Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

Grassroots DICOM (GDCM)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted file, and when parsed, could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

Schneider Electric Modicon M241, M251, and M262

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Schneider Electric EcoStruxure Automation Expert

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

Johnson Controls iSTAR

RISK EVALUATION Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

Festo Controller CECC-S,-LK,-D Family Firmware (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash services, escalate privileges, bypass authentication, or gain unauthorized access to sensitive systems and data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

FUJIFILM Healthcare Americas Synapse Mobility

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access information beyond their assigned roles. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in a remote attacker being able to delay the processing of the Web server function and prevent legitimate users from utilizing the Web server function by sending a specially crafted HTTP request. 2. RECOMMENDED PRACTICES...

Santesoft Sante PACS Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create arbitrary files, cause a denial-of-service condition, obtain sensitive information, and steal a user's cookie information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

Schneider Electric Modicon M340 Controller and Communication Modules (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Schneider Electric Modicon Controllers (Update B)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Sungrow iSolarCloud Android App, WiNet Firmware

RISK EVALUATION Successful exploitation of these vulnerabilities could result in attackers being able to access and could modify sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

Medixant RadiAnt DICOM Viewer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform a machine-in-the-middle attack MITM, resulting in malicious updates being delivered to the user. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

Elseta Vinci Protocol Analyzer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges and perform code execution on the affected system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

Dingtian DT-R0 Series

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify the device settings and gain administrator access. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

Siemens Opcenter Intelligence

SUMMARY The Tableau Server component in Opcenter Intelligence contains multiple vulnerabilities as described below. Siemens has released a new version for Opcenter Intelligence and recommends to update to the latest version and to install the latest available version of Tableau Server as...

Rockwell Automation PowerMonitor 1000 Remote

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform edit operations, create admin users, perform factory reset, execute arbitrary code, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...

Schneider Electric EcoStruxure

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Schneider Electric FoxRTU Station

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

APSystems Altenergy Power Control

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely / low attack complexity / public exploits available ​Vendor: APSystems ​Equipment: Altenergy Power Control ​Vulnerability: OS Command Injection 2. RISK EVALUATION ​Successful exploitation of this vulnerability may allow remote...