21 matches found
EUVD-2013-2757
Malware in sbrugna...
EUVD-2013-2726
Malware in sbrugna...
EUVD-2013-2725
Malware in sbrugna...
CVE-2013-2787
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service infinite loop via crafted DNP3 packets...
CVE-2013-2786
Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file...
CVE-2013-2818
The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service infinite loop and DNP3 service disruption via crafted input over a serial line...
Design/Logic Flaw
The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service infinite loop and DNP3 service disruption via crafted input over a serial line...
CVE-2013-2818
The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service infinite loop and DNP3 service disruption via crafted input over a serial line...
CVE-2013-2818
CVE-2013-2818 affects Alstom e-terra control software, specifically the DNP Master Driver in versions 3.5, 3.6 and 3.7. The root cause is improper input validation in the DNP3 Master component, which can cause the software to enter an infinite loop and disrupt DNP3 services. The IP-connected vari...
CVE-2013-2787
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service infinite loop via crafted DNP3 packets...
Code injection
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service infinite loop via crafted DNP3 packets...
CVE-2013-2787
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service infinite loop via crafted DNP3 packets...
CVE-2013-2787
CVE-2013-2787 affects Alstom e-terra control software (versions 3.5–3.7). The issue is an improper input validation in the DNP Master Driver that can cause an infinite loop/crash . IP-based devices are vulnerable to remote exploitation via specially crafted TCP packets; serial connections require...
Alstom e-Terracontrol DNP3 Master Improper Input Validation (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-13-282-01, Alstom e‑terra control DNP3 Master Improper Input Validation, which was posted to the NCCIC/ICS‑CERT Web site October 09, 2013. Adam Crain of Automatak and independent researcher Chris Sistrunk have...
CVE-2013-2786
Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file...
Design/Logic Flaw
Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file...
CVE-2013-2786
Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file...
CVE-2013-2786
The CVE-2013-2786 issue affects Alstom Grid MiCOM S1 Agile (all versions up to and including 1.0.2) and legacy MiCOM S1 Studio, due to weak permissions in the MiCOM S1 Program Files directory that allow a local attacker to replace executables with Trojan horses. This local-privilege-escalation fl...
Alstom Grid S1 Agile Improper Authorization
OVERVIEW This advisory provides mitigation details for a vulnerability affecting the Alstom Grid MiCOM S1 Agile and S1 Studio Software. Note: Alstom Grid MiCOM S1 Studio Software is its own software suite. A user could have MiCOM S1 Studio Software from a different vendor. This advisory only...
Evidence of Infected SCADA Systems Washes Up in Support Forums
While security experts and lawmakers debate the seriousness of cyber threats to critical infrastructure, one security researcher says that evidence that viruses and spyware already have access to industrial control systems is hiding in plain sight: on Web based user support forums. Close to a doz...