Lucene search
K

1492 matches found

BDU FSTEC
BDU FSTEC
added 2022/02/07 12:0 a.m.7 views

The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, allows a perpetrator to write arbitrary files.

The vulnerability of the centralized system for managing emergency messages and events in CAMS for HIS distributed control systems CENTUM VP and CENTUM VP Entry Class, along with the OPC-server Exaopc, is related to errors in processing the relative path to the catalog. Exploiting this...

7.1CVSS7.7AI score0.01017EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.16 views

Fortinet OT Asset Information

It is possible to obtain attributes of the remote Fortinet OT device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; ...

5.5AI score
Exploits0References1
The Hacker News
The Hacker News
added 2022/02/04 6:25 a.m.50 views

CISA Warns of Critical Vulnerabilities Discovered in Airspan Networks Mimosa

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday published an Industrial Controls Systems Advisory ICSA warning of multiple vulnerabilities in the Airspan Networks Mimosa equipment that could be abused to gain remote code execution, create a denial-of-service DoS...

1.9AI score
Exploits0
Circl
Circl
added 2022/02/01 7:26 a.m.1 views

CVE-2021-46661

creationtimestamp| type| source ---|---|--- 2022-02-01 07:26:07+00:00| seen| https://t.me/cibsecurity/36619 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

5.5CVSS7.1AI score0.00403EPSS
Exploits1References2
Circl
Circl
added 2022/02/01 7:26 a.m.1 views

CVE-2021-46666

creationtimestamp| type| source ---|---|--- 2022-02-01 07:26:04+00:00| seen| https://t.me/cibsecurity/36616 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

5.5CVSS7.1AI score0.00391EPSS
Exploits1References2
ICS
ICS
added 2022/02/01 12:0 a.m.38 views

Ricon Mobile Industrial Cellular Router

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Ricon Mobile, Inc. Equipment: Industrial Cellular Router Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

10CVSS10AI score0.02182EPSS
Exploits1References6
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/01/20 12:0 a.m.15 views

Cybersecurity for Industrial Control Systems: Part 2

To cap off the series, we’ll discuss malware detection and distribution in various countries. Our team also rounds up several insights to help strengthen ICS cybersecurity and mitigate malware attacks...

2.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/01/15 12:0 a.m.19 views

Cybersecurity for Industrial Control Systems: Part 1

In this two-part series, we look into various cybersecurity threats that affected industrial control systems endpoints. We also discuss several insights and recommendations to mitigate such threats...

3.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/01/12 9:14 a.m.375 views

FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecuri...

10CVSS0.2AI score0.99999EPSS
Exploits374
ICS
ICS
added 2022/01/06 12:0 a.m.34 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

7.8CVSS8.3AI score0.09271EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/01/04 12:0 a.m.5 views

The vulnerability of SCADA systems with integrated web servers, related to deficiencies in authentication procedures, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of SCADA systems with integrated web servers relates to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

10CVSS7.7AI score0.01392EPSS
Exploits0References3Affected Software1
ICS
ICS
added 2021/12/23 12:0 p.m.68 views

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, the Computer Emergency Response Team New Zealand CERT NZ, the New Zealand...

10CVSS10AI score0.99999EPSS
Exploits352References88
CNNVD
CNNVD
added 2021/12/21 12:0 a.m.3 views

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is an HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO, which can be exploited by an attacker to inject arbitrary operating system commands via specific paramete...

10CVSS6AI score0.01218EPSS
Exploits0References3
ICS
ICS
added 2021/12/21 12:0 a.m.58 views

Emerson DeltaV

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: DeltaV Distributed Control System Controllers and Workstations Vulnerabilities: Missing Authentication for Critical Function, Uncontrolled Search Path Element 2. RISK EVALUATION...

8.1CVSS7.3AI score0.00263EPSS
Exploits0References5
ICS
ICS
added 2021/12/21 12:0 a.m.60 views

WECON LeviStudioU

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 3. TECHNICAL...

7.8CVSS8.3AI score0.09285EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2021/12/17 10:23 a.m.25 views

New PseudoManuscrypt Malware Infected Over 35,000 Computers in 2021

Industrial and government organizations, including enterprises in the military-industrial complex and research laboratories, are the targets of a new malware botnet dubbed PseudoManyscrypt that has infected roughly 35,000 Windows computers this year alone. The name comes from its similarities to...

1.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/16 6:36 p.m.18 views

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

Researchers have tracked new spyware – dubbed “PseudoManuscrypt” because it’s similar to “Manuscrypt” malware from the Lazarus advanced persistent threat APT group – that’s attempted to scribble itself across more than 35,000 targeted computers in 195 countries. Kaspersky researchers said in a...

8AI score
Exploits0References17
Securelist
Securelist
added 2021/12/16 10:0 a.m.17 views

PseudoManuscrypt: a mass-scale spyware attack campaign

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT groups arsenal. In 2020, the group used Manuscrypt in attacks on defense enterprises in different countries. These attacks are described in th...

2.4AI score
Exploits0
ICS
ICS
added 2021/12/16 12:0 a.m.46 views

Mitsubishi Electric GX Works2

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/high attack complexity Vendor: Mitsubishi Electric Equipment: GX Works2 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a...

7.5CVSS7.8AI score0.02711EPSS
Exploits0References4
CISA
CISA
added 2021/12/10 12:0 a.m.9 views

CISA Releases Security Advisory for Hillrom Welch Allyn Cardiology Products

CISA has released an Industrial Controls Systems Medical Advisory ICSMA detailing a vulnerability in multiple Hillrom Welch Allyn cardiology products. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages technicians and administrators to review...

6.7AI score
Exploits0References1
Rows per page
Query Builder