Lucene search
+L

235 matches found

ICS
ICS
added 2025/05/06 6:0 a.m.13 views

Milesight UG65-868M-EA

RISK EVALUATION Successful exploitation of this vulnerability could allow any user with admin privileges to inject arbitrary shell commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Ensure that...

6.8CVSS7AI score0.00292EPSS
Exploits0References10
ICS
ICS
added 2025/04/30 12:0 a.m.27 views

ABB Automation Builder (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to overrule the Automation Builder's user management. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

8.5CVSS5.8AI score0.00128EPSS
Exploits0References10
ICS
ICS
added 2025/04/16 12:0 a.m.8 views

Siemens TeleControl Server Basic

SUMMARY TeleControl Server Basic before V3.1.2.2 contains a Improper Handling of Length Parameter Inconsistency Vulnerability that could allow an attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a denial of service condition. Siemens has released...

6.3CVSS7.4AI score0.00389EPSS
Exploits0References10
ICS
ICS
added 2025/04/16 12:0 a.m.14 views

Siemens TeleControl Server Basic SQL

SUMMARY TeleControl Server Basic before V3.1.2.2 contains multiple SQL Injection vulnerabilities that could allow an attacker to read and write to the application's DB, cause denial of service and execute code in an OS shell with limited "NT AUTHORITY\NetworkService" permissions. Siemens has...

8.8AI score
Exploits0References10
ICS
ICS
added 2025/04/15 6:0 a.m.21 views

Delta Electronics COMMGR (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow for an attacker to remotely access the AS3000Simulator family in the COMMGR software and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

9.8CVSS6.8AI score0.00667EPSS
Exploits0References10
ICS
ICS
added 2025/04/15 6:0 a.m.12 views

Growatt Cloud Applications

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to compromise confidentiality, achieve cross-site scripting, or code execution on affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

7AI score
Exploits0References10
ICS
ICS
added 2025/04/10 6:0 a.m.19 views

Subnet Solutions PowerSYSTEM Center

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as: Minimize network...

5.3CVSS7AI score0.00131EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.10 views

Siemens SIDIS Prime

SUMMARY SIDIS Prime before V4.0.700 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, Boost C++ Libraries and several Microsoft components as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version. 2. GENERAL...

5.3CVSS9.1AI score0.02577EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.9 views

Siemens Mendix Runtime

SUMMARY Mendix Runtime allows for entity enumeration due to distinguishable responses in certain client actions. This could allow an unauthenticated remote attacker to list all valid entities and attribute names of a Mendix Runtime-based application. Siemens has released new versions for several...

6.9CVSS7.1AI score0.00435EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.16 views

Siemens Insights Hub Private Cloud

SUMMARY Insights Hub Private Cloud is affected by multiple vulnerabilities in Ingress NGINX Controller for Kubernetes. These vulnerabilities could lead to arbitrary code execution in the context of the ingress-nginx controller, or disclosure of Secrets accessible to the controller, or denial of...

8.7AI score
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.7 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by an out of bounds write vulnerability that could be triggered when the application is parsing XT data or a specially crafted file in XT format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the...

7.8CVSS7.9AI score0.00176EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.12 views

Siemens SIMOCODE, SIMATIC, SIPLUS, SIDOOR, SIWAREX

SUMMARY A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The integrated ICMP services in the underlying TCP/IP stack is vulnerable to a denial of service attack through specially crafted ICMP...

6.9CVSS6.8AI score0.00599EPSS
Exploits0References10
ICS
ICS
added 2025/03/25 1:30 p.m.20 views

Hitachi Energy TRMTracker

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the TRMTracker product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality and integrity impacts. Please refer to the Recommended Immediate Actions for...

7.9AI score
Exploits0References9
ICS
ICS
added 2025/03/25 6:0 a.m.9 views

Rockwell Automation Verve Asset Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.5CVSS7.4AI score0.00663EPSS
Exploits0References10
ICS
ICS
added 2025/03/24 12:30 a.m.12 views

B&R APROL

SUMMARY Updates are available that resolve privately reported vulnerabilities in the product versions listed as affected in this advisory. An attacker who successfully exploits these vulnerabilities could elevate privileges or gather sensitive information. 2. MITIGATING FACTORS Mitigating...

7.7AI score
Exploits0References10
ICS
ICS
added 2025/03/20 6:0 a.m.14 views

Santesoft Sante DICOM Viewer Pro

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause memory corruption that would result in execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

8.4CVSS7.6AI score0.00175EPSS
Exploits0References10
ICS
ICS
added 2025/03/13 6:0 a.m.49 views

Sungrow iSolarCloud Android App, WiNet Firmware

RISK EVALUATION Successful exploitation of these vulnerabilities could result in attackers being able to access and could modify sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

8.5AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.15 views

Siemens SIMATIC IPC Family, ITP1000, and Field PGs

SUMMARY Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations. Siemens has released new versions of BIOS for several affected products and...

6.5AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.15 views

Siemens OPC UA

SUMMARY The products listed below contain two authentication bypass vulnerabilities that could allow an attacker to gain access to the data managed by the server. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing...

6.9AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.56 views

Siemens Teamcenter Visualization and Tecnomatix

SUMMARY Siemens Teamcenter Visualization and Tecnomatrix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the...

7.1AI score
Exploits0References10
Rows per page
Query Builder