Schneider Electric Power Logic

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to modify data or cause a denial-of-service condition on web interface functionality. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

mySCADA myPRO Manager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

HMS Networks Ewon Flexy 202

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive user credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

CVE-2024-11166 Traffic Alert and Collision Avoidance System (TCAS) II has an External Control of System or Configuration Setting vulnerability

For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control SLC to the lowest setting and disable the Resolution Advisory RA, leading to a...

CBL Mariner 2.0 Security Update: git (CVE-2024-50349)

The version of git installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50349 advisory. - Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides...

ZF Roll Stability Support Plus (RSSPlus)

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely proximal/adjacent with RF equipment call diagnostic functions which could impact both the availability and integrity. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

CVE-2024-52006

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems mos...

Belledonne Communications Linphone-Desktop

RISK EVALUATION Successful exploitation of this vulnerability could could result in a remote attacker causing a denial-of-service condition on the affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

CISA: Secure by Demand: Priority Considerations

This is CISA's Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products. This guide is intended to help owners and operators procure Operational Technology OT products, particularly industrial automation and control system products,...

Siemens SIMATIC S7-1200 CPUs

SUMMARY The web interface of SIMATIC S7-1200 CPUs before V4.7 is affected by a cross-site request forgery CSRF vulnerability. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure,...

Schneider Electric EcoStruxure Power Build Rapsody

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management is affected by a reflected cross-site scripting XSS vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link. Siemens recommends countermeasures for products where fixes are not, or not yet...

CVE-2024-6352

creationtimestamp| type| source ---|---|--- 2025-01-13 18:45:01+00:00| seen| https://t.me/cvedetector/15160 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-03...

PT-2025-43668

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 115.31 Firefox ESR versions prior to 140.6 Description A sandbox escape exists because of incorrect boundary conditions within the Graphics: CanvasWebGL component. Real-world attacks...

Tibbo AggreGate Network Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve code execution on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

Delta Electronics DTM Soft

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

The vulnerability of the software for controlling the Geovision GV-ASManager system lies in the absence of an authentication procedure, which allows a intruder to disclose the protected information.

The vulnerability of the software for controlling the Geovision GV-ASManager access control system is related to the absence of an authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

Rockwell Automation PowerMonitor 1000 Remote

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform edit operations, create admin users, perform factory reset, execute arbitrary code, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...

Apache Subversion Denial of Service Vulnerability (CNVD-2024-49153)

Apache Subversion is the United States Apache Apache Foundation of a set of open source version control system. The system is compatible with Concurrent Versions System CVS. A denial of service vulnerability exists in Apache Subversion 1.14.4 and earlier versions, which stems from insufficient...

Horner Automation Cscape

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...