Skip to content

Latest commit

 

History

History
130 lines (125 loc) · 21.8 KB

advisories.md

File metadata and controls

130 lines (125 loc) · 21.8 KB
Raw

Vulnerable vendors

Vendor Advisory link CVE IDs Release name
ABB https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A1892&LanguageCode=en&DocumentPartId=&Action=Launch CVE-2016-20009 NAME:WRECK
ATOS https://networks.unify.com/security/advisories/OBSO-2101-01.pdf CVE-2020-13987 AMNESIA:33
BD https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-wreck CVE-2016-20009 NAME:WRECK
B&R automation https://www.br-automation.com/downloads_br_productcatalogue/assets/1621259206587-en-original-1.0.pdf CVE-2020-13987, CVE-2020-17438 AMNESIA:33
B&R automation https://www.br-automation.com/downloads_br_productcatalogue/assets/1636745459972-en-original-1.0.pdf CVE-2020-27634 NUMBER:JACK
B&R automation https://www.br-automation.com/downloads_br_productcatalogue/assets/1620567478764-en-original-1.0.pdf CVE-2016-20009 NAME:WRECK
Cisco https://quickview.cloudapps.cisco.com/quickview/bug/CSCvy11445 CVE-2020-7461 NAME:WRECK
Cisco https://quickview.cloudapps.cisco.com/quickview/bug/CSCvy11444 CVE-2020-7461 NAME:WRECK
Cisco https://quickview.cloudapps.cisco.com/quickview/bug/CSCvz69775 INFRA:HALT
Cyanconnode AB https://kb.cert.org/vuls/id/815128 CVE-2020-13985, CVE-2020-13986, CVE-2020-13987, CVE-2020-13988, CVE-2020-17437, CVE-2020-17438, CVE-2020-17439, CVE-2020-17440 AMNESIA:33
Dell https://www.dell.com/support/kbdoc/en-us/000183560/dsa-2021-046-dell-client-security-update-for-amnesia-33-vulnerabilities AMNESIA:33
Dell https://www.dell.com/support/kbdoc/en-al/000194836/dsa-2021-271-dell-emc-unity-dell-emc-unity-vsa-and-dell-emc-unity-xt-security-update-for-multiple-vulnerabilities CVE-2020-17437, CVE-2020-17438, CVE-2020-13987, CVE-2020-13988 AMNESIA:33
Devolo https://www.devolo.de/fileadmin/Web-Content/DE/support/security/dSA201101-uIP_Stack-Security_Advisory.pdf CVE-2020-13987 AMNESIA:33
D-LINK https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10198 AMNESIA:33
EMH metering https://emh-metering.com/wp-content/uploads/2021/02/EMH_Advisory_VAXCET_210203.pdf CVE-2020-13987, CVE-2020-13988, CVE-2020-17437, CVE-2020-17438, CVE-2020-17439, CVE-2020-17440, CVE-2020-24334 AMNESIA:33
Emerson https://www.emerson.com/documents/automation/security-notification-cyber-security-notification-hcc-embedded-interniche-tcp-ip-stack-vulnerability-en-7831500.pdf CVE-2021-31400, CVE-2021-31401, CVE-2020-35684, CVE-2020-35685, CVE-2020-35683, CE-2021-36762 INFRA:HALT
EMU https://www.emuag.ch/support/vulnerability/emu-sec20201201/ CVE-2020-13988, CVE-2020-13987, CVE-2020-17440, CVE-2020-17439, CVE-2020-17439, CVE-2020-17437 AMNESIA:33
Extreme Networks https://extremeportal.force.com/ExtrArticleDetail?an=000096235 CVE-2016-20009 NAME:WRECK
Feig https://www.feig.de/fileadmin/user_upload/Downloads/Cybersecurity/2020-12-08-01_SecurityAdvisory.pdf CVE-2020-13987, CVE-2020-13988 AMNESIA:33
Genetec https://resources.genetec.com/security-advisories/vulnerabilities-affecting-the-sharpx-sharpz3 AMNESIA:33
GE Healthcare https://www.gehealthcare.com/security CVE-2016-20009 NAME:WRECK
