GE Digital CIMPLICITY

1. EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: GE Digital ​Equipment: CIMPLICITY ​Vulnerability: Process Control 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3...

CVE-2023-39810

creationtimestamp| type| source ---|---|--- 2023-08-28 22:16:51+00:00| seen| https://t.me/cibsecurity/69308 2025-04-24 20:06:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13328 2026-02-12 11:00:00+00:00| seen|...

ROS-20230824-02

A vulnerability in Git's distributed version control system is related to flaws in the path name limitation to the directory. Exploitation of the vulnerability allows an attacker acting remotely to impact the data integrity using a specially crafted command. The vulnerability in the...

CVE-2019-9013

creationtimestamp| type| source ---|---|--- 2023-08-11 07:40:22+00:00| exploited| https://t.me/itsecnews/3061 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

The vulnerability of the Foxboro.sys driver of the distributed system management software EcoStruxureTM Foxboro DCS Control Core Services allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the Foxboro.sys driver, a microprogramming software component of the distributed control system EcoStruxureTM Foxboro DCS Control Core Services, is related to unvalidated array indexing. Exploiting this vulnerability can allow an attacker to cause service failures or execute...

CVE-2023-3670

creationtimestamp| type| source ---|---|--- 2023-07-28 12:29:20+00:00| seen| https://t.me/cibsecurity/67361 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerability of microprogrammed software in Honeywell Experion PKS programmable logic controllers, as well as in measurement and control controllers Experion LX, and the distribution control system Experion PlantCruise, is related to buffer overflow in dynamic memory. Exploiting this...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-2424)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Emerson ROC800 Series RTU and DL8000 Preset Controller

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity Vendor : Emerson Equipment : ROC800-Series RTU; including ROC800, ROC800L, and DL8000 Preset Controllers Vulnerability : Authentication Bypass 2. RISK EVALUATION Successful exploitation of this vulnerability...

Code injection

On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash...

PT-2023-26409 · Crestron · Crestron 3-Series Control Systems

Name of the Vulnerable Software and Affected Versions: Crestron 3-Series Control Systems versions prior to 1.8001.0187 Description: The issue allows an attacker to cause a crash by crafting and sending a specific BACnet packet. Recommendations: For Crestron 3-Series Control Systems versions prior...

The vulnerability of the access control system for the virtual environment, previously known as Citrix Secure Access (formerly Citrix Gateway), is related to improper code generation. This allows a malicious individual to execute arbitrary code.

The vulnerability of the access control system for the virtual environment, previously known as Citrix Secure Access formerly Citrix Gateway, is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by having the user navigate to a...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-2332)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Hitachi Energy Relion 670, 650, SAM600-IO Series (Update A)

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2022-4304 in the OSS component OpenSSL, that affects the Relion 670, 650, SAM600-IO versions that are listed below. An attacker successfully exploiting this vulnerability could send trial messages to the server and record the time taken to...

Hitachi Energy GMS600

SUMMARY Hitachi Energy is aware of the vulnerability, CVE-2022-4304 in the OSS component OpenSSL, that affects the GMS600 versions that are listed below. An attacker successfully exploiting this vulnerability could send trial messages to the server and record the time taken to process them...

The vulnerability of the web interface of the ABB My Control System platform, related to the insecure storage of confidential information, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the web interface of the ABB My Control System platform relates to the insecure storage of confidential information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

Eaton 9000X Drive Stack-Based Buffer Overflow (CVE-2018-8847)

Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Schneider Electric EcoStruxure Foxboro DCS 输入验证错误漏洞

The Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric, France. An input validation error vulnerability exists in Schneider Electric EcoStruxure Foxboro DCS Control Core Services, which stems from incorrect...

Schneider Electric EcoStruxure Foxboro DCS 缓冲区错误漏洞

The Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric, France. A buffer overflow vulnerability exists in Schneider Electric EcoStruxure Foxboro DCS Control Core Services, which originates from a boundary error wh...

Siemens SIMATIC WinCC Local Code Execution Vulnerability

SIMATIC WinCC is a supervisory control and data acquisition SCADA system. A local code execution vulnerability exists in Siemens SIMATIC WinCC, which can be exploited by an attacker to inject arbitrary code and escalate privileges...