183 matches found
Siemens Teamcenter
SUMMARY The SSO login service in Teamcenter contains an open redirect vulnerability that could allow an attacker to redirect the legitimate user to an attacker-chosen URL to steal valid session data. Siemens has released a new version for Teamcenter and recommends to update to the latest...
Orthanc Server
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify records, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Western Telematic Inc NPS Series, DSM Series, CPM Series
RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to gain privileged access to files on the device's filesystem. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...
Fuji Electric Alpha5 SMART
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...
Schneider Electric EcoStruxure (Update D)
RISK EVALUATION Successful exploitation of this vulnerability allows for local privilege escalation, which could lead to the execution of a malicious DLL. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...
Schneider Electric RemoteConnect and SCADAPack x70 Utilities (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could lead to loss of confidentiality, integrity and potential remote code execution on workstation when a non-admin authenticated user opens a malicious project file. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...
Nedap Librix Ecoreader
RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on December 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi Energy SDM600...
Hitachi Energy TropOS Devices Series 1400/2400/6400
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...
Ruijie Reyee OS (Update A)
RISK EVALUATION Successful exploitation of this vulnerabilities could allow attackers to take near full control over the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...
Rockwell Automation FactoryTalk Updater (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities could result in an authentication bypass, remote code execution, and/or a local privilege escalation 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...
CVE-2024-8933
creationtimestamp| type| source ---|---|--- 2024-11-13 05:47:58+00:00| seen| https://t.me/cvedetector/10791 2024-11-21 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-03 2026-04-14 13:10:17+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mjhhczv3a...
Siemens SIMATIC CP
SUMMARY SIMATIC CP 1543-1 devices contain an Incorrect Authorization vulnerability that could allow an unauthenticated attacker to gain access to the filesystem. Siemens has released a new version for SIMATIC CP 1543-1 V4.0 and recommends to update to the latest version. 2. GENERAL...
Siemens SCALANCE M-800 Family
SUMMARY SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...
Beckhoff Automation TwinCAT Package Manager
RISK EVALUATION Successful exploitation this vulnerability could allow a local attacker with administrative access rights to execute arbitrary OS commands on the affected system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Kastle Systems Access Control System
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : Kastle Systems Equipment : Access Control System Vulnerabilities : Use of Hard-coded Credentials, Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of...
MegaSys Computer Technologies Telenium Online Web Application (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : MegaSys Computer Technologies Equipment : Telenium Online Web Application Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Rockwell Automation FactoryTalk Batch View
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Batch View Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker bypassing authentication...
Rockwell Automation 5015 - AENFTXT
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : 5015 - AENFTXT Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service...
Rockwell Automation DataMosaix Private Cloud
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : DataMosaix Private Cloud Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...