Rewterz

Rewterz Threat Advisory – Multiple VMware vRealize Operations (vROps) Vulnerabilities

December 19, 2022
Rewterz

Rewterz Threat Advisory – ICS: Siemens APOGEE PXC Series and Siemens TALON TC Series Vulnerability

December 19, 2022

Rewterz Threat Advisory – ICS: Siemens SIPROTEC 5 Devices Vulnerability

Severity

High

Analysis Summary

CVE-2022-45044 

Siemens SIPROTEC 5 devices are vulnerable to a denial of service, caused by uncontrolled resource consumption in the SSL and TLS protocols. A remote attacker could exploit this vulnerability to cause a denial of service on ports 443/TCP and 4443/TCP.

Impact

Denial of Service

Indicators Of Compromise

CVE

  • CVE-2022-45044

Affected Vendors

Siemens

Affected Products

  • Siemens SIPROTEC 5 6MD85 (CPU variant CP200)
  • Siemens SIPROTEC 5 6MD85 (CPU variant CP300)
  • Siemens SIPROTEC 5 6MD86 (CPU variant CP200)
  • Siemens SIPROTEC 5 6MD86 (CPU variant CP300)

Remediation

Refer to Siemens Website for patch, upgrade or suggested workaround information.

Siemens Website

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.