SCALANCE S602, SCALANCE S612, SCALANCE S623, SCALANCE S627-2M Security Vulnerabilities

Siemens SCALANCE Device Detection

Siemens SCALANCE devices include routers, managed and unmanaged switches, access points, clients, and media converters to provide Industrial Ethernet (IE) and Industrial Wireless LAN (IWLAN) capabilities for industrial...

Siemens SCALANCE W Client Detection

The Siemens SCALANCE W Client provides Industrial Wireless LAN (IWLAN) capabilities for industrial environments. IWLAN is an extension of the IEEE 802.11 standard for devices that will be deployed in demanding industrial applications with real-time and redundancy requirements. Siemens provides...

Siemens SINEMA Server未明远程代码执行漏洞

CVE ID:CVE-2014-2731 SINEMA Server是西门子工业网络管理软件能够快速诊断工业以太网、工业交换机SCALANCE、PROFINET和CP443-1、CP343-1、ET200(PN)等网络设备的通讯状态。 SINEMA Server存在未明安全漏洞，允许远程攻击者利用漏洞执行任意代码。 0 SINEMA Server 12 SINEMA Server 12 SP1版本已修复该漏洞，建议用户下载使用：...

Siemens SINEMA Server未明路径遍历远程信息泄漏漏洞

CVE ID:CVE-2014-2732 SINEMA Server是西门子工业网络管理软件能够快速诊断工业以太网、工业交换机SCALANCE、PROFINET和CP443-1、CP343-1、ET200(PN)等网络设备的通讯状态。 SINEMA Server存在目录遍历漏洞，允许远程攻击者利用漏洞提交特殊的目录遍历序列如'../'来绕过WEB限制，获取敏感信息。 0 SINEMA Server 12 SINEMA Server 12 SP1版本已修复该漏洞，建议用户下载使用：...

Siemens SINEMA Server特制HTTP请求处理远程拒绝服务漏洞

CVE ID:CVE-2014-2733 SINEMA Server是西门子工业网络管理软件能够快速诊断工业以太网、工业交换机SCALANCE、PROFINET和CP443-1、CP343-1、ET200(PN)等网络设备的通讯状态。 SINEMA Server处理特制HTTP请求存在安全漏洞，允许远程攻击者利用漏洞提交特制的请求使WEB接口崩溃。 0 SINEMA Server 12 SINEMA Server 12 SP1版本已修复该漏洞，建议用户下载使用：...

PHP: Теория выражений

Всем привет! Сегодня хотелось бы поговорить о выражениях; о том, что они из себя представляют. Нет, это не невнятная публикация представляющая из себя выдержки c манов и ссылки. Сначала небольшой экскурс, а затем, новая и полезная информация. Примечание: Если у вас отключен тег img, перейдите на...

Siemens Scalance X-200 Series Switches Insufficient Entropy Vulnerability

Siemens Scalance X-200 Series switches are prone to a vulnerability in the entropy of random number...

Google Bug Bounty Program to Include Chrome Extensions

Google has announced it will retool its bounty program and extend its scope to include Chrome apps and extensions branded as “by Google,” including extensions tied to popular products such as Gmail and Hangouts. According to a post by Google’s Michal Zalewski and Eduardo Vela Nava on the company’s....

Bluetooth Gas Pump Skimmer Scam Nets $2 Million

Thirteen men were indicted this week for allegedly using Bluetooth-enabled skimmers to steal more than $2 million from customers at gas stations across the Southern United States between 2012 and 2013. Documents released on Tuesday by the offices of Manhattan District Attorney Cyrus R. Vance, Jr......

Siemens Fixes Authentication Bugs in Scalance X-200 Switches

Researchers have discovered two serious vulnerabilities in industrial Ethernet switches manufactured by Siemens that could enable attackers to perform unauthorized actions on the switches without authentication. One of the bugs allows attackers to hijack Web sessions and the other enables them to.....

$100 Million Worth of Bitcoins Stolen

UPDATE: As if Bitcoin malware and Bitcoin mining malware weren’t enough to worry about, there was more trouble for the users of the digital crypto-currency last week as 96,000 Bitcoins disappeared from the Sheep Marketplace. Bicoin’s value has surged in recent weeks, peaking at an astonishing...

millions stolen in Bitcoin heist

More trouble for Bitcoin this week after an Australian wallet service admitted that attackers broke into their systems and made off with more than $1.2 million worth of the the digital crypto-currency. The theft comes on the coat-tails of a contentious research paper claiming that a...

