5157 matches found
Siemens Energy Services
SUMMARY Energy Services from Siemens previously known as Managed Applications and Services, sell solutions using Elspec G5 devices that allows a person with physical access to the device to reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB...
CVE-2025-13373
creationtimestamp| type| source ---|---|--- 2025-12-04 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-07 2025-12-05 02:46:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m77hua4ufv2s...
MAXHUB Pivot
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to request a password reset and gain unauthorized access to the account. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-26828link is external OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability This type of vulnerability is a frequent attack vector fo...
Automated Logic WebCTRL Premium Server
RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to deceive a legitimate user into running malicious scripts or redirecting them to malicious websites. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...
Shelly Pro 4PM
RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...
CVE-2023-31238
creationtimestamp| type| source ---|---|--- 2025-11-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-11...
CVE-2025-58083
creationtimestamp| type| source ---|---|--- 2025-11-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-08 2025-11-15 00:02:05+00:00| seen| https://infosec.exchange/users/offseq/statuses/115550776421341345...
Rockwell Automation FactoryTalk Policy Manager
RISK EVALUATION Successful exploitation of this vulnerability could lead to resource exhaustion and denial of service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...
Malicious code in trevora-cisa-cir7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7c786bf399fde2a23d53fa81342e322dabb5aca9410e7b2cbff43719cd7ac57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-58423
creationtimestamp| type| source ---|---|--- 2025-11-06 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-01 2025-11-07 00:41:46+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4ytsgq2iua2 2025-11-07 02:33:12+00:00| seen|...
CVE-2025-58078
creationtimestamp| type| source ---|---|--- 2025-10-23 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01 2025-10-23 23:28:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3vj7hdql22c...
CVE-2025-62580
creationtimestamp| type| source ---|---|--- 2025-10-23 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-04 2025-10-29 04:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-976/...
CVE-2011-20002
creationtimestamp| type| source ---|---|--- 2025-10-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-03 2025-10-27 17:49:08+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av25-699...
CVE-2025-9068
creationtimestamp| type| source ---|---|--- 2025-10-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-289-02...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on October 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-287-01 Rockwell Automation 1715 EtherNet/IP Comms Module CISA encourages users and...
Rockwell Automation 1715 EtherNet/IP Comms Module
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause the web server to crash, requiring a restart to recover. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/net-v0.21.0, golang.org/x/net-v0.33.0, golang.org/x/net-v0.34.0 which is vulnerable to this CVE-2025-22870
Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/net-v0.21.0, golang.org/x/net-v0.33.0, golang.org/x/net-v0.34.0 which is vulnerable to this CVE-2025-22870 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against prox...
Rockwell Automation Stratix
RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...
CVE-2025-58069
creationtimestamp| type| source ---|---|--- 2025-09-23 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01...