If you know of an incident or suspected case, please do not hesitate to share your information with us at: cybersecurity-seepex@irco.com
Date of notification | Source | Bulletin | Impact | Affected SEEPEX product | Recommended action | Launched on SEEPEX Website |
|---|---|---|---|---|---|---|
11.03.2025 | Siemens | The products listed below contain two authentication bypass vulnerabilities that could allow an attacker to gain access to the data managed by the server. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. | Totally Integrated Automation Por-tal (TIA Portal) V18, V19 | Product-specific remediations or mitigations can be found in the section Affected Products and Solution. Please follow the General Security Recommendations. | ||
11.03.2025 | Siemens | Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerabilty that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an at-tacker-crafted link. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific counter-measures for products where fixes are not, or not yet available. | S7-1200 CPU / S7-1500 CPU | As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity | ||
11.03.2025 | Siemens | Several SIMATIC S7-1500 CPU versions are affected by an authentication bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. | As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity | |||
11.02.2025 | Schneider | The Modicon Programmable Automation controllers are used for complex networked communication, display and control applications Failure to apply the mitigations or remediations provided below may risk execution of unsolicited command on the PLC which could result in a loss of availability of the controller February 2025 Update: Correction of vulnerabilities impacting Quantum Safety processor | Modicon Controller M340, M580 | Update Software and Firmware and Rebuild the Projects | ||
11.02.2025 | Siemens | The webserver of several SIMATIC products is affected by a user enumeration vulnerability that could allow an unauthenticated remote attacker to identify valid usernames. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-1200 CPU family V4 (incl. SIPLUS variants) SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) SIMATIC S7-PLCSIM Advanced All versions >= V6.0 < V7.0 | Update to V4.7 or later version Update to V3.1.2 or later version.Disable HTTP (port 80/tcp) and provide web service access through HTTPS (port 443/tcp) only; the vulnerability is considered as only exploitable via HTTP Update to V7.0 or later version Disable HTTP (port 80/tcp) and provide web service access through HTTPS (port 443/tcp) only; the vulnerability is considered as only exploitable via HTTP | ||
11.02.2025 | Siemens | SIMATIC S7-1200 CPU family before V4.7 is affected by two denial of service vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. | SIMATIC S7-1200 CPU family V4 (incl. SIPLUS variants) | Update to V4.7 or later version | ||
11.02.2025 | Siemens | Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where fixes are not, or not yet available. | TIA Administrator All versions < V3.0.4 Totally Integrated Automation Portal (TIA Portal) | Update to V3.0.4 or later version Update to V19 Update 1 or later version | ||
11.02.2025 | Siemens | A vulnerability in the affected products could allow an unauthorized attacker with network access to perform a denial-of-service attack resulting in loss of real-time synchronization. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC ET 200SP IM 155-6 PN HF (incl. SIPLUS variants) | Update to V4.2.0 or later version | ||
11.02.2025 | Siemens | A vulnerability in the openSSL component (CVE-2022-0778, [0]) could allow an attacker to create a denial of service condition by providing specially crafted elliptic curve certificates to products that use a vulnerable version of openSSL. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. | SCALANCE XC208 SIMATIC CP 1243-1 SIMATIC ET 200SP communications modules (CP 1542SP-1, CP 1542SP-1 IRC and CP 1543SP-1, incl. SIPLUS variants) SIMATIC S7-1200 CPU family (incl. SIPLUS variants) SIMATIC S7-1500 CPU 1513R-1 PN SIMATIC S7-PLCSIM Advanced SIMATIC WinCC V7/V8 Totally Integrated Automation Portal (TIA Portal) V16 | Update to V4.4 or later version Update to V3.4.29 or later version Update to V2.2.28 or later version Update to V4.6.0 or later version Update to V2.9.7 or later version Update to V5.0 or later version Update to V7.5 SP2 Update 16 or later version Currently no fix is planned | ||
14.01.2025 | Siemens | Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) SIMATIC S7-1500 Software Controller | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: Do not click on links from unknown sources. Product-specific remediations or mitigations can be found in the section Affected Products and Solution. Please follow the General Security Recommendations. | 23.01.2025 | |
