Lucene search
K

140 matches found

BDU FSTEC
BDU FSTEC
added 2017/01/13 12:0 a.m.8 views

The vulnerability of the control device in the electrical energy sector, SICAM PAS, allows a intruder to access the database.

The vulnerability of the telecontrol device in the electrical energy sector of SICAM PAS is related to the use of strict password encoding. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain privileged access to the database using the TCP port 2638...

10CVSS7.7AI score0.01821EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2016/09/07 12:0 a.m.55 views

ELNet Power Meter Unauthenticated Access / Weak Credential Management

ELNet Energy & Electrical Power Meter - Mulitple Vulnerabilities http://elnet.feniks-pro.com/Elnet-LT.php http://www.elnet.cc/product/elnet-lt/ Powermeter with color graphic display for all electrical measurements and harmonics, with TCP/IP and RS485 communication ModBus and Bacnet, panel mounted...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2016/07/01 1:5 p.m.19 views

Siemens Patches Password Reconstruction Vulnerability in SICAM PAS

The Industrial Control Systems Cyber Emergency Response Team ICS-CERT cautioned users who work in electrical substations to update certain builds of energy automation software this week. ICS-CERT claims two vulnerabilities exist in the Siemens SICAM Power Automation System, or PAS, that could...

1.9CVSS0.6AI score0.00317EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2016/05/23 12:0 a.m.45 views

Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities

Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is the most comprehensive electrical...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/05/23 12:0 a.m.133 views

Operation Technology ETAP 14.1.0 - Local Privilege Escalation

Operation Technology ETAP 14.1.0 Local Privilege Escalation Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is the most comprehensive electrical engineering software...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/05/23 12:0 a.m.37 views

Operation Technology ETAP 14.1.0 - Local Privilege Escalation

Operation Technology ETAP 14.1.0 - Local Privilege Escalation Operation Technology ETAP 14.1.0 Local Privilege Escalation Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2016/05/23 12:0 a.m.43 views

Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities

Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution...

0.8AI score
Exploits0
0day.today
0day.today
added 2016/05/23 12:0 a.m.54 views

Operation Technology ETAP 14.1.0 - Privilege Escalation

Exploit for windows platform in category local exploits Operation Technology ETAP 14.1.0 Local Privilege Escalation Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is the...

6.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2016/05/22 12:0 a.m.99 views

Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities

Summary Enterprise Software Solution for Electrical Power Systems. ETAP is the most comprehensive electrical engineering software platform for the design, simulation, operation, and automation of generation, transmission, distribution, and industrial systems. As a fully integrated model-driven...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/01/08 12:0 a.m.14 views

Schneider Electric ProClima Application Detection

Binary data 9048.prm...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2015/10/13 10:47 p.m.22 views

This Guy Builds A Thor-Like Hammer that Only He Can Pick Up

If you have watched the most recent Avengers movie, then you would be aware of a scene where all the superheroes Iron Man, War Machine, Hawkeye, and Captain America take turns to lift Thor’s hammer but fail. Someone has an explanation, Why? Inspired by Thor's legendary hammer Mjolnir that is not...

6.7AI score
Exploits0
myhack58
myhack58
added 2015/04/17 12:0 a.m.15 views

D-Link cloud routing memory vulnerability: hack 1 minute break or leakage of online banking passwords-vulnerability warning-the black bar safety net

D-Link cloud routing memory the vulnerability may leak password Relates to 1 of 7 models; the Friends of the news group in English official website released four of the model number Router the patch, but there is no Chinese version of the Beijing news news recently, the domestic security experts...

1.4AI score
Exploits0
NVD
NVD
added 2014/09/23 10:55 a.m.13 views

CVE-2014-6683

The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00271EPSS
Exploits0References3
Prion
Prion
added 2014/09/23 10:55 a.m.12 views

Design/Logic Flaw

The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00271EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/09/23 10:0 a.m.39 views

CVE-2014-6683

The CVE-2014-6683 entry concerns the Open Electrical Webser (com.wOpenElectricalWeb) Android app version 0.1, which fails to verify X.509 certificates from SSL servers. Root cause: missing certificate verification in the app’s TLS handling. Consequence: MITM attackers could spoof servers and capt...

5.4CVSS6AI score0.00271EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/09/23 10:0 a.m.17 views

CVE-2014-6683

The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00271EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2013/11/01 4:5 p.m.12 views

China is planting spying microchips in Electric Iron and kettles that can scan Wi-Fi devices to serve malware

We have discussed many times in our stories the network of Intelligent devices, their capabilities and the possibilities that cyber criminals could exploit them for illegal activities. Hidden chips are used by cyber criminals and state-sponsored hackers to infiltrate company networks and...

6.9AI score
Exploits0
ICS
ICS
added 2013/01/12 7:0 a.m.50 views

Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability

Overview This advisory provides mitigation details for a vulnerability affecting the Schneider Electric MiCOM S1 Studio Software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the MiCOM S1 Studio Software using the Microsoft Attac...

6.6CVSS6.3AI score0.00336EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2009/04/09 2:43 p.m.12 views

Electrical grid attacks have been ongoing for years

The supposedly new attacks on the electrical grid and other portions of the country’s critical infrastructure that came to light this week are in fact not new at all and have been ongoing for several years. Attackers have been making serious inroads into U.S. government, utility and military...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2009/03/20 3:51 a.m.13 views

Hackers can sniff keystrokes from thin air

By Elinor Mills, CNET Presenters at the CanSecWest security conference detailed on Thursday how they can sniff data by analyzing keystroke vibrations using a laser trained on a shiny laptop or through electrical signals coming from a PC connected to a PS/2 keyboard and plugged into a socket. Usin...

1AI score
Exploits0References5
Rows per page
Query Builder