If you know of an incident or suspected case, please do not hesitate to share your information with us at: cybersecurity-seepex@irco.com

 

Date of notification Source Bulletin Impact Affected SEEPEX product Recommended action Launched on SEEPEX Website

08.10.2024

Siemens

SSA-054046

Several SIMATIC S7-1500 CPU versions are affected by an authentification bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU.

Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.

All S7-1500 CPUs

Product-specific remediations or mitigations can be found in the section Affected Products and Solutions. Please follow the General Security Recommendations.

20.11.2024

08.10.2024

Siemens

SSA-876787

Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web werver of affected devices redirect a legitimate user to an attacker-chosen URL. Fo a successful attack, the legitimate user needs to actively click on an attacker-crafted link.

Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.

Simatic S7-1200 CPU Family

Simatic S7-1500 CPU Family

Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk

Do not click on links from unknown sources.

Product-specific remeditations or mitigations can be found in the section Affected Products and Solutions. Please follow the General Security Recommendations.

20.11.2024

13.08.2024

Rockwell Automation

SD 1685

A denial-of-service vulnerability exists in the affected product. This vulnerability occurs when a malformed PCCC message is received, causing a failure in the controller.

ControlLogix/GuardLogix 5580 and Compact-Logix/Compact GuardLogix® 5380 Controller

Update to latest firmware revision.

Restrict communication to CIP objects 103 (0x67)

01.10.2024

13.08.2024

Rockwell Automation

SD 1685

A denial-of-service vulnerability via Input Validation. A malformed PTP management package can cause a major irreversible fault in the controller.

ControlLogix/GuardLogix 5580 and Compact-Logix/Compact GuardLogix® 5380 Controller

Update to latest firmware revision.

If PTP messages are not used, block at the network level, port UDP 319/320

01.10.204

09.07.2024

Siemens

SSA-779936

Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application.

Totally Integrated Automation Portal (TIA Portal) before V19

Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk:

Avoid opening untrusted files from unknown sources in affected products

31.07.2024

09.07.2024

Siemens

SSA-473245

A vulnarability in affected devices could allow an attacker to perform a denial of service attack if a large amount of specially crafted UDP packets are sent to the device.

Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific counter measures for products where fixes are not, or not yet available.

Simatic S7-1200 CPU Family, Simatic S7-1500 Family, ET200SP

Siemens has identifid the following specific workarounds and mitigations that customers cann apply to reduce the risk:

Restrict network access to affected devices

31.07.2024

11.06.2024

Siemens

SSA-319319

TIA Administrator creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.

 

TIA-Administrator <3.2

Siemens has released a new version for TIA Administrator and recommends to update to the latest version. 

Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk.Remove write permissions for non-administrative users on files and folders located under the installation path

 

 

05.07.2024

11.06.2024

Siemens

SSA-353002

The SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG group is affected by multiple vulnerabilities. CVE-2023-44318 and CVE-2023-44321 were previously published as part of SSA-699386.

SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG group.

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

05.07.2024

11.06.2024

Siemens

SSA-711309

Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

All SEEPEX control featuring the following SIEMENS Software: 

-       SIMATIC S7-12xx

-       SIMATIC S7-15xx

SIMATIC ET 200SP

Currently no fix available/ Update to latest version

05.07.2024

21.05.2024 Rockwell Automation  SD1672

IMPORTANT NOTICE:

Rockwell Automation reiterates the instruction to its customers to disconnect devices from the Internet to protect against cyber threats Due to heightened geopolitical tensions and hostile cyber activity around the world, Rockwell Automation urges all customers to IMMEDIATELY check if their devices are connected to the public Internet and, if so, to urgently remove that connection for devices that are not specifically designed for a public Internet connection.

All SEEPEX controls with Rockwell Automation Hardware

Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is issuing this notice urging all customers to take IMMEDIATE action to assess whether they have devices facing the public internet and, if so, urgently remove that connectivity for devices not specifically designed for public internet connectivity.

30.05.2024

14.05.2024 SIEMENS SSA-592380

A vulnerability has been discovered in the SIMATIC S7-1500 CPU family and related products that could allow an attacker to trigger a denial of service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp.

All SEEPEX controls with the following SIEMENS hardware: 

  • SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)

No solution is currently planned

30.05.2024

13.02.2024 SIEMENS SSA-711309

Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

All SEEPEX controls featuring the following SIEMENS Software:

  • SIMATIC S7-12xx
  • SIMATIC S7-15xx
  • SIMATIC     ET 200SP

Currently no fix available / Update to latest version

27.02.2024

12.12.2023 SIEMENS SSA-887801

Information disclosure to LOCAL attacker to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-12xx
  • SIMATIC S7-15xx

Exclusion of local attackers

and/or

firmware update to V19 or later version

14.02.2024

12.12.2023 SIEMENS SSA-398330

Multiple Vulnerabilities in SIMATIC S7-1500 CPUs of GNU/Linux subsystem

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-15xx
See SSA-398330 14.02.2024
12.12.2023 SIEMENS SSA-592380

Denial of Service Vulnerability in SIMATIC S7- 1500 CPUs via port 102 tcp

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-15xx

Firmware update to V3.1.0 or later version

14.02.2024

09.12.2023 SIEMENS SSA-711309

Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

All SEEPEX controls on SIEMENS PLCs that are connected to a SEEPEX Gateway (e.g. SPG)

Firmware update to V8.1. SP1 or later version

14.02.2024

14.11.2023 SIEMENS SSA-699386

Multiple Vulnerabilities on SIEMENS SCALANCE Routern

All SEEPEX control cabinets featuring the following SIEMENS hardware:

  • SCALANCE XB-200, XC- 200, XP-200, XF-200BA and XR-300WG

Firmware update to V4.5 or later version

14.02.2024

28.05.2021 SIEMENS SSA-434534

Memory Protection Bypass Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-12xx
  • SIMATIC S7-15xx
  • SIMATIC ET 200SP Open Controller CPU

SIMATIC S7-12xx:

firmware update to V4.5 or later version

 

 SIMATIC S7-15xx: 

 firmware update to V2.9.2 or later version

 

14.02.2024