14.01.2025 | Siemens | A vulnerability in the login dialog box of SIMATIC WinCC could allow a local attacker to cause a denial of service condition in the runtime of the SCADA system. Siemens has released new versions for the affected products and recommends to update to the latest versions. | SIMATIC WinCC Runtime Professional SIMATIC PCS 7 | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: Activate SIMATIC Logon in the User Administrator of the SIMATIC PCS 7 Operator Stations Product-specific remediations or mitigations can be found in the section Affected Products and Solution. Please follow the General Security Recommendations. | 23.01.2025 | |
14.01.2025 | Siemens | The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC WinCC Unified OPC UA Server SIMATIC WinCC OPC UA Client SIMATIC WinCC Runtime Professional SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: Disable the OPC UA feature, if not used Product-specific remediations or mitigations can be found in the section Affected Products and Solution. | 23.01.2025 | |
14.01.2025 | Siemens | Multiple SCALANCE devices are affected by several vulnerabilities that could allow an attacker to inject code, retrieve data as debug information as well as user CLI passwords or set the CLI to an irresponsive state. Siemens has released updates for the affected products and recommends to update to the latest versions. | SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG family | Product-specific remediations or mitigations can be found in the section Affected Products and Solution. Please follow the General Security Recommendations. | 23.01.2025 | |
10.12.2024 | Siemens | The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacer to create a denial of service condition by sending a specially crafted certificate. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) SIMATIC Win CC OPC UA Client SIMATIC WinCC Runtime Professional SIMATIC WinCC Unified OPC UA Server | Update to V2.0.0.1 or later version See further recommendations from section Workarounds and Mitigations | 14.01.2025 | |
10.12.2024 | Siemens | Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successfull attack, the legitimate user must actively click on an attacker-crafted link. Siemens has released new versions for several affected products and recommends to update to the latest versions. Simens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-1500 Software Controller | Currently no fix available See further recommendations from section Workarounds and Mitigations | 14.01.2025 | |
12.11.2024 | Siemens | Affected products do not preoperly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-PLCSIM V16 Totally Integrated Automation Portal V16, V17, V18 (TIA Portal) | No solution available yet. Please see here for further information. | 04.12.2024 | |
08.10.2024 | Siemens | Several SIMATIC S7-1500 CPU versions are affected by an authentification bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. | All S7-1500 CPUs | Product-specific remediations or mitigations can be found in the section Affected Products and Solutions. Please follow the General Security Recommendations. | 20.11.2024 | |
08.10.2024 | Siemens | Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web werver of affected devices redirect a legitimate user to an attacker-chosen URL. Fo a successful attack, the legitimate user needs to actively click on an attacker-crafted link. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | Simatic S7-1200 CPU Family Simatic S7-1500 CPU Family | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk Do not click on links from unknown sources. Product-specific remeditations or mitigations can be found in the section Affected Products and Solutions. Please follow the General Security Recommendations. | 20.11.2024 | |
13.08.2024 | Rockwell Automation | A denial-of-service vulnerability exists in the affected product. This vulnerability occurs when a malformed PCCC message is received, causing a failure in the controller. | ControlLogix/GuardLogix 5580 and Compact-Logix/Compact GuardLogix® 5380 Controller | Update to latest firmware revision. Restrict communication to CIP objects 103 (0x67) | 01.10.2024 | |
13.08.2024 | Rockwell Automation | A denial-of-service vulnerability via Input Validation. A malformed PTP management package can cause a major irreversible fault in the controller. | ControlLogix/GuardLogix 5580 and Compact-Logix/Compact GuardLogix® 5380 Controller | Update to latest firmware revision. If PTP messages are not used, block at the network level, port UDP 319/320 | 01.10.204 | |
