Philips e-Alert

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: Philips Equipment: e-Alert Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an unauthorized actor to...

Cisco Secure Access Control System Java Deserialization Vulnerability

A vulnerability in Java deserialization used by Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software...

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), related to reading data beyond the specified buffer, allows a intruder to trigger a service failure.

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System IGSS, is related to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

The vulnerability of the authenticated user authentication mechanism in the Yokogawa CENTUM VP SCADA system allows a intruder to disclose the protected information.

The vulnerability of the predefined user authentication mechanism in the Yokogawa CENTUM VP SCADA system is related to deficiencies in the authentication procedures. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose the protected information...

Schneider Electric Interactive Graphical SCADA System Buffer Overflow Vulnerability (CNVD-2022-13069)

Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. The Schneider Electric Interactive Graphical SCADA System suffers from a buffer overflow...

Schneider Electric Interactive Graphical SCADA System 安全漏洞

Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. An authorization issue vulnerability exists in the Schneider Electric Interactive Graphical SCA...

Schneider Electric Interactive Graphical SCADA System 路径遍历漏洞

Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. A path traversal vulnerability exists in the Schneider Electric Interactive Graphical SCADA...

Interactive Graphical SCADA System Data Server 输入验证错误漏洞

The Schneider Electric Interactive Graphical Scada System Igss is a Scada system for monitoring and controlling industrial processes from Schneider Electric, France. The Schneider Electric Interactive Graphical Scada System has an integer overflow vulnerability that can be exploited by an attacke...

PT-2022-4092 · Siemens · Simatic Pcs 7 +1

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions V8.2 through V9.1 SIMATIC PCS 7 version V9.1 prior to V9.1 SP1 SIMATIC WinCC versions V7.4 through V7.4 prior to V7.4 SP1 Update 19 SIMATIC WinCC versions V7.5 through V7.5 prior to V7.5 SP2 Update 6 SIMATIC WinCC...

Rockwell Automation Allen-Bradley CompactLogix Reflective Cross-Site Scripting (CVE-2016-2279)

Cross-site scripting XSS vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This plugin only works with Tenable.ot. Please visit...

ABB Relion 650 and 670 Series Improper Input Validation (CVE-2019-18247)

An attacker may use a specially crafted message to force Relion 650 series versions 1.3.0.5 and prior or Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior to reboot, which could cause a denial of service. This plugin only works with Tenable.ot. Please visit...

CVE-2021-46664

creationtimestamp| type| source ---|---|--- 2022-02-01 07:25:58+00:00| seen| https://t.me/cibsecurity/36613 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

Advantech ADAM-3600

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: ADAM-3600 Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized access to intercept traffic...

CVE-2021-44463 Emerson DeltaV Uncontrolled Search Path Element

Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations All versions when some DeltaV services are started...

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Archive Enterprise Edition (CVE-2021-44228)

Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect the IBM Spectrum Archive Enterprise Edition EE. The below fix package includes Apache Log4j 2.15. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache...

Horner Automation Cscape EnvisionRV Input Validation Error Vulnerability

Horner Automation Cscape EnvisionRV is a programming software for industrial control system development from Horner Automation, U.S. An input validation error vulnerability exists in Horner Automation Cscape EnvisionRV, which could be exploited by an attacker to execute arbitrary code in the...

mySCADA myPRO 安全漏洞

mySCADA myPRO is an HMI/SCADA system designed primarily for the visualization and control of industrial processes. An authentication bypass vulnerability exists in mySCADA myPRO, which can be exploited by an attacker to access the application without any form of authentication or authorization...

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is an HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO, which can be exploited by an attacker to inject arbitrary operating system commands via specific paramete...

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is an HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO, which can be exploited by an attacker to inject arbitrary operating system commands via specific paramete...

Security Bulletin: Log4JShell Vulnerability affects Watson Knowledge Catalog InstaScan (CVE-2021-44228)

Summary There is a vulnerability in the version of Apache Log4j that was included in Watson Knowledge Catalog InstaScan. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the...