Hager https://daitem.it/wp-content/uploads/2021/10/Security-Advisory-HG-2021-001.pdf CVE-2020-25767, CVE-2020-25926, CVE-2020-25927, CVE-2020-25928, CVE-2021-27565, CVE-2020-35683, CVE-2020-35684, CVE-2020-35685, CVE-2021-31226, CVE-2021-31227, CVE-2021-31228, CVE-2021-31400, CVE-2021-31401 INFRA:HALT
Harting https://harting.sharefile.eu/share/view/45b5ca131e574842/fod2c891-c568-4690-becd-988867bf4dfb CVE-2020-13987, CVE-2020-13988 AMNESIA:33
Hensoldt https://hensoldt-cyber.com/notifications/amnesia-33/ CVE-2020-24337, CVE-2020-24341 AMNESIA:33
HMS Networks https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2022-04-14-001---anybus-interniche-vulnerabilities.pdf CVE-2020-25767, CVE-2020-25926, CVE-2020-25927, CVE-2020-25928, CVE-2021-27565, CVE-2020-35683, CVE-2020-35684, CVE-2020-35685, CVE-2021-31226, CVE-2021-31227, CVE-2021-31228, CVE-2021-31400, CVE-2021-31401 INFRA:HALT
Huawei https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1031 CVE-2020-13987, CVE-2020-13988, CVE-2020-17437 AMNESIA:33
Juniper https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-vSRX-3-0-model-FreeBSD-SA-20-26-dhclient-heap-overflow-CVE-2020-7461?language=en_US CVE-2020-7461 NAME:WRECK
Mindray https://m9m2s9g3.rocketcdn.me/wp-content/uploads/2021/12/Nucleus13_9623A.pdf CVE-2021-31344, CVE-2021-31345, CVE-2021-31346, CVE-2021-31881, CVE-2021-31882, CVE-2021-31883, CVE-2021-31884, CVE-2021-31885, CVE-2021-31886, CVE-2021-31887, CVE-2021-31888, CVE-2021-31889, CVE-2021-31890 NUCLEUS:13
Microchip Tech https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/amnesia-network-stack-tcp-ip-vulnerability CVE-2020-13987, CVE-2020-17439, CVE-2020-17440, CVE-2020-17441, CVE-2020-17470, CVE-2020-24334, CVE-2020-24336 AMNESIA:33
Nanotec https://en.nanotec.com/products/manual/N5_ECAT_EN?cHash=1b11e7dd4167bdbb93ee8d41de847565%20and%20https://en.nanotec.com/products/manual/N5_CAN_EN?cHash=57c3a0ea453f7c3bc9f2f33e93929599 AMNESIA:33
NETAPP https://security.netapp.com/advisory/ntap-20201016-0002/ CVE-2020-7461 NAME:WRECK
Netgear https://kb.cert.org/vuls/id/815128 CVE-2020-13987 AMNESIA:33
Nihon Kohden https://www.nihonkohden.com/pdf/NKcorporateResponse-Nucleus-First-Rev02_En.pdf.pdf NUCLEUS:13
open-iSCSI https://github.com/open-iscsi/open-iscsi/security/advisories/GHSA-r278-fm99-8rgp CVE-2020-17437, CVE-2020-13988, CVE-2020-13987 AMNESIA:33
Philips https://www.philips.com/a-w/security/security-advisories.html NAME:WRECK
Philips Dynalite https://www.dynalite.org/security-advisory/ INFRA:HALT
Pilz https://www.pilz.com/download/restricted/Pilz_Security_Advis__2021-001_1005808-EN-02.pdf CVE-2020-35683, CVE-2020-35684, CVE-2020-35685 INFRA:HALT
Phoenix Contact https://dam-mdc.phoenixcontact.com/asset/156443151564/fd2c482c84c16546afd992cf1786995e/Security_Advisory_Niche-Stack_20210804.pdf CVE-2020-35683, CVE-2020-35684, CVE-2020-35685, CVE-2021-31400, CVE-2021-31401, CVE 2021-31227 INFRA:HALT
Phoenix Contact https://cert.vde.com/en/advisories/VDE-2021-059/ NUCLEUS:13
RENESAS https://www.renesas.com/us/en/document/oth/renesas-response-uip-open-source-tcp-ip-stacks-vulnerability-issue AMNESIA:33
Ricoh https://www.ricoh.com/info/2021/0504_1/ CVE-2016-20009 NAME:WRECK
Rockwell https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131196 CVE-2016-20009 NAME:WRECK