DARPA Cyber Grand Challenge Offers $2M to Winners

The bug bounty continues to be turned on its ear. Microsoft began the wave of paying premium money for mitigation technologies via its Blue Hat prizes, and now DARPA has gone all-in to the tune of $2 million for the development of an automated network defense system that not only scans for and...

Siemens SCALANCE X-200 Web Session Hijacking

According to the self-reported version of the remote Siemens SCALANCE X-200 series device obtained from the SNMP system description, it is vulnerable to a web session hijacking vulnerability. This is due to a weakness in the integrated web server's random number...

Siemens SCALANCE X-200 Authentication Bypass

According to the self-reported version of the remote SCALANCE device, it is affected by an unspecified vulnerability that could allow an attacker to execute administrative functions on the device without...

Google to Pay Rewards For Patches to Open Source Projects

Google, one of the first companies to offer a significant bug bounty program, is extending its rewards to researchers and developers who contribute patches to a variety of open source projects and have an effect on the security of the project. The new rewards will range from $500 to $3,133.70, and....

Siemens SCALANCE X-200 Authentication Bypass Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 01, 2013, and is now being released to the ICS-CERT-Web page. Siemens has identified an authentication bypass vulnerability in the SCALANCE X-200 switch product family. Researcher Eireann Leverett of...

CVE-2013-5944

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management...

CVE-2013-5944

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management...

Design/Logic Flaw

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management...

CVE-2013-5944

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management...

CVE-2013-5709

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a...

CVE-2013-5709

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a...

Authentication flaw

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a...

CVE-2013-5709

The authentication implementation in the web server on Siemens SCALANCE X-200 switches with firmware before 5.0.0 does not use a sufficient source of entropy for generating values of random numbers, which makes it easier for remote attackers to hijack sessions by predicting a...

Website Common Vulnerability-file upload vulnerability-vulnerability warning-the black bar safety net

Arbitrary file upload vulnerability File upload vulnerability(File Upload Attack)is due to the file upload function to achieve the code does not strictly limit the user to upload a file suffix and file type, the result allows an attacker to a Web-accessible directory to upload arbitrary PHP files,....

After Paying $2M in Rewards, Google Multiplies Some Bug Bounties Five Times

Google’s bug bounty program has been one of the more successful reward systems of its kind, and the company has regularly modified and expanded the program over the years to keep pace with what’s going on in the industry. Google also has increased the rewards it offers for certain kinds of...

Siemens Scalance W-7xx Product Family Multiple Vulnerabilities

OVERVIEW Siemens has identified multiple vulnerabilities in the Siemens Scalance W-7xx product family and reported them to ICS-CERT. A software update has been produced by Siemens that mitigates these vulnerabilities. Siemens has tested the software update to validate that it resolves the...

CVE-2013-4652

Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET...

CVE-2013-4651

Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust...

Hardcoded credentials

Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust...

Authentication flaw

Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET...

Siemens Scalance X200 IRT Multiple Vulnerabilities

OVERVIEW This advisory provides mitigation details for vulnerabilities that impact the Siemens Scalance X200 IRT. Siemens has identified multiple vulnerabilities in Siemens Scalance X200 IRT. Siemens has produced an update that mitigates these vulnerabilities. Siemens has tested the update to...

Siemens SCALANCE Default Credentials (HTTP)

The remote Siemens SCALANCE device is using known default credentials for the HTTP...

Siemens SIMATIC SCALANCE Detection (HTTP)

HTTP based detection of Siemens SIMATIC SCALANCE...

Siemens Scalance X200 Series Switches Multiple Vulnerabilities

Siemens Scalance X200 series switches are prone to multiple...

CVE-2013-3634

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 d...

CVE-2013-3633

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the we...

CVE-2013-3634

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 d...

CVE-2013-3633

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the we...

Command injection

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 d...

Design/Logic Flaw

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the we...

CVE-2013-3634

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 d...

CVE-2013-3633

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the we...

Siemens Scalance S Multiple Security Vulnerabilities

Overview ICS-CERT has received a report from Siemens regarding two security vulnerabilities in the Scalance S Security Module firewall. This vulnerability was reported to Siemens by Adam Hahn and Manimaran Govindarasu for coordinated disclosure. The first issue is a brute-force credential guessing....

Siemens Scalance X Buffer Overflow Vulnerability

Overview ICS-CERT has received a report from Siemens regarding a buffer overflow vulnerability in the web interface of the Scalance X Industrial Ethernet switch. This vulnerability was reported to Siemens by Jürgen Bilberger from Daimler TSS GmbH. This vulnerability leaves the affected devices...

CVE-2013-1185

The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID...

CVE-2013-1186

Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID...

CVE-2013-1178

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before...

Buffer overflow

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before...