Schneider Electric Archives - Cyber Security Minute

ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities

Issued by: Security Week

Siemens has released 12 advisories covering 35 vulnerabilities. Based on CVSS scores, the most important advisory covers 11 flaws affecting the web server of SICAM P850 and P855 devices. One of these bugs is critical and it allows an unauthenticated attacker to execute arbitrary code or launch a denial-of-service (DoS) attack. The five high-severity vulnerabilities…

Malware & Threats

Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities

Issued by: Security Week

The malware, described as a modular ICS attack framework and a collection of custom-made tools, can be used by threat actors to target ICS and SCADA devices, including programmable logic controllers (PLCs) from Schneider Electric and Omron, and OPC UA servers. Advisories and blog posts describing the toolset have been released by industrial cybersecurity firm…

Vulnerabilities

ICS Patch Tuesday: Siemens and Schneider Electric Address Over 50 Vulnerabilities

Issued by: Security Week

The companies have released patches and mitigations to address these vulnerabilities. Siemens Siemens has released 5 new advisories covering 33 vulnerabilities. The company informed customers that an update for its SINEC network management system patches 15 flaws, including ones that can be exploited for arbitrary code execution. While some of them have been assigned a…

Vulnerabilities

ICS Patch Tuesday: Siemens and Schneider Electric Address 100 Vulnerabilities

Issued by: Security Week

The 18 new advisories prepared by Siemens for the July 2021 Patch Tuesday cover nearly 80 vulnerabilities impacting the company’s products. Some of the vulnerabilities have already been patched by Siemens, while others are in the process of being fixed. Workarounds and/or mitigations are also available. An advisory for JT2Go and Teamcenter Visualization covers the…