ICSA-20-051-01_B&R Automation Studio and Automation Runtime

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Industrial Automation GmbH Equipment: Automation Studio and Automation Runtime Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a...

Schneider Electric Modicon Ethernet Serial RTU

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon BMXNOR0200H Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Improper Access Control 2. RISK EVALUATION Successful exploitation of these...

Schneider Electric Magelis HMI Panels

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Magelis HMI Panel Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

Pen Testing Ships. A year in review

Partially driven by the upcoming inclusion of Cyber Security by the IMO International Maritime Organisation, 2019 was a really busy year for maritime security testing at PTP. What can we all learn from a year of evaluating the security of ships? We’ve been involved in all sorts of ship testing,...

Command Execution Vulnerability in Schneider 500NAC/500NSHAC Building Control System

The Schneider 500NAC/500NSHAC is a building control system from the French company Schneider Electric Schneider Electric. A command execution vulnerability exists in the Schneider 500NAC/500NSHAC building control system that can be exploited by an attacker to upload malicious files...

SQL Injection Vulnerability in Intelligent Meter Management System of Qingdao Automation Instrument Co.

Intelligent meter cluster management system is an industrial control management system that controls statistics and manages some of the data in the energy industry. There is a SQL injection vulnerability in the Intelligent Instrumentation System of Qingdao Automation Instrumentation Co., Ltd, whi...

CentOS 7 : git (RHSA-2020:0124)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0124 advisory. - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are...

CentOS Update for emacs-git CESA-2020:0124 centos7

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

How Iran's Hackers Might Strike Back After Soleimani's Assassination

From data-destroying wipers to industrial control system hacking, Iran has a potent arsenal of cyberattacks at its disposal...

[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

CVE-2019-13533

CVE-2019-13533 affects Omron PLC CJ and CS series (all versions). The vulnerability allows an attacker to monitor PLC-controller traffic and replay requests, potentially opening/closing industrial valves (authentication bypass via capture-replay). Affected products are Omron CJ/CS series PLCs; mi...

Siemens SPPA-T3000 Deserialization Untrusted Data Vulnerability

The SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. A security vulnerability exists in the Siemens SPPA-T3000. An attacker could exploit the vulnerability to execute arbitrary code...

Siemens SPPA-T3000 improper authentication vulnerability (CNVD-2019-44769)

The SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. A security vulnerability exists in the Siemens SPPA-T3000. An attacker with network access to the application server could cause a denial of service condition by sending...

Symantec Industrial Control System Protection CVE-2019-18380 Unauthorized Access Vulnerability

Description Symantec Industrial Control System Protection is prone to an unauthorized access vulnerability. An attacker can exploit this issue to gain unauthorized access and perform unintended actions. This may lead to further attacks. Symantec Industrial Control System Protection 6.x.x versions...

Symantec ICSP Unauthorized Access

SUMMARY Symantec has released an update to address an issue that was discovered in the Industrial Control System Protection ICSP product. AFFECTED PRODUCTS Industrial Control System Protection ICSP --- CVE | Affected Versions | Remediation CVE-2019-18380 | ICSP 6.x.x | Upgrade to ICSP 6.1.1.123...

ABB Relion 670 Series

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Relion 670 Series Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to read and delete files on the device. 3...

eMerge E3 1.00-06 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: eMerge E3 1.00-06 - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version: 1.00-06...

ICS Attackers Set To Inflict More Damage With Evolving Tactics

Future attacks on industrial control system ICS networks may inflict even more damage in the long run, according to new research. Analysts expect them to evolve from attacks that have immediate, direct impact to those with multiple stages and attack vectors that are more stealthy. While it remain...

The vulnerability of the embedded web-server microprogramming software for Moxa MGate models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 allows a hacker to intercept administrator credentials and other confidential information, gaining access to the control system.

The vulnerability of the embedded web-server microprogramming system controllers from Moxa, models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660, stems from the default use of the HTTP protocol during the implementation of the “Basic HTTP Authentication” method. Exploiting this vulnerability...

The vulnerability of the microprogrammed software of Moxa EDS-G516E and Moxa EDS-510E switches, which is related to the default use of the HTTP protocol, allows attackers to intercept administrator credentials and other confidential information, thereby gaining access to the control system.

The vulnerability of the microprogrammed software of Moxa EDS-G516E and Moxa EDS-510E switches is related to the default use of the HTTP protocol in implementing the “Basic HTTP Authentication” method. Exploiting this vulnerability allows a malicious actor to remotely intercept administrator...