00:00:00+00:00<p>SICAM MMU, SICAM T and the discontinued SICAM SGU devices are affected by multiple security vulnerabilities which could allow an attacker to perform a variety of attacks. This may include unauthenticated firmware installation, remote code execution and leakage of confidential data like passwords. Siemens has released updates to introduce authentication to the web application. It is still recommended to implement further mitigations, as most of the vulnerabilities might not be sufficiently mitigated by this.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdfSSA-899560 (Last Update: 2020-05-12): Vulnerabilities in SIPROTEC 5 relays and DIGSI 52020-05-12T00:00:00+00:00<p>The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-938930.pdfSSA-938930 (Last Update: 2020-03-10): Cross-Site Scripting Vulnerability in Spectrum Power™ 52020-03-10T00:00:00+00:00<p>A Cross-Site Scripting (XSS) vulnerability was found in the Engineering User Interface of Spectrum Power™ 5.</p>
<p>A software update is available to address the issue and Siemens recommends installing the patch.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdfSSA-974843 (Last Update: 2020-02-11): Denial-of-Service Vulnerability in SIPROTEC 4 and SIPROTEC Compact Relay Families2020-02-11T00:00:00+00:00<p>The SIPROTEC 4 and SIPROTEC Compact devices are affected by a security vulnerability which could allow an attacker to conduct a Denial-of-Service attack over the network when equipped with EN100 Ethernet communication modules. Siemens recommends specific countermeasures to mitigate the issue.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdfSSA-632562 (Last Update: 2020-01-14): Vulnerabilities in SIPROTEC 5 Ethernet plug-in communication modules and devices2020-01-14T00:00:00+00:00<p>The SIPROTEC 5 Ethernet plug-in communication modules and devices are affected by multiple security vulnerabilities. These vulnerabilities could allow an attacker to leverage various attacks, e.g. to execute arbitrary code over the network.</p>
<p>The underlying Wind River VxWorks network stack is affected by eleven vulnerabilities known as 'URGENT/11'. Of these, two DHCP-related vulnerabilities (CVE-2019-12257 and CVE-2019-12264) do not apply to this advisory as the listed products use a different DHCP stack.</p>
<p>One further vulnerability affects the boot process of the device under certain conditions.</p>
<p>Siemens has released updates and recommends that customers update to the new versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-418979.pdfSSA-418979 (Last Update: 2020-01-14): Vulnerabilities in EN100 Ethernet Communication Module2020-01-14T00:00:00+00:00<p>The EN100 Ethernet communication modules are affected by security vulnerabilities which could allow an attacker to disclose information. Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-418979.pdfSSA-418979 (Last Update: 2019-12-10): Vulnerabilities in EN100 Ethernet Communication Module2019-12-10T00:00:00+00:00<p>The EN100 Ethernet communication modules are affected by security vulnerabilities which could allow an attacker to disclose information. Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdfSSA-632562 (Last Update: 2019-12-10): Vulnerabilities in SIPROTEC 5 Ethernet plug-in communication modules and devices2019-12-10T00:00:00+00:00<p>The SIPROTEC 5 Ethernet plug-in communication modules and devices are affected by multiple security vulnerabilities. These vulnerabilities could allow an attacker to leverage various attacks, e.g. to execute arbitrary code over the network.</p>
<p>Eleven of these vulnerabilities affect the underlying Wind River VxWorks network stack and were recently patched by Wind River. One further vulnerability affects the boot process of the device under certain conditions.</p>
<p>Siemens has released updates for all vulnerabilities in some products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdfSSA-899560 (Last Update: 2019-12-10): Vulnerabilities in SIPROTEC 5 relays and DIGSI 52019-12-10T00:00:00+00:00<p>The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-747162.pdfSSA-747162 (Last Update: 2019-08-13): Cross-Site Scripting Vulnerability in Spectrum Power™2019-08-13T00:00:00+00:00<p>A Cross-Site Scripting (XSS) vulnerability was found in the WebSDK component of Spectrum Power™ 3, 4, 5 and 7.</p>
<p>A software update is available to address the issue and Siemens recommends installing the patch.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdfSSA-899560 (Last Update: 2019-08-13): Vulnerabilities in SIPROTEC 5 relays and DIGSI 52019-08-13T00:00:00+00:00<p>The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdfSSA-632562 (Last Update: 2019-08-02): Vulnerabilities in SIPROTEC 5 Ethernet plug-in communication modules and devices2019-08-02T00:00:00+00:00<p>The SIPROTEC 5 Ethernet plug-in communication modules and devices are affected by multiple security vulnerabilities. These vulnerabilities could allow an attacker to leverage various attacks, e.g. to execute arbitrary code over the network.</p>
<p>Eleven of these vulnerabilities affect the underlying Wind River VxWorks network stack and were recently patched by Wind River. One further vulnerability affects the boot process of the device under certain conditions.</p>
