11 matches found
mySCADA myPRO
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : mySCADA Equipment : myPRO Vulnerability : Use of Hard-coded Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely execute code on the...
Mitsubishi Electric MELSEC WS Series Ethernet Interface Module
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Equipment : MELSEC WS Series Vulnerability : Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attacker to...
Subnet Solutions Inc. PowerSYSTEM Center
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker achieving arbitrary...
Schweitzer Engineering Laboratories SEL-411L
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL-411L Vulnerability : Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability...
Centralite Pearl Thermostat
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Centralite Equipment : Pearl Thermostat Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this...
Suprema BioStar 2
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Suprema Inc. Equipment : BioStar 2 Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
APSystems Altenergy Power Control
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely / low attack complexity / public exploits available Vendor: APSystems Equipment: Altenergy Power Control Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote...
GENIVI Alliance DLT
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: GENIVI Alliance Equipment: DLT-Daemon Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution or crash the...
Mitsubishi Electric GOT and Tension Controller (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT and Tension Controller Vulnerability: Buffer Access with Incorrect Length Value 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-131-02...
Mitsubishi Electric MELSEC iQ-R Series (Update C)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-161-02 Mitsubishi...
CISA, DOE, and UK’s NCSC Issue Guidance on Protecting Industrial Control Systems
The Cybersecurity and Infrastructure Security Agency CISA, the Department of Energy DOE, and the UK's National Cyber Security Centre NCSC have released Cybersecurity Best Practices for Industrial Control Systems, an infographic providing recommended cybersecurity practices for industrial control...