CISA Releases Advisory on Wind River VxWorks Platform

The Cybersecurity and Infrastructure Security Agency CISA has released an Industrial Control Systems ICS Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages...

CVE-2019-6827

A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System IGSS, Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated...

Nortek Security & Control Linear eMerge E3-Series Cross-Site Request Forgery Vulnerability

The Nortek Security & Control Linear eMerge E3-Series is an access control system from Nortek Security & Control, USA. A cross-site request forgery vulnerability exists in the Nortek Security & Control Linear eMerge E3-Series, which arises from a WEB application that does not adequately validate...

FaceSentry Access Control System 6.4.8 Authentication Credential Disclosure

FaceSentry Access Control System 6.4.8 Authentication Credentials MiTM Disclosure Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware 5.7.0 build 539 Algorithm A14 Summary: FaceSentry 5AN...

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware...

FaceSentry Access Control System 6.4.8 - Remote Root Exploit

FaceSentry Access Control System 6.4.8 - Remote Root Exploit !/usr/bin/env python -- coding: utf-8 -- FaceSentry Access Control System 6.4.8 Remote Root Exploit Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 5...

FaceSentry Access Control System 6.4.8 - Remote SSH Root

!/usr/bin/env python -- coding: utf-8 -- FaceSentry Access Control System 6.4.8 Remote SSH Root Access Exploit Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware 5.7.0 build 539 Algorith...

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery

FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware 5.7.0 build 539 Algorithm A14 Summary: FaceSentry 5AN is a...

ABB CP635 HMI

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: ABB Equipment: CP635 HMI Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to prevent legitimate...

ABB CP651 HMI

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: ABB Equipment: CP651 HMI Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to prevent legitimate...

Siemens SIMATIC Ident MV440 Family (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Ident MV440 Familiy Vulnerabilities: Improper Privilege Management, Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a...

ICSA-19-162-01 Siemens Siveillance VMS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Siveillance VMS Vulnerabilities: Improper Authorization, Incorrect User Management, Missing Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Schneider Electric Modicon M580 UMAS Improper Authentication Vulnerability

Summary An exploitable improper authentication vulnerability exists in the UMAS PLC reservation function of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can allow an attacker to masquerade as an authenticated use...

Geutebrück G-Cam and G-Code

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Geutebrück Equipment: G-Cam and G-Code Vulnerabilities: Cross-site Scripting, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code...

CVE-2019-6807

creationtimestamp| type| source ---|---|--- 2019-05-22 20:48:25+00:00| seen| https://t.me/cvemitreorg/164 2025-04-24 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-01...

SOCA Access Control System 180612 - CSRF (Add Admin) Vulnerability

Exploit for php platform in category web applications SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint...

SOCA Access Control System 180612 Cross Site Request Forgery

SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...

SOCA Access Control System 180612 SQL Injection

SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and...

SOCA Access Control System 180612 CSRF Add Admin Exploit

Summary The company's products include proximity and fingerprint access control system, time and attendance, electric locks, card reader and writer, keyless entry system and other 30 specialized products. All products are attractively designed with advanced technology in accordance with users'...

SOCA Access Control System 180612 SQL Injection And Authentication Bypass

Summary The company's products include proximity and fingerprint access control system, time and attendance, electric locks, card reader and writer, keyless entry system and other 30 specialized products. All products are attractively designed with advanced technology in accordance with users'...