If you know of an incident or suspected case, please do not hesitate to share your information with us at: cybersecurity-seepex@irco.com

 

Date of notification Source Bulletin Impact Affected SEEPEX product Recommended action Launched on SEEPEX Website
21.05.2024 Rockwell Automation  SD1672

IMPORTANT NOTICE:

Rockwell Automation reiterates the instruction to its customers to disconnect devices from the Internet to protect against cyber threats Due to heightened geopolitical tensions and hostile cyber activity around the world, Rockwell Automation urges all customers to IMMEDIATELY check if their devices are connected to the public Internet and, if so, to urgently remove that connection for devices that are not specifically designed for a public Internet connection.

All SEEPEX controls with Rockwell Automation Hardware

Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is issuing this notice urging all customers to take IMMEDIATE action to assess whether they have devices facing the public internet and, if so, urgently remove that connectivity for devices not specifically designed for public internet connectivity.

30.05.2024

14.05.2024 SIEMENS SSA-592380

A vulnerability has been discovered in the SIMATIC S7-1500 CPU family and related products that could allow an attacker to trigger a denial of service condition. In order to exploit the vulnerability, an attacker must have access to the affected devices on port 102/tcp.

All SEEPEX controls with the following SIEMENS hardware: 

  • SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)

No solution is currently planned

30.05.2024

13.02.2024 SIEMENS SSA-711309

Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

All SEEPEX controls featuring the following SIEMENS Software:

  • SIMATIC S7-12xx
  • SIMATIC S7-15xx
  • SIMATIC     ET 200SP

Currently no fix available / Update to latest version

27.02.2024

12.12.2023 SIEMENS SSA-887801

Information disclosure to LOCAL attacker to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-12xx
  • SIMATIC S7-15xx

Exclusion of local attackers

and/or

firmware update to V19 or later version

14.02.2024

12.12.2023 SIEMENS SSA-398330

Multiple Vulnerabilities in SIMATIC S7-1500 CPUs of GNU/Linux subsystem

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-15xx
See SSA-398330 14.02.2024
12.12.2023 SIEMENS SSA-592380

Denial of Service Vulnerability in SIMATIC S7- 1500 CPUs via port 102 tcp

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-15xx

Firmware update to V3.1.0 or later version

14.02.2024

09.12.2023 SIEMENS SSA-711309

Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products

All SEEPEX controls on SIEMENS PLCs that are connected to a SEEPEX Gateway (e.g. SPG)

Firmware update to V8.1. SP1 or later version

14.02.2024

14.11.2023 SIEMENS SSA-699386

Multiple Vulnerabilities on SIEMENS SCALANCE Routern

All SEEPEX control cabinets featuring the following SIEMENS hardware:

  • SCALANCE XB-200, XC- 200, XP-200, XF-200BA and XR-300WG

Firmware update to V4.5 or later version

14.02.2024

28.05.2021 SIEMENS SSA-434534

Memory Protection Bypass Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families

All SEEPEX controls featuring the following SIEMENS hardware:

  • SIMATIC S7-12xx
  • SIMATIC S7-15xx
  • SIMATIC ET 200SP Open Controller CPU

SIMATIC S7-12xx:

firmware update to V4.5 or later version

 

 SIMATIC S7-15xx: 

 firmware update to V2.9.2 or later version

 

14.02.2024