Unspecified Vulnerability in Siemens User Management Component (UMC)

Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system DCS. the SINUMERIK...

Siemens User Management Component (UMC) Cross-Site Scripting Vulnerability

Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system DCS. the SINUMERIK...

Yokogawa STARDOM

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Yokogawa Equipment : STARDOM FCN/FCJ Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause...

Schweitzer Engineering Laboratories SEL-411L Cross-Site Scripting Vulnerability

Schweitzer Engineering Laboratories SEL-411L is a state-of-the-art line differential protection, automation, and control system from Schweitzer Engineering Laboratories, USA. A security vulnerability exists in the Schweitzer Engineering Laboratories SEL-411L that stems from improper neutralizatio...

CVE-2023-40151 Red Lion Controls Sixnet RTU Exposed Dangerous Method Or Function

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

CVE-2020-2752

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5992 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

Siemens SIMATIC PCS neo Cross-Site Scripting Vulnerability

SIMATIC PCS neo is a distributed control system DCS. A cross-site scripting vulnerability exists in Siemens SIMATIC PCS neo, which can be exploited by an attacker to inject Javascript code into an application...

Siemens SIMATIC PCS neo has a loose cross domain policy vulnerability with untrusted domains

SIMATIC PCS neo is a distributed control system DCS. Siemens SIMATIC PCS neo suffers from a loose cross-domain policy vulnerability with an untrusted domain, which can be exploited by an attacker to trick a legitimate user into triggering unwanted behavior...

CVE-2023-6097

A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing t...

ICS Business Manager Security Vulnerability

ICS Business Manager is an application. A security vulnerability exists in ICS Business Manager version 7.06.0028.7066. An attacker could exploit the vulnerability by sending specially crafted strings via the obddact parameter to steal user sessions and perform actions in the application...

INEA ME RTU

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : INEA Equipment : ME RTU Vulnerabilities : OS Command Injection, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution...

The vulnerability of the EisBaer SCADA system, caused by deficiencies in the authentication process, allows a intruder to execute arbitrary commands.

The vulnerability of the SCADA system EisBaer is due to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates...

Suprema BioStar 2

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Suprema Inc. Equipment : BioStar 2 Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Siemens SIMATIC PCS neo (Administration Console) Information Disclosure Vulnerability

SIMATIC PCS neo Administration Console is a distributed control system DCS. An information disclosure vulnerability exists in Siemens SIMATIC PCS neo Administration Console, which can be exploited by an attacker to obtain credentials and impersonate an administrator user to gain administrator...

Xxe

External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

GE Digital CIMPLICITY

1. EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: GE Digital ​Equipment: CIMPLICITY ​Vulnerability: Process Control 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3...

CVE-2023-39810

creationtimestamp| type| source ---|---|--- 2023-08-28 22:16:51+00:00| seen| https://t.me/cibsecurity/69308 2025-04-24 20:06:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13328 2026-02-12 11:00:00+00:00| seen|...

ROS-20230824-02

A vulnerability in Git's distributed version control system is related to flaws in the path name limitation to the directory. Exploitation of the vulnerability allows an attacker acting remotely to impact the data integrity using a specially crafted command. The vulnerability in the...

CVE-2019-9013

creationtimestamp| type| source ---|---|--- 2023-08-11 07:40:22+00:00| exploited| https://t.me/itsecnews/3061 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...