Rockwell https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1132370 CVE-2020-25767, CVE-2020-25926, CVE-2020-25927, CVE-2020-25928, CVE-2021-27565, CVE-2020-35683, CVE-2020-35684, CVE-2020-35685, CVE-2021-31226, CVE-2021-31227, CVE-2021-31228, CVE-2021-31400, CVE-2021-31401 INFRA:HALT
Schneider Electric https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-217-01 CVE-2021-31400, CVE-2021-31401, CVE-2020-35683, CVE-2020-35684, CVE-2020-35685 INFRA:HALT
Schneider Electric https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-06 CVE-2020-13987, CVE-2020-17438 AMNESIA:33
Sharp https://jp.sharp/business/lcd-display/support/vulnerability.html AMNESIA:33
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-288459.pdf CVE-2020-7461 NAME:WRECK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-316383.pdf CVE-2021-37186 NUMBER:JACK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-541017.pdf CVE-2020-13988 AMNESIA:33
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf CVE-2020-28388 NUMBER:JACK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-288459.pdf CVE-2020-7461 NAME:WRECK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf CVE-2020-15795, CVE-2020-27009 NAME:WRECK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf CVE-2020-27736, CVE-2020-27737, CVE-2020-27738, CVE-2021-25677 NAME:WRECK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf CVE-2016-20009 NAME:WRECK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf CVE-2020-28388 NUMBER:JACK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf CVE-2020-25241, CVE-2020-27632 NUMBER:JACK
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf CVE-2020-13988, CVE-2020-13987, CVE-2020-17437, CVE-2020-17438, CVE-2020-17439, CVE-2020-17440, CVE-2020-24334, CVE-2020-24335 AMNESIA:33
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf CVE-2020-35683, CVE-2020-35684, CVE-2020-35685, CVE-2021-31401 INFRA:HALT
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf NUCLEUS:13
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf NUCLEUS:13
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf NUCLEUS:13
Siemens https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf NUCLEUS:13
Suse https://lists.suse.com/pipermail/sle-security-updates/2021-March/008407.html CVE-2020-17437, CVE-2020-17438, CVE-2020-13987, CVE-2020-13988 AMNESIA:33
TagMaster https://tagmaster.com/wp-content/uploads/2020/12/1120-213-Security-Advisory-NuttX-TCP-IP-vulnerabilities.pdf CVE-2020-17437 AMNESIA:33
TI https://www.ti.com/lit/an/swra697a/swra697a.pdf?ts=1627028462625 AMNESIA:33
uniFLOW https://www.uniflow.global/en/security/security-and-maintenance/#security_advisory_8 CVE-2020-13988, CVE-2020-13987, CVE-2020-17438, CVE-2020-17437 AMNESIA:33
Weidmuller https://cert.vde.com/en/advisories/VDE-2021-042 CVE-2020-31401, CVE-2020-35683, CVE-2020-35684 INFRA:HALT
WAGO https://cert.vde.com/en/advisories/VDE-2021-050/ NUCLEUS:13
Weinert Automation https://kb.cert.org/vuls/id/815128 CVE-2020-13984, CVE-2020-13985, CVE-2020-13986, CVE-2020-13987, CVE-2020-13988, CVE-2020-24334, CVE-2020-24336, CVE-2020-17437, CVE-2020-17438, CVE-2020-17439, CVE-2020-17440 AMNESIA:33
Yanzi Networks https://yanzi.dev/#/security/advisories/2020-12-08 CVE-2020-13984, CVE-2020-13985, CVE-2020-13986 AMNESIA:33

