CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on November 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-331-01 Delta Electronics InfraSuite Device Master ICSA-23-331-02 Franklin Electric...

CISA, FBI, NSA, and Treasury Release Guidance on OSS in OT/ICS Environments

Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software OSS in operational technology OT and industrial control systems ICS. In alignment with CISA’s recently releas...

CVE-2020-7059

creationtimestamp| type| source ---|---|--- 2023-11-28 00:21:00+00:00| seen| https://t.me/arpsyndicate/619 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on November 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-325-01 WAGO PFC200 Series ICSA-23-325-02 Fuji Electric Tellus Lite V-Simulator...

WAGO PFC200 Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 2.7 ATTENTION : low attack complexity Vendor : WAGO Equipment : PFC200 Series Vulnerability : Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with...

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on November 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-320-01 Red Lion Sixnet RTUs ICSA-23-320-02 Hitachi Energy MACH System Software...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on November 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-318-01 AVEVA Operations Control Logger ICSA-23-318-02 Rockwell Automation SIS...

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes

The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on November 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-313-01 Johnson Controls Quantum HD Unity ICSA-23-313-02 Hitachi Energy eSOMS...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on November 7, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-311-01 GE MiCOM S1 Agile CISA encourages users and administrators to review the newly...

GE MiCOM S1 Agile

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : General Electric Equipment : MiCOM S1 Agile Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload malicious files and...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on November 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-306-01 Red Lion Crimson ICSA-23-306-02 Mitsubishi Electric MELSEC iQ-F Series CPU Modu...

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

The Forum of Incident Response and Security Teams FIRST has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to provide the highest...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on October 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-304-02 INEA ME RTU ICSA-23-304-03 Zavio IP Camera ICSA-23-208-03 Mitsubishi Electric...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on October 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-299-01 Dingtian DT-R002 ICSA-23-299-02 Centralite Pearl Thermostat ICSA-23-299-03...

Dingtian DT-R002

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely/public exploits are available Vendor : Dingtian Equipment : DT-R002 Vulnerability : Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on October 24, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-297-01 Rockwell Automation Stratix 5800 and Stratix 5200 CISA encourages users and...

Ashlar-Vellum Cobalt, Graphite, Xenon, Argon, Lithium (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Ashlar-Vellum Equipment : Cobalt, Graphite, Xenon, Argon, Lithium, and Cobalt Share Vulnerabilities : Out-of-Bounds Write, Heap-based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on October 19, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-143-02 Hitachi Energy’s RTU500 Series Product UPDATE B CISA encourages users and...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on October 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-290-01 Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation...