all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SSA-910883 V1.0: DHCP Client Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives

Add to bookmarks
July 12, 2022, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com


Several models of SINAMICS PERFECT HARMONY GH180 Drives are affected by a DHCP client vulnerability (CVE-2021-29998) in the integrated SCALANCE X206-1 device. The vulnerability could allow an attacker to cause a heap-based buffer overflow on that device and use it to get access to the drive’s internal network.



The list of affected drive models can be found in the section “Additional Information” below.



Recently manufactured drives are no longer affected. For older drives, Siemens provides detailed remediation advise via customer …

client dhcp harmony perfect ssa vulnerability

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-128433 V1.0: Multiple Vulnerabilities in SINEC NMS before V2.0 SP2 1 week, 3 days ago | cert-portal.siemens.com
latest nms siemens sinec +4
SSA-222019 V1.0: X_T File Parsing Vulnerabilities in Parasolid 1 week, 3 days ago | cert-portal.siemens.com
application applications attacker code +12
SSA-730482 V1.0: Denial of Service Vulnerability in SIMATIC WinCC 1 week, 3 days ago | cert-portal.siemens.com
attacker box denial of service dialog +14
SSA-822518 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 … 1 week, 3 days ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-455250 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices 1 week, 3 days ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-265688 V1.0: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 1 week, 3 days ago | cert-portal.siemens.com
countermeasures fix fixes gnu +7
SSA-885980 V1.0: Multiple Vulnerabilities in Scalance W1750D 1 week, 3 days ago | cert-portal.siemens.com
attacker buffer buffer overflow code +16
SSA-556635 V1.0: Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0 1 week, 3 days ago | cert-portal.siemens.com
1.2.0 basic fixes server +4
SSB-201698 V1.0: Risk for Denial of Service attack through Discovery and Basic Configuration Protocol (DCP) … 3 weeks, 3 days ago | cert-portal.siemens.com
attack basic communication configuration +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Information Security Manager & ISSO

@ Federal Reserve System | Minneapolis, MN
View on infosec-jobs.com

Forensic Lead

@ Arete | Hyderabad
View on infosec-jobs.com

Lead Security Risk Analyst (GRC)

@ Justworks, Inc. | New York City
View on infosec-jobs.com

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com
View more jobs