Petrochemical and textile companies in China The national oil and gas company of Sri Lanka A logistics and transport company in the UAE
A service provider to the oil and gas industry in the UAE An industrial process and factory automation company, a manufacturer of building materials and a transportation services company in Asia A supplier of commercial refrigerators, a supplier of heavy electrical engineering equipment, a manufacturer of optical components and a provider of intelligent automation solutions in Europe Oil and gas supply chain industries and international maritime organizations in the Middle East. The targets that have been targeted are : Advantech WebAccess/SCADAĪ new phshing campaign with the aim of stealing information is underway in different parts of the world using AZORult malware. Weakness in UR bootloader binary: all bootloader versions prior to 7.03/7.04 Access to “Last-key pressed” register: all firmware versions prior to 8.1x with basic security option Provisions to disable Factory Mode: all firmware versions prior to 8.1x with basic security option Protection from unintended firmware upload: all firmware versions prior to 8.1x with basic security option Web server vulnerabilities: all firmware versions prior to version 8.1x Vulnerabilities related to SSH Support: firmware versions 7.4x to 8.0x (CyberSentry option) GE reports the vulnerabilities affect the following UR family (B30, B90, C30, C60, C70, C95, D30, D60, F35, F60, G30, G60, 元0, L60, L90, M60, N60, T35, T60) of advanced protection and control relays: Control Center Server (CCS) : All versions = V2.1 and < V2.1.3 SIPLUSvariants) : All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and = V1.5.0only affected by CVE-2019-18340
#Vijeo designer 6.2 hmig5u update
Update of the advisories for SSA-763427 (CVSS 9.8) : Update of the advisories for SSA-296266 (CVSS 8.6) : Texas Instruments SimpleLink-CC32XX, versions prior to 4.10.03 Texas Instruments SimpleLink-CC26XX, versions prior to 4.40.00 Texas Instruments SimpleLink-CC13XX, versions prior to 4.40.00 Texas Instruments SimpleLink MSP432E4XX Texas Instruments CC32XX, versions prior to 4.40.00.07 Samsung Tizen RT RTOS, versions prior 3.0.GBB NXP MCUXpresso SDK, versions prior to 2.8.2 Micrium uCOS II/uCOS III Versions 1.39.0 and prior Media Tek LinkIt SDK, versions prior to 4.6.1 Linux Zephyr RTOS, versions prior to 2.4.0 Google Cloud IoT Device SDK, Version 1.0.2 eCosCentric eCosPro RTOS, Versions 2.0.1 through 4.5.3 ARM CMSIS-RTOS2, versions prior to 2.1.3
Mitsubishi Electric GOT and Tension Controller SSA-983548: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation SSA-940818: UltraVNC Vulnerabilities in SIMATIC HMIs/WinCC Products SSA-919955: Information Disclosure Vulnerability in Mendix Database Replication Module SSA-854248: Information Disclosure Vulnerability in Mendix Excel Importer Module SSA-752103: Telnet Authentication Vulnerability in SINAMICS Medium Voltage Products SSA-723417: Multiple Vulnerabilities in SCALANCE W1750D SSA-678983: Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020) SSA-676775: Denial-of-Service Vulnerability in SIMATIC NET CP 343-1 Devices SSA-594364: Denial-of-Service Vulnerability in SNMP Implementation of WinCC Runtime SSA-538778: SmartVNC Vulnerabilities in SIMATIC HMI/WinCC Products SSA-501073: Vulnerabilities in Controllers CPU 1518 MFP using Intel CPUs (November 2020) SSA-324955: SAD DNS Attack in Linux Based Products
SSA-286838: Multiple Vulnerabilities in SINAMICS Medium Voltage Products SSA-116379: Denial-of-Service Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices SIMATIC WinCC Runtime Advanced:All versions < V16 Update 4 SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 and KTP900F:All versions < V16 Update 4 SIPLUS variants):All versions < V16 Update 4 SIMATIC HMI Comfort Panels 4" - 22"(incl. SIMATIC HMI Comfort Outdoor Panels 7" & 15"(incl. SINAMICS GM150 (with option X30):All versions SINAMICS GL150 (with option X30):All versions Stack Overflow and XXE vulnerability in various OPC UA products See the documents below for more information
0 kommentar(er)
