140 matches found
Siemens SIMATIC
SUMMARY The webserver of several SIMATIC products is affected by a user enumeration vulnerability that could allow an unauthenticated remote attacker to identify valid usernames. Siemens has released new versions for several affected products and recommends to update to the latest versions...
Rockwell Automation GuardLogix 5380 and 5580 (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could allow a remote, non-privileged user to send malicious requests resulting in a major nonrecoverable fault causing a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...
Rockwell Automation FactoryTalk AssetCentre
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to extract passwords, access, credentials, or impersonate other users. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...
Rockwell Automation DataMosaix Private Cloud
RISK EVALUATION Successful exploitation of these vulnerabilities could overwrite reports, including user projects. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...
B&R Automation Runtime
SUMMARY An update is available that resolves a privately reported vulnerability in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability may masquerade as services on affected devices. 2. WORKAROUNDS The mechanism of creating self...
PT-2025-1026
Name of the Vulnerable Software and Affected Versions SonicWall SSL-VPN Gen6 affected versions not specified SonicWall SSL-VPN Gen7 affected versions not specified SonicWall SSL-VPN Gen8 affected versions not specified Description An authentication bypass exists in SonicWall SSL-VPN when integrat...
Schneider Electric Modicon Controllers (Update A)
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Hitachi Energy TropOS Devices Series 1400/2400/6400
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...
Schneider Electric Modicon
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Schneider Electric Harmony HMI and Pro-Face HMI Products
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Rockwell Automation FactoryTalk View ME
RISK EVALUATION Successful exploitation of this vulnerability could allow a local low-privileged user to escalate their privileges by changing the macro to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
The software’s vulnerability related to secure remote access to data in Palo Alto Networks’ GlobalProtect App allows a perpetrator to escalate their privileges. This vulnerability arises from errors in privilege management.
The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...
Schneider Electric PowerLogic PM5300 Series
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes
Operational Technology OT security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly...
Schneider Electric System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Schneider Electric Easergy Studio
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Schneider Electric Vijeo Designer and EcoStruxureâ„¢ Machine Expert (Update A)
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Schneider Electric Accutech Manager
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Schneider Electric Sage Series
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Dover Fueling Solutions MAGLINK LX Console
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dover Fueling Solutions Equipment : MAGLINK LX - Web Console Configuration Vulnerabilities : Authentication Bypass using an Alternate Path or Channel, Authentication Bypass by Primary Weakness, Path...