Siemens – Xynik

ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell

November 13, 2024 by Xynik

November 13, 2024 at 07:21AM CISA, Schneider Electric, Siemens, and Rockwell Automation have issued security advisories for November 2024’s Patch Tuesday, focusing on vulnerabilities in industrial control systems. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Participants:** CISA, Schneider Electric, Siemens, and Rockwell Automation. 2. **Key Event:** November 2024 Patch Tuesday security advisories have … Read more

Siemens and Rockwell Tackle Industrial Cybersecurity, but Face Customer Hesitation

November 4, 2024 by Xynik

November 4, 2024 at 05:07AM Siemens and Rockwell Automation are enhancing cybersecurity for industrial organizations, yet face challenges in encouraging customers to install security systems and upgrade their Industrial Control Systems (ICS). **Meeting Takeaways:** 1. **Collaboration on Cybersecurity**: Siemens and Rockwell Automation are actively working together to enhance cybersecurity measures in industrial organizations. 2. **Challenges … Read more

Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment

July 24, 2024 by Xynik

July 24, 2024 at 10:42AM Siemens issued an out-of-band security advisory announcing patches for critical vulnerabilities in Sicam A8000, Enhanced Grid Sensor, and Sicam 8 software, impacting energy supply sector. One vulnerability allows unauthorized admin access, the other can enable firmware downgrading and code execution. Siemens has released firmware updates and mitigation measures, while SEC … Read more

Siemens Sicam Vulnerabilities Could Facilitate Attacks on Energy Sector

June 26, 2024 by Xynik

June 26, 2024 at 06:05AM Recently, Siemens patched high-severity vulnerabilities in Sicam products: A8000, EGS grid sensors, and 8 power automation software, affecting energy sector security. The flaws allow sensitive data theft, command injection, and password exposure, potentially enabling arbitrary code execution and network destabilization. SEC Consult credited for discovery, with a potential real-world attack … Read more

ICS Patch Tuesday: Advisories Published by Siemens, Rockwell, Mitsubishi Electric

May 15, 2024 by Xynik

May 15, 2024 at 06:36AM Major industrial control systems providers, including Siemens, Rockwell Automation, Mitsubishi Electric, and Johnson Controls, have issued Patch Tuesday advisories addressing vulnerabilities in their products. Siemens has published 15 advisories, addressing critical vulnerabilities in various products, while Rockwell Automation and Mitsubishi Electric also reported high-severity vulnerabilities. CISA has informed organizations about … Read more

Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug

April 23, 2024 by Xynik

April 23, 2024 at 04:59PM Siemens urges organizations using Ruggedcom APE1808 devices configured with Palo Alto Networks Virtual NGFW to address a critical zero-day bug, CVE-2024-3400, recently disclosed by PAN. The vulnerability allows for command injection and has been exploited by deploying a Python backdoor on affected firewalls. Siemens is working on updates and recommends … Read more

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability

April 23, 2024 by Xynik

April 23, 2024 at 06:57AM A recently disclosed Palo Alto Networks firewall vulnerability (CVE-2024-3400) has been exploited for at least a month, impacting Siemens’ Ruggedcom APE1808 devices. Siemens is preparing updates and providing workarounds. The vulnerability has been exploited in the wild, and there are concerns about state-sponsored threat actors. The Shadowserver Foundation has identified … Read more

ICS Patch Tuesday: Siemens Addresses Palo Alto Networks Product Vulnerabilities

April 9, 2024 by Xynik

April 9, 2024 at 09:42AM Siemens and Schneider Electric have released April 2024 Patch Tuesday advisories. Siemens published eight advisories, including 80 vulnerabilities in ICS products. Notably, patches for three critical code execution flaws in Scalance W1750D access points were announced. Meanwhile, Schneider Electric disclosed a high-severity privilege escalation vulnerability in its Easergy Studio product. … Read more

ICS Patch Tuesday: Siemens Addresses 270 Vulnerabilities

February 13, 2024 by Xynik

February 13, 2024 at 07:39AM In February 2024, Siemens and Schneider Electric released 18 new security advisories for ICS Patch Tuesday. Siemens addressed 270 vulnerabilities as part of this release, as reported by SecurityWeek. It seems like you’ve shared a snippet of meeting notes or a news article related to cybersecurity. Is there a specific … Read more

ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric

November 14, 2023 by Xynik

November 14, 2023 at 09:27AM Siemens and Schneider Electric have released their Patch Tuesday advisories for November 2023, addressing a total of around 90 vulnerabilities in their products. Siemens has informed customers about vulnerabilities in several of their devices and software, with some being critical and high-severity. Siemens plans to release patches for most of … Read more