If you know of an incident or suspected case, please do not hesitate to share your information with us at: cybersecurity-seepex@irco.com
| Date of notification | Source | Bulletin | Impact | Affected SEEPEX product | Recommended action | Launched on SEEPEX Website | 
| 14.01.2025 | Siemens | SSA-876787 | Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successful attack, the legitimate user must actively click on an attacker-crafted link. 
 Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 
 | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) 
 SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) 
 SIMATIC S7-1500 Software Controller  | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: 
 Do not click on links from unknown sources. Product-specific remediations or mitigations can be found in the section Affected Products and Solution. Please follow the General Security Recommendations. | 23.01.2025 | 
| 14.01.2025 | Siemens | SSA-730482 | A vulnerability in the login dialog box of SIMATIC WinCC could allow a local attacker to cause a denial of service condition in the runtime of the SCADA system. 
 Siemens has released new versions for the affected products and recommends to update to the latest versions. | SIMATIC WinCC Runtime Professional | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: 
 Activate SIMATIC Logon in the User Administrator of the SIMATIC PCS 7 Operator Stations 
 Product-specific remediations or mitigations can be found in the section Affected Products and Solution. Please follow the General Security Recommendations. | 23.01.2025 | 
| 14.01.2025 | Siemens | SSA-711309 | The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate. 
 Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available. | 
 SIMATIC WinCC Unified OPC UA Server 
 SIMATIC WinCC OPC UA Client 
 SIMATIC WinCC Runtime Professional 
 SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: 
 Disable the OPC UA feature, if not used 
 Product-specific remediations or mitigations can be found in the section Affected Products and Solution. 
 | 23.01.2025 | 
| 14.01.2025 | Siemens | SSA-413565 | 
 Multiple SCALANCE devices are affected by several vulnerabilities that could allow an attacker to inject code, retrieve data as debug information as well as user CLI passwords or set the CLI to an irresponsive state. Siemens has released updates for the affected products and recommends to update to the latest versions. | SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG family | Product-specific remediations or mitigations can be found in the section Affected Products and Solution.  | 23.01.2025 | 
| 10.12.2024 | Siemens | SSA-711309 | The OPC UA implementations (ANSI C and C++) as used in several SIMATIC products contain a denial of service vulnerability that could allow an unauthenticated remote attacer to create a denial of service condition by sending a specially crafted certificate. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) SIMATIC Win CC OPC UA Client SIMATIC WinCC Runtime Professional SIMATIC WinCC Unified OPC UA Server | Update to V2.0.0.1 or later version See further recommendations from section Workarounds and Mitigations | 14.01.2025 | 
| 10.12.2024 | Siemens | SSA-876787 | Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web server of affected devices redirect a legitimate user to an attacker-chosen URL. For a successfull attack, the legitimate user must actively click on an attacker-crafted link. Siemens has released new versions for several affected products and recommends to update to the latest versions. Simens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-1500 Software Controller | Currently no fix available See further recommendations from section Workarounds and Mitigations 
 | 14.01.2025 | 
| 12.11.2024 | Siemens | SSA-871035 | Affected products do not preoperly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. | SIMATIC S7-PLCSIM V16 Totally Integrated Automation Portal V16, V17, V18 (TIA Portal) | No solution available yet. Please see here for further information. | 04.12.2024 | 
| 08.10.2024 | Siemens | SSA-054046 | Several SIMATIC S7-1500 CPU versions are affected by an authentification bypass vulnerability that could allow an unauthenticated remote attacker to gain knowledge about actual and configured maximum cycle times and communication load of the CPU. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available. | All S7-1500 CPUs | Product-specific remediations or mitigations can be found in the section Affected Products and Solutions. Please follow the General Security Recommendations. | 20.11.2024 | 
| 08.10.2024 | Siemens | SSA-876787 | Several SIMATIC S7-1500 and S7-1200 CPU versions are affected by an open redirect vulnerability that could allow an attacker to make the web werver of affected devices redirect a legitimate user to an attacker-chosen URL. Fo a successful attack, the legitimate user needs to actively click on an attacker-crafted link. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. | Simatic S7-1200 CPU Family Simatic S7-1500 CPU Family | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk Do not click on links from unknown sources. Product-specific remeditations or mitigations can be found in the section Affected Products and Solutions. Please follow the General Security Recommendations. | 20.11.2024 | 
| 13.08.2024 | Rockwell Automation | SD 1685 | A denial-of-service vulnerability exists in the affected product. This vulnerability occurs when a malformed PCCC message is received, causing a failure in the controller. | ControlLogix/GuardLogix 5580 and Compact-Logix/Compact GuardLogix® 5380 Controller | Update to latest firmware revision. Restrict communication to CIP objects 103 (0x67) | 01.10.2024 | 
| 13.08.2024 | Rockwell Automation | SD 1685 | A denial-of-service vulnerability via Input Validation. A malformed PTP management package can cause a major irreversible fault in the controller. | ControlLogix/GuardLogix 5580 and Compact-Logix/Compact GuardLogix® 5380 Controller | Update to latest firmware revision. If PTP messages are not used, block at the network level, port UDP 319/320 | 01.10.204 | 
| 09.07.2024 | Siemens | SSA-779936 | Affected applications do not properly restrict the .NET BinaryFormatter when deserializing user controllable input. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. | Totally Integrated Automation Portal (TIA Portal) before V19 | Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: Avoid opening untrusted files from unknown sources in affected products | 31.07.2024 | 
| 09.07.2024 | Siemens | A vulnarability in affected devices could allow an attacker to perform a denial of service attack if a large amount of specially crafted UDP packets are sent to the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific counter measures for products where fixes are not, or not yet available. | Simatic S7-1200 CPU Family, Simatic S7-1500 Family, ET200SP | Siemens has identifid the following specific workarounds and mitigations that customers cann apply to reduce the risk: Restrict network access to affected devices | 31.07.2024 | |
| 
 