09.07.2024 | Siemens | Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. | Totally Integrated Automation Portal (TIA Portal) before V19 | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: Avoid opening untrusted files from unknown sources in affected products | 31.07.2024 | |
09.07.2024 | Siemens | A vulnarability in affected devices could allow an attacker to perform a denial of service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific counter measures for products where fixes are not, or not yet available. | Simatic S7-1200 CPU Family, Simatic S7-1500 Family, ET200SP | Siemens has identifid the following specific workarounds and mitigations that customers cann apply to reduce the risk: Restrict network access to affected devices | 31.07.2024 | |
11.06.2024 | Siemens | TIA Administrator creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process. | TIA-Administrator <3.2 | Siemens has released a new version for TIA Administrator and recommends to update to the latest version. Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk. Remove write permissions for non-administrative users on files and folders located under the installation path | 05.07.2024 | |
11.06.2024 | Siemens | The SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG group is affected by multiple vulnerabilities. CVE-2023-44318 and CVE-2023-44321 were previously published as part of SSA-699386. | SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG group. | As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity | 05.07.2024 | |
11.06.2024 | Siemens | Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | All SEEPEX control featuring the following SIEMENS Software:
| Currently no fix available/ Update to latest version | 05.07.2024 | |
21.05.2024 | Rockwell Automation | IMPORTANT NOTICE: Rockwell Automation reiterates the instruction to its customers to disconnect devices from the Internet to protect against cyber threats Due to heightened geopolitical tensions and hostile cyber activity around the world, Rockwell Automation urges all customers to IMMEDIATELY check if their devices are connected to the public Internet and, if so, to urgently remove that connection for devices that are not specifically designed for a public Internet connection. | All SEEPEX controls with Rockwell Automation Hardware | Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is issuing this notice urging all customers to take IMMEDIATE action to assess whether they have devices facing the public internet and, if so, urgently remove that connectivity for devices not specifically designed for public internet connectivity. | 30.05.2024 | |
14.05.2024 | SIEMENS | A vulnerability has been discovered in the SIMATIC S7-1500 CPU family and related products that could allow an attacker to trigger a denial of service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp. | All SEEPEX controls with the following SIEMENS hardware:
| No solution is currently planned | 30.05.2024 | |
13.02.2024 | SIEMENS | Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | All SEEPEX controls featuring the following SIEMENS Software:
| Currently no fix available / Update to latest version | 27.02.2024 | |
12.12.2023 | SIEMENS | Information disclosure to LOCAL attacker to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs | All SEEPEX controls featuring the following SIEMENS hardware:
| Exclusion of local attackers and/or firmware update to V19 or later version | 14.02.2024 | |
12.12.2023 | SIEMENS | Multiple Vulnerabilities in SIMATIC S7-1500 CPUs of GNU/Linux subsystem | All SEEPEX controls featuring the following SIEMENS hardware:
| See SSA-398330 | 14.02.2024 | |
12.12.2023 | SIEMENS | Denial of Service Vulnerability in SIMATIC S7- 1500 CPUs via port 102 tcp | All SEEPEX controls featuring the following SIEMENS hardware:
| Firmware update to V3.1.0 or later version | 14.02.2024 | |
09.12.2023 | SIEMENS | Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | All SEEPEX controls on SIEMENS PLCs that are connected to a SEEPEX Gateway (e.g. SPG) | Firmware update to V8.1. SP1 or later version | 14.02.2024 | |
14.11.2023 | SIEMENS | Multiple Vulnerabilities on SIEMENS SCALANCE Routern | All SEEPEX control cabinets featuring the following SIEMENS hardware:
| Firmware update to V4.5 or later version | 14.02.2024 | |
28.05.2021 | SIEMENS | Memory Protection Bypass Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families | All SEEPEX controls featuring the following SIEMENS hardware:
| SIMATIC S7-12xx: firmware update to V4.5 or later version SIMATIC S7-15xx: firmware update to V2.9.2 or later version | 14.02.2024 |