140 matches found
The vulnerability of the control device in the electrical energy sector, SICAM PAS, allows a intruder to access the database.
The vulnerability of the telecontrol device in the electrical energy sector of SICAM PAS is related to the use of strict password encoding. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain privileged access to the database using the TCP port 2638...
ELNet Power Meter Unauthenticated Access / Weak Credential Management
ELNet Energy & Electrical Power Meter - Mulitple Vulnerabilities http://elnet.feniks-pro.com/Elnet-LT.php http://www.elnet.cc/product/elnet-lt/ Powermeter with color graphic display for all electrical measurements and harmonics, with TCP/IP and RS485 communication ModBus and Bacnet, panel mounted...
Siemens Patches Password Reconstruction Vulnerability in SICAM PAS
The Industrial Control Systems Cyber Emergency Response Team ICS-CERT cautioned users who work in electrical substations to update certain builds of energy automation software this week. ICS-CERT claims two vulnerabilities exist in the Siemens SICAM Power Automation System, or PAS, that could...
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities
Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is the most comprehensive electrical...
Operation Technology ETAP 14.1.0 - Local Privilege Escalation
Operation Technology ETAP 14.1.0 Local Privilege Escalation Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is the most comprehensive electrical engineering software...
Operation Technology ETAP 14.1.0 - Local Privilege Escalation
Operation Technology ETAP 14.1.0 - Local Privilege Escalation Operation Technology ETAP 14.1.0 Local Privilege Escalation Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is...
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution...
Operation Technology ETAP 14.1.0 - Privilege Escalation
Exploit for windows platform in category local exploits Operation Technology ETAP 14.1.0 Local Privilege Escalation Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is the...
Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities
Summary Enterprise Software Solution for Electrical Power Systems. ETAP is the most comprehensive electrical engineering software platform for the design, simulation, operation, and automation of generation, transmission, distribution, and industrial systems. As a fully integrated model-driven...
Schneider Electric ProClima Application Detection
Binary data 9048.prm...
This Guy Builds A Thor-Like Hammer that Only He Can Pick Up
If you have watched the most recent Avengers movie, then you would be aware of a scene where all the superheroes Iron Man, War Machine, Hawkeye, and Captain America take turns to lift Thor’s hammer but fail. Someone has an explanation, Why? Inspired by Thor's legendary hammer Mjolnir that is not...
D-Link cloud routing memory vulnerability: hack 1 minute break or leakage of online banking passwords-vulnerability warning-the black bar safety net
D-Link cloud routing memory the vulnerability may leak password Relates to 1 of 7 models; the Friends of the news group in English official website released four of the model number Router the patch, but there is no Chinese version of the Beijing news news recently, the domestic security experts...
CVE-2014-6683
The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6683
The CVE-2014-6683 entry concerns the Open Electrical Webser (com.wOpenElectricalWeb) Android app version 0.1, which fails to verify X.509 certificates from SSL servers. Root cause: missing certificate verification in the app’s TLS handling. Consequence: MITM attackers could spoof servers and capt...
CVE-2014-6683
The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
China is planting spying microchips in Electric Iron and kettles that can scan Wi-Fi devices to serve malware
We have discussed many times in our stories the network of Intelligent devices, their capabilities and the possibilities that cyber criminals could exploit them for illegal activities. Hidden chips are used by cyber criminals and state-sponsored hackers to infiltrate company networks and...
Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability
Overview This advisory provides mitigation details for a vulnerability affecting the Schneider Electric MiCOM S1 Studio Software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the MiCOM S1 Studio Software using the Microsoft Attac...
Electrical grid attacks have been ongoing for years
The supposedly new attacks on the electrical grid and other portions of the country’s critical infrastructure that came to light this week are in fact not new at all and have been ongoing for several years. Attackers have been making serious inroads into U.S. government, utility and military...
Hackers can sniff keystrokes from thin air
By Elinor Mills, CNET Presenters at the CanSecWest security conference detailed on Thursday how they can sniff data by analyzing keystroke vibrations using a laser trained on a shiny laptop or through electrical signals coming from a PC connected to a PS/2 keyboard and plugged into a socket. Usin...