Lucene search
K

1492 matches found

ICS
ICS
added 2022/05/31 12:0 a.m.213 views

Fuji Electric Alpha7 PC Loader

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Alpha7 PC Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

7.8CVSS8AI score0.0025EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/05/30 12:0 a.m.5 views

The vulnerability of the CAMS for HIS distributed control systems management component is related to violations of security design principles. This allows attackers to access protected information or cause service failures.

The vulnerability of the CAMS for HIS distributed control systems’ emergency message and event management components is related to violations of secure design principles. Exploiting this vulnerability could allow an attacker operating remotely to gain access to protected information or cause...

6.4CVSS5.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2022/05/27 10:32 a.m.54 views

Critical Flaws in Popular ICS Platform Can Trigger RCE

Critical flaws in a popular platform used by industrial control systems ICS that allow for unauthorized device access, remote code execution RCE or denial of service DoS could threaten the security of critical infrastructure. OAS—offered by a company of the same name–makes it easy to transfer dat...

9.8CVSS8.5AI score0.37606EPSS
Exploits8References21
ICS
ICS
added 2022/05/24 12:0 a.m.78 views

Matrikon OPC Server

1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely Vendor: Matrikon, a subsidiary of Honeywell Equipment: Matrikon OPC Server Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote command...

9CVSS7.7AI score0.00619EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.2 views

CVE-2022-27640

A vulnerability has been identified in SIMATIC CP 442-1 RNA All versions V1.5.18, SIMATIC CP 443-1 RNA All versions V1.5.18. The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming...

6.5CVSS5.7AI score0.00354EPSS
Exploits0References2
ICS
ICS
added 2022/05/17 12:0 a.m.67 views

Circutor COMPACT DC-S BASIC

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Circutor Equipment: COMPACT DC-S BASIC Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition resulting in...

8.1CVSS8.1AI score0.00718EPSS
Exploits0References6
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/05/16 5:6 a.m.19 views

Got the security controls wrong in OT and maritime? Watch as engineers work around them

Industrial control systems security is slowly improving, partly a result of attention from regulators and lawmakers. However, we often see security controls implemented that don’t take account of the unique challenges that engineers looking after OT environments face. We see controls brought in...

7.6AI score
Exploits0
ICS
ICS
added 2022/05/12 12:0 a.m.45 views

Inkscape in Industrial Products

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Inkscape Equipment: Inkscape, an open-source graphics editor Vulnerabilities: Out-of-bounds Read, Access of Uninitialized Pointer, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

7.8CVSS5.2AI score0.01338EPSS
Exploits3References5
ICS
ICS
added 2022/05/12 12:0 a.m.69 views

Delta Electronics CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution or information...

7.8CVSS6.9AI score0.0217EPSS
Exploits0References5
ICS
ICS
added 2022/05/10 12:0 a.m.61 views

Eaton Intelligent Power Protector

1. EXECUTIVE SUMMARY CVSS v3 5.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Protector IPP Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

5.4CVSS6.1AI score0.00495EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2022/04/25 10:44 a.m.16 views

A week in security (April 18 – 24)

Last week on Malwarebytes Labs: Why you shouldn’t automate your VirusTotal uploads North Korean Lazarus APT group targets blockchain tech companies Watch out for Ukraine donation scammers in Twitter replies Beware tragic “my daughter died…” Facebook posts offering free PS5s US warns of APT groups...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/21 3:36 a.m.48 views

Five Eyes Nations Warn of Russian Cyber Attacks Against Critical Infrastructure

The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst the ongoing military siege on Ukraine. "Evolving intelligence indicates that the...

1.3AI score
Exploits0
ICS
ICS
added 2022/04/21 12:0 a.m.64 views

Delta Electronics ASDA-Soft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: ASDA-Soft Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow arbitrary code execution. 3. TECHNICAL DETAILS...

7.8CVSS8.1AI score0.00801EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2022/04/20 1:55 p.m.13 views

US warns of APT groups that can “gain full system access” to some industrial control systems

An "exceptionally rare and dangerous" advanced persistent threat APT malware kit, containing custom-made tools designed to target some of North America’s industrial control systems ICS and supervisory control and data acquisition SCADA devices, appears to have been caught before it could be let...

0.2AI score
Exploits0
Circl
Circl
added 2022/04/17 12:2 a.m.3 views

CVE-2022-27451

creationtimestamp| type| source ---|---|--- 2022-04-17 00:02:19+00:00| seen| https://t.me/cibsecurity/40755 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

7.5CVSS7.9AI score0.01663EPSS
Exploits1References2
Circl
Circl
added 2022/04/14 4:19 p.m.0 views

CVE-2022-27449

creationtimestamp| type| source ---|---|--- 2022-04-14 16:19:16+00:00| seen| https://t.me/cibsecurity/40771 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

7.5CVSS7.9AI score0.02211EPSS
Exploits1References2
Circl
Circl
added 2022/04/14 4:19 p.m.3 views

CVE-2022-27458

creationtimestamp| type| source ---|---|--- 2022-04-14 16:19:08+00:00| seen| https://t.me/cibsecurity/40764 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

7.4AI score
Exploits0References2
Schneier on Security
Schneier on Security
added 2022/04/14 3:46 p.m.15 views

Industrial Control System Malware Discovered

The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream thats designed to attack a wide range of industrial control systems. This is clearly from a government, but no attribution is given. Theres also no indicati...

2.4AI score
Exploits0
Circl
Circl
added 2022/04/13 12:17 a.m.2 views

CVE-2022-27376

creationtimestamp| type| source ---|---|--- 2022-04-13 00:17:15+00:00| seen| https://t.me/cibsecurity/40690 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

7.5CVSS7.9AI score0.02199EPSS
Exploits1References2
ICS
ICS
added 2022/04/12 12:0 a.m.36 views

Siemens SICAM A8000

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM A8000 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access files...

7.5CVSS7.8AI score0.02446EPSS
Exploits1References11
Rows per page
Query Builder