 
 
 11.06.2024 | 
 
 
 
 Siemens | 
 
 
 
 | TIA Administrator creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process. 
 | 
 
 
 
 TIA-Administrator <3.2 | 
 
 Siemens has released a new version for TIA Administrator and recommends to update to the latest version. Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk.Remove write permissions for non-administrative users on files and folders located under the installation path 
 
 | 05.07.2024 | 
| 
 
 
 
 11.06.2024 | 
 
 
 
 Siemens | 
 
 
 
 | The SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG group is affected by multiple vulnerabilities. CVE-2023-44318 and CVE-2023-44321 were previously published as part of SSA-699386. | 
 
 
 SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG group. | 
 As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity | 05.07.2024 | 
| 
 
 11.06.2024 | 
 
 Siemens | 
 
 | 
 Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | All SEEPEX control featuring the following SIEMENS Software: - SIMATIC S7-12xx - SIMATIC S7-15xx - SIMATIC ET 200SP | 
 
 Currently no fix available/ Update to latest version | 05.07.2024 | 
| 21.05.2024 | Rockwell Automation | SD1672 | IMPORTANT NOTICE: Rockwell Automation reiterates the instruction to its customers to disconnect devices from the Internet to protect against cyber threats Due to heightened geopolitical tensions and hostile cyber activity around the world, Rockwell Automation urges all customers to IMMEDIATELY check if their devices are connected to the public Internet and, if so, to urgently remove that connection for devices that are not specifically designed for a public Internet connection. | All SEEPEX controls with Rockwell Automation Hardware | Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is issuing this notice urging all customers to take IMMEDIATE action to assess whether they have devices facing the public internet and, if so, urgently remove that connectivity for devices not specifically designed for public internet connectivity. | 30.05.2024 | 
| 14.05.2024 | SIEMENS | SSA-592380 | A vulnerability has been discovered in the SIMATIC S7-1500 CPU family and related products that could allow an attacker to trigger a denial of service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp. | All SEEPEX controls with the following SIEMENS hardware: 
 | No solution is currently planned | 30.05.2024 | 
| 13.02.2024 | SIEMENS | SSA-711309 | Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | All SEEPEX controls featuring the following SIEMENS Software: 
 | Currently no fix available / Update to latest version | 27.02.2024 | 
| 12.12.2023 | SIEMENS | SSA-887801 | Information disclosure to LOCAL attacker to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs | All SEEPEX controls featuring the following SIEMENS hardware: 
 | Exclusion of local attackers and/or firmware update to V19 or later version | 14.02.2024 | 
| 12.12.2023 | SIEMENS | SSA-398330 | Multiple Vulnerabilities in SIMATIC S7-1500 CPUs of GNU/Linux subsystem | All SEEPEX controls featuring the following SIEMENS hardware: 
 | See SSA-398330 | 14.02.2024 | 
| 12.12.2023 | SIEMENS | SSA-592380 | Denial of Service Vulnerability in SIMATIC S7- 1500 CPUs via port 102 tcp | All SEEPEX controls featuring the following SIEMENS hardware: 
 | Firmware update to V3.1.0 or later version | 14.02.2024 | 
| 09.12.2023 | SIEMENS | SSA-711309 | Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | All SEEPEX controls on SIEMENS PLCs that are connected to a SEEPEX Gateway (e.g. SPG) | Firmware update to V8.1. SP1 or later version | 14.02.2024 | 
| 14.11.2023 | SIEMENS | SSA-699386 | Multiple Vulnerabilities on SIEMENS SCALANCE Routern | All SEEPEX control cabinets featuring the following SIEMENS hardware: 
 | Firmware update to V4.5 or later version | 14.02.2024 | 
| 28.05.2021 | SIEMENS | SSA-434534 | Memory Protection Bypass Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families | All SEEPEX controls featuring the following SIEMENS hardware: 
 | SIMATIC S7-12xx: firmware update to V4.5 or later version 
 SIMATIC S7-15xx: firmware update to V2.9.2 or later version 
 | 14.02.2024 | 
How can we help you?