FANUC ROBOGUIDE-HandlingPRO

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: ROBOGUIDE-HandlingPRO Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and/or overwrite files on the system running the affected...

CVE-2023-20102

creationtimestamp| type| source ---|---|--- 2023-04-11 17:34:42+00:00| published-proof-of-concept| https://t.me/icscert/739...

CVE-2023-26593

CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM manag...

Siemens JT Open and JT Utilities

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

The vulnerability of the mySCADA myPRO industrial process visualization and control system lies in the lack of measures to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.

The vulnerability of the mySCADA myPRO industrial process visualization and control system exists due to the failure to take measures to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remote...

CVE-2023-0580

Insecure Storage of Sensitive Information vulnerability in ABB My Control System on-premise allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System...

CVE-2023-0580

Insecure Storage of Sensitive Information vulnerability in ABB My Control System on-premise allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System...

Design/Logic Flaw

Insecure Storage of Sensitive Information vulnerability in ABB My Control System on-premise allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System...

CVE-2023-0580

CVE-2023-0580 affects ABB My Control System (on-premise) versions 5.0.0 through 5.13. The issue is insecure storage of sensitive information in the User Interface, System Monitoring1, and Asset Inventory components, enabling an attacker to access secure application data or take control. NVD CVSSv...

CVE-2023-0580 Information Disclosure vulnerability in My Control System (on-premise)

Insecure Storage of Sensitive Information vulnerability in ABB My Control System on-premise allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System...

CVE-2023-0580 Information Disclosure vulnerability in My Control System (on-premise)

Insecure Storage of Sensitive Information vulnerability in ABB My Control System on-premise allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System...

ABB My Control System 安全漏洞

ABB My Control System is a delivery platform for advanced digital services from ABB Switzerland. It is used to visualize and analyze your control system performance, software, and security. ABB My Control System has a security vulnerability that stems from an insecure storage of sensitive...

PT-2023-3294 · Abb · Abb My Control System

Name of the Vulnerable Software and Affected Versions: ABB My Control System on-premise versions 5.0;0 through 5.13 Description: The issue is related to insecure storage of sensitive information, allowing an attacker who successfully exploits it to gain access to secure application data or take...

Malware targeting SonicWall devices could survive firmware updates

Researchers at Mandiant have identified a malware campaign targeting SonicWall SMA 100 Series appliances, thought to be of Chinese origin. The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. The malware was able to stea...

Debian: Security Advisory (DLA-207-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-293-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : git (ALAS-2023-1700)

The version of git installed on the remote host is prior to 2.38.4-1.80. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1700 advisory. Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36....

PT-2023-7550 · Unknown · Trace Mode

Name of the Vulnerable Software and Affected Versions: TRACE MODE affected versions not specified Description: The issue is related to the storage of unencrypted credentials in the SCADA system. Exploitation of this issue could allow an attacker to substitute a password hash from one user to...

CVE-2023-26054

BuildKit's CVE-2023-26054 vulnerability occurs when a build request includes a Git URL containing credentials and BuildKit creates a provenance attestation; the credentials could be exposed to anyone with access to the attestation. This affects builds using provenance attestations and VCS hints i...

CVE-2023-26054 Credentials inlined to Git URLs could end up in provenance attestation in BuildKit

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...