CVE-2023-35827

creationtimestamp| type| source ---|---|--- 2023-06-19 02:25:01+00:00| seen| https://t.me/cibsecurity/65326 2023-11-29 15:34:18+00:00| seen| https://t.me/arpsyndicate/759 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-15...

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on June 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-166-01 SUBNET PowerSYSTEM Center ICSA-23-166-02 Advantech WebAccessSCADA...

Rockwell Automation FactoryTalk Edge Gateway

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Edge Gateway Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local user to cause the program to crash, causing a...

Siemens SIMATIC STEP 7 and Derived Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on June 8, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-159-01 ​Atlas Copco Power Focus 6000 ICSA-23-159-02 ​Sensormatic Electronics Illustra Pro...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on June 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-157-01 Delta Electronics CNCSoft-B DOPSoft ICSA-23-157-02 Mitsubishi Electric MELSEC iQ-R...

CISA and Partners Release Joint Guide to Securing Remote Access Software

Today, CISA, Federal Bureau of Investigation FBI, the National Security Agency NSA, Multi-State Information Sharing and Analysis Center MS-ISAC, and the Israel National Cyber Directorate INCD released the Guide to Securing Remote Access Software. This new joint guide is the result of a...

How Joe Marshall helps defend everything from electrical grids to grain co-ops across multiple continents

Joe Marshall was a security practitioner before he even knew it. Marshall started his career in information technology as a systems administrator. On the surface, he jokes that he was a "white-collar plumber" -- fixing IT issues as they arose, handing out new credentials and asking users if they...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta...

HID Global SAFE

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: HID Global Equipment: SAFE Vulnerabilities: Modification of Assumed-Immutable Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposure of personal data or create a...

Moxa MXsecurity Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXsecurity Series Vulnerabilities: Command Injection and Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthorized...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-150-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newl...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 25, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-145-01 Moxa MXsecurity Series CISA encourages users and administrators to review the newly...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 25, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-145-01 Moxa MXsecurity Series CISA encourages users and administrators to review the newly...

Rockwell ArmorStart Improper Input Validation (CVE-2023-29026)

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause...

Rockwell ArmorStart Improper Input Validation (CVE-2023-29025)

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause...

Rockwell ArmorStart Improper Input Validation (CVE-2023-29022)

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on May 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-143-01 Hitachi Energy AFS65x, AFS67x, AFR67x and AFF66x Products ICSA-23-143-02 Hitachi...

ABB多款产品日志信息泄露漏洞

ABB QCS and ABB Platform Engineering Tools are both products of ABB Switzerland.ABB QCS is a family of quality control systems.ABB Platform Engineering Tools is a platform tool. A security vulnerability exists in several ABB products, which can be exploited by an attacker who already has local...

Carlo Gavazzi Powersoft

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Carlo Gavazzi Equipment: Powersoft Vulnerabilities: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access and...