19 matches found
CISA Releases 18 Industrial Control Systems Advisories
CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...
Siemens Spectrum Power 安全漏洞
Siemens Spectrum Power is an energy management system from Siemens Germany. A security vulnerability exists in Siemens Spectrum Power versions prior to V4.70 SP12 Update 2, which stems from improperly set permissions on a binary file, which could result in elevated local privileges...
Siemens Spectrum Power 安全漏洞
Siemens Spectrum Power is an energy management system from Siemens, Germany. A security vulnerability exists in Siemens Spectrum Power versions prior to V4.70 SP12 Update 2, which originates from application credentials that can be tampered with in a local database, potentially allowing an attack...
Siemens Spectrum Power 安全漏洞
Siemens Spectrum Power is an energy management system from Siemens, Germany. A security vulnerability exists in Siemens Spectrum Power 4 versions prior to V4.70 SP12 Update 2, which originates from a credentials file that can be read globally, potentially allowing an attacker to connect to the...
Siemens Spectrum Power 安全漏洞
Siemens Spectrum Power is an energy management system from Siemens, Germany. A security vulnerability exists in Siemens Spectrum Power 4 versions prior to V4.70 SP12 Update 2, which originates from a user interface that can run arbitrary commands over the network, potentially resulting in the...
Siemens Spectrum Power 安全漏洞
Siemens Spectrum Power is an energy management system from Siemens Germany. A security vulnerability exists in Siemens Spectrum Power 4 versions prior to V4.70 SP12 Update 2, which originates from an exposed debugging interface on the local host and may result in local elevation of privilege...
Siemens Spectrum Power Elevation of Privilege Vulnerability
Spectrum Power provides the essential components of SCADA, communications and data modeling for control and monitoring systems. An elevation of privilege vulnerability exists in Siemens Spectrum Power, which can be exploited by an authenticated, local attacker to elevate privileges...
Siemens Spectrum Power 安全漏洞
Spectrum Power provides the essential components of SCADA, communications and data modeling for control and monitoring systems. An elevation of privilege vulnerability exists in Siemens Spectrum Power, which can be exploited by an authenticated, local attacker to elevate privileges...
Siemens Spectrum Power 7
SUMMARY Spectrum Power 7 before V24Q3 contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges. Siemens has released a new version for Spectrum Power 7 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS Operators of...
Siemens Spectrum Power 安全漏洞
Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. A local elevation of privilege vulnerability exists in...
Siemens Spectrum Power 信任管理问题漏洞
Spectrum Power provides the basic components for SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management.Spectrum Power MGMS is an advanced control and optimization...
Siemens Spectrum Power 跨站脚本漏洞
Spectrum Power provides essential components for SCADA, communications and data modeling for control and monitoring systems. Siemens Spectrum Power 4 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to conduct an attack if an unsuspecting user is tricked into...
Siemens Spectrum Power™ 4 Unsecure Storage of Sensitive Information Vulnerability (CNVD-2020-51236)
Spectrum Power™4 provides the basic components for modeling data for SCADA, communications, and control and monitoring systems. A security vulnerability exists in Siemens Spectrum Power™4. An attacker could exploit the vulnerability to conduct a directory listing attack...
Siemens Spectrum Power™ 4 Unsecure Storage of Sensitive Information Vulnerability
Spectrum Power™4 provides the basic components for modeling data for SCADA, communications, and control and monitoring systems. A security vulnerability exists in Siemens Spectrum Power™4. An attacker could exploit the vulnerability to cause the retrieval of a username...
Siemens Spectrum Power 5 Cross-Site Scripting Vulnerability
Siemens Spectrum Power is a system that provides the basic components for SCADA, communication and data modeling of control and monitoring systems. A security vulnerability exists in Siemens Spectrum Power 5, which can be exploited by attackers to conduct cross-site scripting attacks...
CVE-2020-7579
A vulnerability has been identified in Spectrum Power™ 5 All versions v5.50 HF02. The web server could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to...
Siemens Spectrum Power 5
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power 5 Vulnerability: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Siemens Spectrum Power Cross-Site Scripting Vulnerability
Siemens Spectrum Power is a system that provides the basic components for SCADA, communication and data modeling of control and monitoring systems. A cross-site scripting vulnerability exists in Siemens Spectrum Power. A remote attacker can exploit this vulnerability to execute arbitrary script...
Siemens Spectrum Power Command Injection Vulnerability
Siemens Spectrum Power is a system that provides essential components for SCADA, communication and data modeling of control and monitoring systems. A command injection vulnerability exists in Siemens Spectrum Power, which can be exploited by an attacker to execute operating system commands...