Not vulnerable vendors

Vendor Advisory link Release name
Abbott https://www.abbott.com/policies/cybersecurity/amnesia-33.html AMNESIA:33
Axis https://help.axis.com/axis-os#vulnerability-archive
AVM https://en.avm.de/service/current-security-notifications/ AMNESIA:33
AVM https://kb.cert.org/vuls/id/608209 INFRA:HALT
B Braun https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/b--braun-statement-on-cybersecurity-vulnerability-with-amnesia-3.html AMNESIA:33
B Braun https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/b--braun-information-concerning-name-wreck.html NAME:WRECK
B Braun https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/B-Braun-Statement-on-Cybersecurity-Vulnerability-with-Infra_Halt.html INFRA:HALT
B Braun https://www.bbraun.com/en/products-and-solutions/temp/b--braun-coordinated-vulnerability-disclosure/security-advisory/11-2021-b-braun-statement-on-cybersecurity-vulnerability-wirh-nucleus_13.html NUCLEUS:13
Boston Scientific https://www.bostonscientific.com/en-US/customer-service/product-security/product-security-information.html AMNESIA:33, INFRA:HALT
Broadcom https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1167 AMNESIA:33
Digi International https://www.digi.com/resources/security AMNESIA:33
Draeger https://static.draeger.com/security/download/2021-11-12-PSA-21-315-1_Nucleus13-Security-Advisory.pdf NUCLEUS:13
Edwards Life Sciences https://www.edwards.com/devices/support/product-security AMNESIA:33, NAME:WRECK
F5 https://support.f5.com/csp/article/K35414143 AMNESIA:33
F5 https://support.f5.com/csp/article/K70746705 NAME:WRECK
Fujitsu https://kb.cert.org/vuls/id/815128 AMNESIA:33
Fujitsu https://kb.cert.org/vuls/id/608209 INFRA:HALT
GE Healthcare https://www.gehealthcare.com/security NUCLEUS:13
Intel https://kb.cert.org/vuls/id/608209 INFRA:HALT
Kuka https://xpert.kuka.com/service-express/portal/project1_p/document/kuka-project1_p-basic_GC469_en?context=%7B%22filter%22%3A%7B%7D,%22text%22%3A%22vulnerabilities%22,%22useExpertQuery%22%3A0%7D AMNESIA:33
Microport https://microport.com/assets/blog/Nucleus13.pdf NUCLEUS:13
Moxa https://www.moxa.com/en/support/product-support/security-advisory/moxas-response-regarding-the-amnesia33-vulnerability AMNESIA:33
Moxa https://www.moxa.com/en/support/product-support/security-advisory/moxas-response-regarding-the-interniche-stack-infra-halt-vulnerabilities INFRA:HALT
Nexans https://www.nexans-ans.de/support/wp-content/uploads/2021/03/AMNESIA33_Network_Stack_Vulnerabilities_kd-1804e00.pdf AMNESIA:33
Olympus https://www.olympus.com.ru/medical/rmt/media/Content/Content-MSD/Images/General/COVID/Olympus-Response-to-Amnesia33-Vulnerabilities.pdf AMNESIA:33
Palo Alto https://security.paloaltonetworks.com/PAN-SA-2021-0003 NAME:WRECK
Saia Burgess COntrols https://sbc-support.com/en/faq/102042/ AMNESIA:33
SonicWall https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0025 AMNESIA:33
Vyaire https://www.vyaire.com/sites/us/files/2021-03/2021-03-04-product-security-bulletin_urgent_11_amnesia33_number_jack.pdf AMNESIA:33, NUMBER:JACK
Vyaire https://intl.vyaire.com/sites/intl/files/2022-02/2021-11-12-product-security-bulletin-for-nucleus-13_0_0.pdf NUCLEUS:13
ZOLL https://www.zoll.com/-/media/2022-docs/cor/cybersecurity/cyber-advisory-nucleus-rtos_final.ashx NUCLEUS:13
Zyxel https://support.zyxel.eu/hc/en-us/articles/360018352199-Zyxel-security-advisory-for-AMNESIA-33-vulnerabilities AMNESIA:33
Afero, Arista Networks, Barracuda Networks, Belden, Blackberry QNX, Ceragon Networks, Check Point, dd-wrt, Cisco, Espressif Systems, Fastly, Fitbit, Google, Infoblox, Juniper Networks, Miredo, Nokia, Rockwell Automation, Securepoint, Sophos, VMware, Wind River, Xilinx, Zebra Technologies, Zephyr Project https://kb.cert.org/vuls/id/815128 AMNESIA:33

Investigating

Vendor Advisory link Release name
Canon https://global.medical.canon/service-support/securityinformation/embedded-tcpip-stacks-vulnerabilities AMNESIA:33
Canon https://global.medical.canon/service-support/securityinformation/multiple-tcp_ip-stacks-vulnerabilities NAME:WRECK
Dell https://www.dell.com/support/kbdoc/en-us/000180988/amnesia-33-impact-on-dell-and-dell-emc-products AMNESIA:33
Eaton https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/eaton-security-bulletin-for-amnesia-33.pdf AMNESIA:33
Extreme Networks https://extremeportal.force.com/ExtrArticleDetail?an=000091576 AMNESIA:33
Philips https://www.philips.com/a-w/security/security-advisories.html NUCLEUS:13
Terumo https://www.terumobct.com/Pages/Support/AMNESIA-33.aspx AMNESIA:33
Terumo https://www.terumobct.com/Pages/Support/NAMEWRECK.aspx NAME:WRECK
Terumo https://www.terumobct.com/Pages/Support/INFRA-HALT.aspx INFRA:HALT
Terumo https://www.terumobct.com/Pages/Support/NUCLEUS-13.aspx NUCLEUS:13