<p>Siemens has released updates for all vulnerabilities in some products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-747162.pdfSSA-747162 (Last Update: 2019-07-09): Cross-Site Scripting Vulnerability in Spectrum Power™2019-07-09T00:00:00+00:00<p>A Cross-Site Scripting (XSS) vulnerability was found in the WebSDK component of Spectrum Power™ 3, 4, 5 and 7.</p>
<p>A software update is available to address the issue and Siemens recommends installing the patch.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdfSSA-899560 (Last Update: 2019-07-09): Vulnerabilities in SIPROTEC 5 relays and DIGSI 52019-07-09T00:00:00+00:00<p>The SIPROTEC 5 relays and their corresponding engineering software DIGSI 5 are affected by two security vulnerabilities which could allow an attacker to upload or download files to the device or to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-324467.pdfSSA-324467 (Last Update: 2019-04-09): OS Command Injection in Spectrum Power 4.72019-04-09T00:00:00+00:00<p>Versions of Spectrum Power™ 4, that use the customer specific project enhancement (PE) Web Office Portal (WOP) are affected by a possible OS Command Injection vulnerability. Siemens has released patches for the affected version and recommends to apply specific countermeasures until these patches can be applied.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdfSSA-203306 (Last Update: 2019-03-12): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families2019-03-12T00:00:00+00:00<p>SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.</p>
<p>Siemens has released updates for several affected products, and recommends specific countermeasures for the remaining products.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-760124.pdfSSA-760124 (Last Update: 2019-02-12): Multiple Vulnerabilities in Licensing Software for SICAM 2302019-02-12T00:00:00+00:00<p>Multiple vulnerabilities have been identified in the WibuKey Digital Rights Management (DRM) solution, which affect the SICAM 230 process control system.</p>
<p>Siemens recommends users to apply the updates to WibuKey Digital Rights Management (DRM) provided by WIBU SYSTEMS AG.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-104088.pdfSSA-104088 (Last Update: 2019-02-12): Denial-of-Service Vulnerabilities in EN100 Ethernet Communication Module and SIPROTEC 5 relays2019-02-12T00:00:00+00:00<p>The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by a security vulnerability which could allow an attacker to conduct a Denial-of-Service attack over the network. Siemens has released updates for some affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-579309.pdfSSA-579309 (Last Update: 2019-02-12): Denial-of-Service in SICAM A8000 Series2019-02-12T00:00:00+00:00<p>The SICAM A8000 RTU series is affected by a security vulnerability that could allow unauthenticated remote users to cause a Denial-of-Service (DoS) condition of the web server of affected products.</p>
<p>Siemens has released updates for all product variants and recommends that customers update to the new versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-635129.pdfSSA-635129 (Last Update: 2019-02-12): Denial-of-Service Vulnerabilities in EN100 Ethernet Communication Module and SIPROTEC 5 relays2019-02-12T00:00:00+00:00<p>The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by security vulnerabilities which could allow an attacker to conduct a Denial-of-Service attack over the network.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdfSSA-845879 (Last Update: 2019-02-12): Firmware Downgrade Vulnerability in EN100 Ethernet Communication Module for SIPROTEC 4, SIPROTEC Compact and Reyrolle2019-02-12T00:00:00+00:00<p>The EN100 Ethernet communication module, which is an optional extension for SIPROTEC 4, SIPROTEC Compact and Reyrolle devices, allows an unauthenticated upload of firmware updates to the communication module in affected versions.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-579309.pdfSSA-579309 (Last Update: 2019-01-08): Denial-of-Service in SICAM A8000 Series2019-01-08T00:00:00+00:00<p>The SICAM A8000 RTU series is affected by a security vulnerability that could allow unauthenticated remote users to cause a Denial-of-Service (DoS) condition of the web server of affected products.</p>
<p>Siemens has released updates for all product variants and recommends that customers update to the new versions.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-325546.pdfSSA-325546 (Last Update: 2019-01-08): Denial-of-Service Vulnerabilities in EN100 Ethernet Communication Module of SWT30002019-01-08T00:00:00+00:00<p>The firmware variant IEC 61850 of the EN100 Ethernet communication module for SWT 3000 is affected by security vulnerabilities which could allow an attacker to conduct a Denial-of-Service attack over the network.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-635129.pdfSSA-635129 (Last Update: 2018-12-11): Denial-of-Service Vulnerabilities in EN100 Ethernet Communication Module and SIPROTEC 5 relays2018-12-11T00:00:00+00:00<p>The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by security vulnerabilities which could allow an attacker to conduct a Denial-of-Service attack over the network.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-159860.pdfSSA-159860 (Last Update: 2018-11-13): Access Control Vulnerability in IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC2018-11-13T00:00:00+00:00<p>IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC products are affected by a security vulnerability which could allow an attacker to either exfiltrate limited data from the system or to execute code with operating system user permissions.</p>
