us-cert

This advisory contains mitigations for a Denial of Service vulnerability in CENTUM Controller FCS products.

This advisory contains mitigations for an Inadequate Encryption Strength vulnerability in LS ELECTRIC PLC and XG5000, a PLC programming software.

This advisory contains mitigations for Out-of-bounds Read, Uncontrolled Search Path Element, Improper Authentication, Relative Path Traversal, Cleartext Transmission of Sensitive Information, NULL Pointer Dereference, and Integer Underflow vulnerabilities in various Softing products.

This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Delta Industrial Automation DRAS, a controller software suite.

This advisory contains mitigations for an Unrestricted Upload of File with Dangerous Type vulnerability in Industrial Automation Automation Studio 4, a PLC automation programming software.

This advisory contains mitigations for Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of Cryptographic Signature, Insufficient Verification of Data Authenticity, and Path Traversal: ‘\..\filename’ vulnerabilities in Emerson Proficy Machine Edition, an engineering workstation.

This advisory contains mitigations for Improper Authentication and Improper Authorization vulnerabilities in Sequi PortBloque S, a serial Modbus firewall.

This advisory contains mitigations for an Exposure of Sensitive Information to an Unauthorized Actor vulnerability in versions of Siemens Simcenter STAR-CCM+ products.

This advisory contains mitigations for Command Injection and Infinite Loop vulnerabilities in versions of Siemens Teamcenter a product lifecycle management software.

This advisory contains mitigations for Heap-based Buffer Overflow, Wrap or Wraparound, Classic Buffer Overflow, and Out-of-bounds Write vulnerabilities in products using AT&T Labs Compressor (XMill) and Decompressor (XDemill).