Protection from unintended firmware upload: all firmware versions prior to 8.1x with basic security option Web server vulnerabilities: all firmware versions prior to version 8.1x Vulnerabilities related to SSH Support: firmware versions 7.4x to 8.0x (CyberSentry option) GE reports the vulnerabilities affect the following UR family (B30, B90, C30, C60, C70, C95, D30, D60, F35, F60, G30, G60, 元0, L60, L90, M60, N60, T35, T60) of advanced protection and control relays: Control Center Server (CCS) : All versions = V2.1 and < V2.1.3 SIPLUSvariants) : All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and = V1.5.0only affected by CVE-2019-18340
#IFIX SCADA SECURITY BREACH UPDATE#
Update of the advisories for SSA-763427 (CVSS 9.8) : Update of the advisories for SSA-296266 (CVSS 8.6) : Texas Instruments SimpleLink-CC32XX, versions prior to 4.10.03 Texas Instruments SimpleLink-CC26XX, versions prior to 4.40.00 Texas Instruments SimpleLink-CC13XX, versions prior to 4.40.00 Texas Instruments SimpleLink MSP432E4XX Texas Instruments CC32XX, versions prior to 4.40.00.07 Samsung Tizen RT RTOS, versions prior 3.0.GBB NXP MCUXpresso SDK, versions prior to 2.8.2 Micrium uCOS II/uCOS III Versions 1.39.0 and prior Media Tek LinkIt SDK, versions prior to 4.6.1 Linux Zephyr RTOS, versions prior to 2.4.0 Google Cloud IoT Device SDK, Version 1.0.2
eCosCentric eCosPro RTOS, Versions 2.0.1 through 4.5.3 ARM CMSIS-RTOS2, versions prior to 2.1.3 Mitsubishi Electric GOT and Tension Controller SSA-983548: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation SSA-940818: UltraVNC Vulnerabilities in SIMATIC HMIs/WinCC Products SSA-919955: Information Disclosure Vulnerability in Mendix Database Replication Module SSA-854248: Information Disclosure Vulnerability in Mendix Excel Importer Module SSA-752103: Telnet Authentication Vulnerability in SINAMICS Medium Voltage Products SSA-723417: Multiple Vulnerabilities in SCALANCE W1750D SSA-678983: Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020) SSA-676775: Denial-of-Service Vulnerability in SIMATIC NET CP 343-1 Devices SSA-594364: Denial-of-Service Vulnerability in SNMP Implementation of WinCC Runtime SSA-538778: SmartVNC Vulnerabilities in SIMATIC HMI/WinCC Products SSA-501073: Vulnerabilities in Controllers CPU 1518 MFP using Intel CPUs (November 2020) SSA-324955: SAD DNS Attack in Linux Based Products SSA-286838: Multiple Vulnerabilities in SINAMICS Medium Voltage Products SSA-116379: Denial-of-Service Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices SIMATIC WinCC Runtime Advanced:All versions < V16 Update 4 SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 and KTP900F:All versions < V16 Update 4 SIPLUS variants):All versions < V16 Update 4 SIMATIC HMI Comfort Panels 4" - 22"(incl. SIMATIC HMI Comfort Outdoor Panels 7" & 15"(incl. SINAMICS GM150 (with option X30):All versions SINAMICS GL150 (with option X30):All versions Stack Overflow and XXE vulnerability in various OPC UA products In short: At VIDEC you will find competent support to ensure the smooth operation of automated plants and production facilities.See the documents below for more information In addition to profound industry knowledge, our customers benefit from our own developments as well as the distribution products of the GE Intelligent Platform and other partners.
#IFIX SCADA SECURITY BREACH SOFTWARE#
We offer customised software for analysis, alarming, security management, IT & OT security, project planning, web-based visualisation, web SCADA, web HMI, DCS, process data management, data acquisition, data archiving, reporting, alarm systems, telecontrol, control management for manufacturing, cloud for the industrial internet, and more. We work with a network of distributors worldwide on customisable automation, MES and IT security solutions. Active in numerous industries for over 25 years, the VIDEC team supports plants of various sizes, from SMEs to international corporations. VIDEC Data Engineering GmbH specialises in software products and solutions for automation and the optimisation of production processes and IT security.