<p>Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and recommends specific countermeasures until patches are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssb-068644.pdfSSB-068644 (Last Update: 2018-08-17): General Customer Information for Speculative Side-Channel Vulnerabilities in Microprocessors2018-08-17T00:00:00+00:00<p>Security researchers published information on vulnerabilities known as Spectre, Meltdown, Spectre-NG, Lazy FP State Restore, Spectre V1.1, and L1 Terminal Fault/Foreshadow. These vulnerabilities affect many modern processors from different vendors to a varying degree.</p>
<p>Siemens is analyzing the impact of these vulnerabilities and of the mitigations released on its own products. If Siemens products are found to be affected, additional product-specific update information will be distributed either via the Siemens ProductCERT website or through Siemens’ customer service organizations if applicable.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-635129.pdfSSA-635129 (Last Update: 2018-07-11): Denial-of-Service Vulnerabilities in EN100 Ethernet Communication Module and SIPROTEC 5 relays2018-07-11T00:00:00+00:00<p>The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by security vulnerabilities which could allow an attacker to conduct a Denial-of-Service attack over the network.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-159860.pdfSSA-159860 (Last Update: 2018-06-26): Access Control Vulnerability in IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC2018-06-26T00:00:00+00:00<p>IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC products are affected by a security vulnerability which could allow an attacker to either exfiltrate limited data from the system or to execute code with operating system user permissions.</p>
<p>Siemens has released updates for several affected products, and recommends that customers update to the new version. Siemens is preparing further updates and recommends specific countermeasures until patches are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-323211.pdfSSA-323211 (Last Update: 2018-06-12): Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Devices2018-06-12T00:00:00+00:00<p>SIPROTEC 4 and SIPROTEC Compact devices are affected by several vulnerabilities. Two of the vulnerabilities could allow attackers to perform a denial-of-service attack under certain conditions.</p>
<p>Siemens has released updates for the affected products and will update this advisory when new information becomes available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdfSSA-203306 (Last Update: 2018-05-15): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families2018-05-15T00:00:00+00:00<p>SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-547990.pdfSSA-547990 (Last Update: 2018-05-15): Information Disclosure Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact2018-05-15T00:00:00+00:00<p>Information disclosure vulnerabilities in SIPROTEC 4 and SIPROTEC Compact devices could allow an attacker to extract sensitive device information under certain conditions.</p>
<p>Siemens has released firmware updates for EN100 Ethernet module included in SIPROTEC 4 and SIPROTEC Compact devices. Siemens has also released a firmware update for SIPROTEC Compact 7SJ80 with Ethernet Service Interface on Port A. For remaining affected devices, countermeasures are recommended. Siemens will update this advisory when new information becomes available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdfSSA-845879 (Last Update: 2018-04-17): Firmware Downgrade Vulnerability in EN100 Ethernet Communication Module for SIPROTEC 4, SIPROTEC Compact and Reyrolle2018-04-17T00:00:00+00:00<p>The EN100 Ethernet communication module, which is an optional extension for SIPROTEC 4, SIPROTEC Compact and Reyrolle devices, allows an unauthenticated upload of firmware updates to the communication module in affected versions.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdfSSA-203306 (Last Update: 2018-04-17): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families2018-04-17T00:00:00+00:00<p>SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-323211.pdfSSA-323211 (Last Update: 2018-03-15): Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Devices2018-03-15T00:00:00+00:00<p>SIPROTEC 4 and SIPROTEC Compact devices are affected by several vulnerabilities. Two of the vulnerabilities could allow attackers to perform a denial-of-service attack under certain conditions.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdfSSA-203306 (Last Update: 2018-03-08): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families2018-03-08T00:00:00+00:00<p>SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>
https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdfSSA-845879 (Last Update: 2018-03-08): Firmware Downgrade Vulnerability in EN100 Ethernet Communication Module for SIPROTEC 4, SIPROTEC Compact and Reyrolle2018-03-08T00:00:00+00:00<p>The EN100 Ethernet communication module, which is an optional extension for SIPROTEC 4, SIPROTEC Compact and Reyrolle devices, allows an unauthenticated upload of firmware updates to the communication module in affected versions.</p>
<p>Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.</p>