14 matches found
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...
EUVD-2025-204315
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files...
Multiple Siemens Products Null Pointer Dereference Vulnerability (CNVD-2024-09314)
SIMATIC PCS 7 is a centralized control system DCS that integrates components such as SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7, etc. SIMATIC WinCC is a Supervisory Control and Data Acquisition SCADA system.SIMATIC WinCC Runtime Professional is a visual runtime platform for...
The vulnerability of the SCADA system SCADA Data Gateway (SDG) arises from improper processing of output data for registration logs, allowing a intruder to execute arbitrary code.
The vulnerability of the SCADA system SCADA Data Gateway SDG is related to the improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root user...
Feds: APTs Have Tools That Can Take Over Critical Infrastructure
Threat actors have built and are ready to deploy tools that can take over a number of widely used industrial control system ICS devices, which spells trouble for critical infrastructure providers—particularly those in the energy sector, federal agencies have warned. In a joint advisory, the...
Meet critical infrastructure security compliance requirements with Microsoft 365
Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Every operator of an industrial control system also operates an IT network to service its productivity needs. A supervisory control and data acquisition SCADA system operator of a power...
Ecava IntegraXor Privilege Bypass Vulnerability
Ecava IntegraXor is a set of Web-based tools for creating and running HMI interfaces for SCADA systems. Ecava IntegraXor fails to properly check for user authorization when processing user access to sensitive web pages, allowing remote attackers to exploit the vulnerability to bypass security...
Majority of 4G USB Modems, SIM Cards Exploitable
Researchers say 4G USB modems contain exploitable vulnerabilities through which attackers could, and researchers have, managed to gain full control of the machines to which the devices are connected. Researchers from Positive Technologies presented a briefing detailing how to compromise USB modem...
7T Interactive Graphical SCADA RMS Reports Buffer Overflow
7-Technologies' IGSS is a Supervisory Control and Data Acquisition SCADA system used for monitoring and controlling industrial processes. Multiple buffer overflow vulnerabilities have been reported in 7T Interactive Graphical SCADA System IGSS. The vulnerability is due to boundary errors in the...
Schneider Electric Interactive Graphical SCADA System Data Collector Overflow
Added: 02/11/2013 CVE: CVE-2013-0657 BID: 57449 OSVDB: 89324 Background Schneider Electric Interactive Graphical SCADA System IGSS is a supervisory control and data acquisition SCADA system designed to monitor and control industrial processes. The Data Collector DC.exe component listens on port...
Key infrastructure systems of 3 US cities Under Attack By Hackers
Key infrastructure systems of 3 US cities Under Attack By Hackers BBC News Reported that the Federal Bureau of Investigation FBI announced recently that key infrastructure systems of three US cities had been accessed by hackers. Such systems commonly known as Supervisory Control and Data...
7T Interactive Graphical SCADA System dc.exe Directory Traversal
Added: 06/03/2011 CVE: CVE-2011-1566 BID: 46936 OSVDB: 72349 Background 7-Technologies Interactive Graphical SCADA System IGSS is a Supervisory Control and Data Acquisition SCADA solution used mainly in Denmark and the US. Problem An input validation error in the Data Collector service dc.exe whe...
Dozens of SCADA Exploits, Proof-of-concept Code Published
Exploits for scores of vulnerabilities in supervisory control and data acquisition software SCADA were made public on Monday, according to a report by The Register. 34 holes were published on Seclists.org’s Bugtraq mailing list for programs by Siemens, Iconics, 7-Technologies, Datac and Control...
Stuxnet Virus Could Threaten U.S. Infrastructure, Warns DHS Official
The computer virus Stuxnet, which some experts believe was created specifically to target Iran's nuclear facilities, could also threaten U.S. infrastructure, according to a senior Department of Homeland Security official. "That virus focused on specific software implementations, and those softwar...