235 matches found
Panoramic Corporation Digital Imaging Software
RISK EVALUATION Successful exploitation of this vulnerability could allow a standard user to obtain NT Authority/SYSTEM privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...
Leviton AcquiSuite and Energy Monitoring Hub
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to craft a malicious payload in URL parameters that would get executed in a client browser when accessed by a user, steal session tokens and control the service. 2. RECOMMENDED PRACTICES CISA recommends users...
End-of-Train and Head-of-Train Remote Linking Protocol (Update C)
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train device, causing a sudden stoppage of the train which may lead to a disruption of operations, or induce brake failure. 2. RECOMMENDED PRACTICES CISA...
Siemens TIA Administrator
SUMMARY Siemens TIA Administrator before V3.0.6 contains multiple vulnerabilities which could allow an attacker to escalate privilege or exceute arbitrary code during installations. Siemens has released a new version for TIA Administrator and recommends to update to the latest version. 2...
Siemens TIA Project-Server and TIA Portal
SUMMARY A vulnerability in TIA Project Server and TIA Portal could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends...
Voltronic Power and PowerShield UPS monitoring software
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker remotely to make configuration changes, resulting in shutting down UPS connected devices or execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...
PTZOptics and Other Pan-Tilt-Zoom Cameras
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leak sensitive data, execute arbitrary commands, and access the admin web interface using hard-coded credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the...
AVEVA PI Connector for CygNet
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to persist arbitrary code in the administrative portal of the product or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...
Siemens RUGGEDCOM APE1808
SUMMARY Palo Alto Networks has published 1 information on cross-site scripting vulnerability in PAN-OS. This advisory lists the related Siemens Industrial products affected by this vulnerability. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not,...
Rockwell Automation FactoryTalk Historian ThingWorx
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to launch XXE-based attacks on applications that accept malicious log4net configuration files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Vertiv Liebert RDU101 and UNITY
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or achieve remote code execution 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...
Exploit for Out-of-bounds Write in Apple Macos
CVE-2025-31200 & CVE-2025-31201 | iMessage Zero-Click RCE Chai...
Siemens SCALANCE LPE9403
SUMMARY SCALANCE LPE9403 is affected by multiple vulnerabilities which lead to a compromise in availability, integrity and confidentiality. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS...
Siemens MS/TP Point Pickup Module
SUMMARY MS/TP Point Pickup Module devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device's normal operation. Siemens...
Siemens SIRIUS
SUMMARY SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems only provide weak password obfuscation. An attacker with access to the PROFINET or serial interface of the device could eavesdrop or read the stored password from the device and de-obfuscate it. The safety passwords work as...
Siemens INTRALOG WMS
SUMMARY INTRALOG WMS before V5 is affected by multiple vulnerabilities in the Microsoft .NET implementation as described below. Siemens has released a new version for INTRALOG WMS and recommends to update to the latest version. Please approach your INTRALOG WMS contact to resolve the reported...
Siemens SIMATIC IPC RS-828A
SUMMARY SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller BMC that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire...
Siemens OZW Web Servers
SUMMARY OZW672 and OZW772 Web Server versions contain vulnerabilities that could allow an attacker to execute arbitrary code on the device with root privileges in versions before V8.0 or to authenticate as Administrator user in versions before V6.0. Siemens has released new versions for the...
Siemens Teamcenter Visualization
SUMMARY Siemens Teamcenter Visualization contains a out-of-bound read vulnerability that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially...
Horner Automation Cscape
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...