Browsing tag
A vulnerability in Siemens Simatic programmable logic controller (PLC) can be exploited to retrieve the hard-coded, global private cryptographic keys and seize control of the devices. “An attacker can use these keys to perform multiple advanced attacks against Siemens SIMATIC devices and the related TIA Portal, while bypassing all four of its access level protections,” […]
Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system (NMS), some of which could be chained by an attacker to achieve remote code execution on affected systems. “The vulnerabilities, if exploited, pose a number of risks to Siemens devices on the network including denial-of-service attacks, credential leaks, and remote […]
According to digital forensics specialists at security firm Applied Risk there are more than 100 vulnerabilities in multiple building management systems (BMS) of various manufacturers. If exploited, these flaws would allow threat actors to deploy denial of service (DoS) and remote code execution (RCE) attacks, and even collect critical information about the operation of these […]
Ever wished that you would never be kicked out of your job, here is some inspiration for you — A contract programmer duped a German-based tech corporation into rehiring him every few years. David Tinley was hired by the US unit of Siemens to create automated spreadsheets. These spreadsheets were used by the company to […]
A new vulnerability in a Siemens software platform has been discovered by system audit specialists. If exploited, this flaw would allow hackers to gain access to industrial control systems, which work with this software, to carry out espionage activities or even hardware failures on compromised systems. One of the main industries that employ these systems […]
Siemens warns of the presence of six vulnerabilities in some of its SICLOCK central clocks, which synchronize the time in industrial environments, as reported by specialists in pentest from the International Institute of Cyber Security. “In case of failure or loss of reception from the primary time source, the central clock of the plant ensures […]