CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ICS•added 2025/09/30 6:0 a.m.•3 views

Festo Controller CECC-S,-LK,-D Family Firmware (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash services, escalate privileges, bypass authentication, or gain unauthorized access to sensitive systems and data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

8.2AI score

ICS•added 2025/09/02 6:0 a.m.•0 views

Delta Electronics EIP Builder

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to potentially process dangerous external entities, resulting in disclosure of sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

5.5CVSS6.4AI score0.00018EPSS

ICS•added 2025/09/02 6:0 a.m.•1 views

SunPower PVS6

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, modify settings, disable the device, create SSH tunnels, and manipulate attached devices. 2. RECOMMENDED PRACTICES CISA recommends users take...

9.4CVSS7AI score0.00024EPSS

ICS•added 2025/05/13 12:0 a.m.•8 views

Siemens BACnet ATEC Devices

SUMMARY BACnet ATEC devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device's normal operation. Siemens recommends...

7.1CVSS7.2AI score0.00132EPSS

Wired Threat Level•added 2025/05/06 7:27 p.m.•18 views

Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years

Now the US director of national intelligence, Gabbard failed to follow basic cybersecurity practices on several of her personal accounts, leaked records reviewed by WIRED reveal...

7.3AI score

ICS•added 2025/05/06 6:0 a.m.•6 views

Optigo Networks ONS NC600

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to establish an authenticated connection with the hard-coded credentials and perform OS command executions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

9.3CVSS6.9AI score0.00493EPSS

ICS•added 2025/02/25 1:30 p.m.•15 views

Hitachi Energy MACH GWS products

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the MACH GWS product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability impacts. Please refer to the Recommended Immediate...

6.7AI score

Exploits0References9

ICS•added 2025/01/14 12:0 a.m.•3 views

Schneider Electric EcoStruxure Power Build Rapsody

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

4.6CVSS7.7AI score0.00084EPSS

ICS•added 2025/01/09 7:0 a.m.•3 views

Delta Electronics DRASimuCAD (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device or potentially allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to...

7.8CVSS7.4AI score0.00894EPSS

HackRead•added 2024/12/16 12:57 p.m.•5 views

Firmware Security: Identifying Risks to Implement Best Cybersecurity Practices

Find out the key security risks of firmware security: Identify threats, and learn best practices and protection methods…...

7.5AI score

ICS•added 2024/12/03 7:0 a.m.•15 views

Ruijie Reyee OS (Update A)

RISK EVALUATION Successful exploitation of this vulnerabilities could allow attackers to take near full control over the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.3AI score

ICS•added 2024/10/08 12:0 a.m.•5 views

Schneider Electric Easergy Studio

7.8CVSS7.1AI score0.0007EPSS

ICS•added 2024/07/09 12:0 a.m.•7 views

Schneider Electric Wiser Home Controller WHC-5918A

9.8CVSS6.7AI score0.00392EPSS

Malwarebytes•added 2024/03/19 7:33 p.m.•13 views

Upcoming webinar: How a leading architecture firm approaches cybersecurity

How does a company navigate over 80 years of technical debt? Which tools do a security team of 5 rely on everyday? What threats are considered most dangerous? On March 28, 2024, Malwarebytes CEO, Marcin Kleczynski, and Payette Associates Director of Information Technology, Dan Gallivan, will answ...

7.4AI score

Malwarebytes•added 2023/11/01 12:21 p.m.•11 views

SolarWinds and its CISO accused of misleading investors before major cyberattack

The Securities and Exchange Commission SEC has announced charges against software company SolarWinds Corporation and its chief information security officer CISO, Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.” In 202...

7AI score

Malwarebytes•added 2023/10/18 2:30 a.m.•12 views

3 crucial security steps people should do, but don't

Cybersecurity could be as easy as 1-2-3. The problem, though, is that people have to want it. In new research conducted by Malwarebytes, internet users across the United States and Canada admitted to dismal cybersecurity practices, failing to adopt some of the most basic defenses for staying safe...

7.2AI score

ICS•added 2023/10/12 12:0 p.m.•19 views

Schneider Electric IGSS

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : low attack complexity Vendor : Schneider Electric Equipment : IGSS Interactive Graphical SCADA System Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

7.8CVSS8.6AI score0.00028EPSS

Exploits0References34

Schneier on Security•added 2023/08/07 11:3 a.m.•20 views

Microsoft Signing Key Stolen by Chinese

A bunch of networks, including US Government networks, have been hacked by the Chinese. The hackers used forged authentication tokens to access user email, using a stolen Microsoft Azure account consumer signing key. Congress wants answers. The phrase "negligent security practices" is being tosse...

7AI score