https://cert-portal.siemens.com/productcert/rss/alerts_industrial_products.atomSiemens ProductCERT Security Alerts and News2021-11-09T12:10:00+00:00Siemens ProductCERTproductcert@siemens.comSiemens ProductCERTSiemens Security Alerts and Newshttps://www.siemens.com/cert#Newsroom-10Vulnerabilities in the Nucleus TCP/IP Stack (\"NUCLEUS:13\")2021-11-09T12:00:00+00:00Today, in coordination with Forescout, CISA and other contributors, Siemens has disclosed the security vulnerabilities CVE-2021-31344 through CVE-2021-31346 and CVE-2021-31881 through CVE-2021-31890, also named \"NUCLEUS:13\".<br/>The impact and remediations of these vulnerabilities in Nucleus RTOS (a real-time operating system provided by Siemens EDA, formerly Mentor Graphics) is described in the following Security Advisory:<br/> - <a href='https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf' target='_blank'>SSA-044112: Multiple Vulnerabilities (NUCLEUS:13) in the TCP/IP Stack of Nucleus RTOS</a>"https://www.siemens.com/cert#Newsroom-9Vulnerabilities in Interniche TCP/IP Stack (\"INFRA:HALT\")2021-08-04T18:00:00+00:00Siemens is aware of the security vulnerabilities named INFRA:HALT. The impact to Siemens products is described in the following Security Advisory:<br/> - <a href='https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf' target='_blank'>SSA-789208: Multiple Vulnerabilities (INFRA:HALT) in Interniche IP-Stack based Low Voltage Devices</a><br/><br/>Please note that SIMATIC S7 PLCs are not affected by these vulnerabilities.https://www.siemens.com/cert#Newsroom-8New Vulnerabilities in Treck TCP/IP Stack2020-12-23T15:00:00+00:00Siemens is aware of the new security vulnerabilities in the Treck TCP/IP stack, disclosed on 2020-12-08 on <a href='https://treck.com/vulnerability-response-information/' target='_blank'>Treck, Inc.'s advisory page</a>.<br/>No Siemens product is known to use Treck Inc.'s TCP/IP stack, or otherwise be affected by the reported vulnerabilities.<br/>Note that Siemens products and systems might interact with products from other manufacturers which are affected by the reported vulnerabilities. In such cases Siemens recommends that owners of operational infrastructures verify if these products are affected and evaluate the potential impact of the Ripple20 vulnerabilities. Siemens ProductCERT may release additional information via specific Security Advisories.https://www.siemens.com/cert#Newsroom-7AMNESIA:33 Vulnerabilities2020-12-09T11:30:00+00:00Siemens is aware of the security vulnerabilities in several TCP/IP stacks, also named “AMNESIA:33” and <a href='https://www.forescout.com/research-labs/amnesia33/' target='_blank'>disclosed on 2020-12-08</a>. The impact to Siemens products is described in the <a href='https://cert-portal.siemens.com/productcert/pdf/ssa-541017.pdf' target='_blank'>Security Advisory SSA-541017</a>, published on 2020-12-08 on the same day.<br/>Note that Siemens products and systems might interact with products from other manufacturers which are affected by the reported vulnerabilities. In such cases Siemens recommends that owners of operational infrastructures verify if these products are affected and evaluate the potential impact of the AMNESIA:33 vulnerabilities.https://www.siemens.com/cert#Newsroom-6Ripple20 Vulnerabilities2020-07-09T18:30:00+00:00Siemens is aware of the recently disclosed <a href='https://www.jsof-tech.com/ripple20/' target='_blank'>set of security vulnerabilities in Treck, Inc.'s TCP/IP stack</a>, known as Ripple20, disclosed by the JSOF research lab. Siemens experts had conducted an internal investigation to assess impact on Siemens products. No Siemens product is known to use Treck Inc.'s TCP/IP stack, or otherwise be affected by the reported vulnerabilities.<br/>Note that Siemens products and systems might interact with products from other manufacturers which are affected by the reported vulnerabilities. In such cases Siemens recommends that owners of operational infrastructures verify if these products are affected and evaluate the potential impact of the Ripple20 vulnerabilities.https://www.siemens.com/cert#Newsroom-5Operational Guidelines for Industrial Security2020-03-18T00:00:00+00:00Siemens has released an updated version 2.1 of the <a href='https://www.siemens.com/cert/operational-guidelines-industrial-security' target='_blank'>Operational Guidelines for Industrial Security</a>.<br/>The guidelines provide recommendations for the secure operation of plant and machinery in industrial environments, including a 'Defense-in-Depth' security concept.<br/>Version 2.1 replaces all former versions of the guidelines and is referenced in Siemens Security Advisories related with Siemens Industrial Products.https://www.siemens.com/cert#Newsroom-4SIPLUS products - Advisories2019-12-16T00:00:00+00:00SIPLUS products are rebranded standard products offering improved resistance to mechanical loads, chemical and biological substances, condensation, and temperature fluctuations. They are also designed to cope with temperatures between -40° and +70° Celsius. These devices share the same firmware than the <a href='https://new.siemens.com/global/en/products/automation/products-for-specific-requirements/siplus-extreme/conversion-tool.html' target='_blank'>products they are based on</a>.<br/>Although these devices were already implicitly mentioned in our existing advisories we were made aware that if not explicitly mentioned it could leave these devices out-of-scope. Therefore, starting with Advisory Day December 2019, Siemens will explicitly mention this product family and in the future also update old Siemens advisories.https://www.siemens.com/cert#Newsroom-2Microsoft DejaBlue Vulnerability in Siemens Industrial Products2019-08-21T00:00:00+00:00Siemens is aware of the reports about the vulnerabilities reported by Microsoft on August 13th, known as DejaBlue or CVE-2019-1181/1182. Microsoft released updates for several supported Windows operating systems on 2019-08-13, which fix a vulnerability in the Remote Desktop Service. The vulnerability could allow an unauthenticated remote attacker to execute arbitrary code on the target system if the system exposes the service to the network.<br/><br/>A number of Siemens Industrial products can be installed on Microsoft Windows. Siemens recommends that customers of these products test the compatibility of the patches in their environment and apply the patches if found to be compatible. Information on patch compatibility for Microsoft Windows patches for SIMATIC PCS 7 is published in <a href="https://support.industry.siemens.com/cs/ww/en/view/18490004">this FAQ entry</a>.<br/><br/>Further information on this vulnerability can be found at:<br/><br/><a href="https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/">https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/</a>