CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
92.1%
cwe.mitre.org/data/definitions/798.html
www.fbi.gov/contact-us/field-offices
attack.mitre.org/versions/v14/matrices/enterprise/
attack.mitre.org/versions/v14/techniques/T1110/
cisasurvey.gov1.qualtrics.com/jfe/form/SV_9n4TtB8uttUPaM6?product=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a
downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf
github.com/cisagov/Decider/
github.com/cisagov/Decider/
industrialcyber.co/analysis/digital-battlegrounds-evolving-hybrid-kinetic-warfare/
industrialcyber.co/analysis/digital-battlegrounds-evolving-hybrid-kinetic-warfare/
industrialcyber.co/analysis/digital-battlegrounds-evolving-hybrid-kinetic-warfare/
nvd.nist.gov/vuln/detail/CVE-2023-6448
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
twitter.com/CISAgov
twitter.com/CyberAveng3rs/status/1718970041616543922
twitter.com/CyberAveng3rs/status/1718970041616543922
twitter.com/intent/tweet?text=IRGC-Affiliated%20Cyber%20Actors%20Exploit%20PLCs%20in%20Multiple%20Sectors%2C%20Including%20U.S.%20Water%20and%20Wastewater%20Systems%20Facilities+https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a
www.bleepingcomputer.com/news/security/israels-largest-oil-refinery-website-offline-after-ddos-attack/
www.bleepingcomputer.com/news/security/israels-largest-oil-refinery-website-offline-after-ddos-attack/
www.cbsnews.com/pittsburgh/news/municipal-water-authority-of-aliquippa-hacked-iranian-backed-cyber-group/
www.cbsnews.com/pittsburgh/news/municipal-water-authority-of-aliquippa-hacked-iranian-backed-cyber-group/
www.cbsnews.com/pittsburgh/news/municipal-water-authority-of-aliquippa-hacked-iranian-backed-cyber-group/
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/cyber-resource-hub
www.cisa.gov/known-exploited-vulnerabilities-catalog
www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems
www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems
www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a
www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a
www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping
www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping
www.cisa.gov/resources-tools/resources/secure-by-design
www.cisa.gov/resources-tools/resources/secure-by-design
www.cisa.gov/securebydesign
www.cisa.gov/securebydesign
www.cisa.gov/topics/cyber-threats-and-advisories/advanced-persistent-threats/iran
www.cisa.gov/topics/cyber-threats-and-advisories/advanced-persistent-threats/iran
www.cisa.gov/topics/cyber-threats-and-advisories/cyber-hygiene-services
www.cisa.gov/water
www.cisa.gov/water
www.darkreading.com/cyberattacks-data-breaches/israeli-oil-refinery-taken-offline-pro-iranian-attackers
www.darkreading.com/cyberattacks-data-breaches/israeli-oil-refinery-taken-offline-pro-iranian-attackers
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.epa.gov/waterresilience/epa-cybersecurity-water-sector
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a&title=IRGC-Affiliated%20Cyber%20Actors%20Exploit%20PLCs%20in%20Multiple%20Sectors%2C%20Including%20U.S.%20Water%20and%20Wastewater%20Systems%20Facilities
www.fbi.gov/investigate/counterintelligence/the-iran-threat
www.fbi.gov/investigate/counterintelligence/the-iran-threat
www.ic3.gov/
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a
www.oig.dhs.gov/
www.unitronicsplc.com/cyber_security_vision-samba/
www.unitronicsplc.com/cyber_security_vision-samba/
www.usa.gov/
www.waterisac.org/report-incident
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=IRGC-Affiliated%20Cyber%20Actors%20Exploit%20PLCs%20in%20Multiple%20Sectors%2C%20Including%20U.S.%20Water%20and%20Wastewater%20Systems%20Facilities&body=www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a