Lucene search
K

58 matches found

Packet Storm News
Packet Storm News
added 2026/04/13 12:0 a.m.2 views

Security Implications of 5G Communication in Industrial Systems

Traditionally, industrial control systems ICS were designed without security in mind, prioritizing availability and real-time communication. As these systems increasingly become targets of powerful adversaries, security can no longer be neglected. Driven by flexibility and automation needs, ICS a...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.6 views

PT-2025-47026

Name of the Vulnerable Software and Affected Versions General Industrial Controls Lynx+ Gateway affected versions not specified Description The embedded web server lacks critical authentication, potentially allowing a remote attacker to reset the device. This could lead to a complete remote...

10CVSS6.6AI score0.0063EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-2365

Malware in sbrugna...

6.5CVSS6.6AI score0.0207EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2025/07/28 4:12 a.m.9 views

Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide

Cybersecurity researchers have discovered over a dozen security vulnerabilities impacting Tridium's Niagara Framework that could allow an attacker on the same network to compromise the system under certain circumstances. "These vulnerabilities are fully exploitable if a Niagara system is...

9.8CVSS8.2AI score0.07416EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/14 12:0 a.m.3 views

Reporte De Vulnerabilidades En IIoT. Proyecto DEFENDER

The main objective of this technical report is to conduct a comprehensive study on devices operating within Industrial Internet of Things IIoT environments, describing the scenarios that define this category and analysing the vulnerabilities that compromise their security. To this end, the report...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/07/04 7:31 a.m.284 views

Exploit for Incorrect Type Conversion or Cast in Kunbus Revpi_Status

CVE-2025-41646---Critical-Authentication-Bypass- CVE-2025-4164...

9.8CVSS6.8AI score0.40725EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2023/09/08 12:0 a.m.3 views

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems, PHOENIX CONTACTs WP 6xxx, allows a perpetrator to gain full access to the device.

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems like PHOENIX CONTACT WP 6xxx exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability can allow a malicious actor, operating remotely,...

9.9CVSS7.6AI score0.00925EPSS
Exploits0References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/28 12:0 a.m.4 views

The vulnerability of microprogramming software in web panels for managing and monitoring processes in industrial systems, PHOENIX CONTACT WP 6xxx – existing due to the lack of measures to neutralize special elements – allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogrammed software in web panels for managing and monitoring processes in industrial systems like PHOENIX CONTACT WP 6xxx exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow a malicious actor to compromise the...

8.3CVSS7.1AI score0.00693EPSS
Exploits0References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/28 12:0 a.m.6 views

The vulnerability of microprogramming software in web panels for controlling and monitoring processes in industrial systems, PHOENIX CONTACT WP 6xxx, arises from the use of rigidly encrypted account data. This allows a intruder to gain unauthorized access to protected information and compromise its integrity.

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems, such as PHOENIX CONTACT WP 6xxx, is related to the use of rigidly encrypted account data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

4.7CVSS7.1AI score0.00441EPSS
Exploits0References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/08 12:0 a.m.7 views

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems from PHOENIX CONTACTs WP 6xxx exists due to the lack of measures taken to neutralize special elements used in the operating system command. This vulnerability allows a intruder to gain unauthorized access to the device.

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems exists due to the lack of measures taken to neutralize special elements used in the operating system command set. Exploiting this vulnerability can allow a malicious actor,...

9.9CVSS7.8AI score0.00789EPSS
Exploits0References2Affected Software6
The Hacker News
The Hacker News
added 2023/07/13 9:0 a.m.43 views

Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP ENIP communication module models that could be exploited to achieve remote code execution and denial-of-service DoS. "The results and impact of...

8.1AI score0.0364EPSS
Exploits0
OSV
OSV
added 2023/04/11 10:15 a.m.6 views

CVE-2022-43716

A vulnerability has been identified in SIMATIC CP 1242-7 V2 6GK7242-7KX31-0XE0 All versions V3.4.29, SIMATIC CP 1243-1 6GK7243-1BX30-0XE0 All versions V3.4.29, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.4.29, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.4.29,...

7.5CVSS5.7AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/08/31 3:33 p.m.5 views

CVE-2022-2758 Update

Passwords are not adequately encrypted during the communication process between all versions of LS Industrial Systems LSIS Co. Ltd LS Electric XG5000 software prior to V4.0 and LS Electric PLCs: all versions of XGK-CPUU/H/A/S/E prior to V3.50, all versions of XGI-CPUU/UD/H/S/E prior to V3.20, all...

6.5CVSS7.2AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2022/08/31 3:33 p.m.89 views

CVE-2022-2758

CVE-2022-2758 involves inadequate encryption strength in LS Electric’s XG5000 software communication with LS Electric PLCs. Affected products include XG5000 (all versions prior to 4.0) and PLCs: XGK-CPUU/H/A/S/E (all versions prior to 3.50), XGI-CPUU/UD/H/S/E (prior to 3.20), XGR-CPUH (prior to 1...

6.5CVSS5.9AI score0.00312EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/31 3:33 p.m.17 views

CVE-2022-2758 Update

Passwords are not adequately encrypted during the communication process between all versions of LS Industrial Systems LSIS Co. Ltd LS Electric XG5000 software prior to V4.0 and LS Electric PLCs: all versions of XGK-CPUU/H/A/S/E prior to V3.50, all versions of XGI-CPUU/UD/H/S/E prior to V3.20, all...

6.5CVSS6.7AI score0.00312EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/07/18 10:59 a.m.54 views

Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems

Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers PLCs and co-opt the machines to a botnet. The software "exploited a vulnerability in the firmware which allowed it to retrieve the...

1.6AI score0.00599EPSS
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/01/27 12:0 a.m.9 views

Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems

In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service DDS standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022...

3.8AI score
Exploits0
FireEye
FireEye
added 2021/05/25 12:0 a.m.212 views

Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises

Attacks on control processes supported by operational technology OT are often perceived as necessarily complex. This is because disrupting or modifying a control process to cause a predictable effect is often quite difficult and can require a lot of time and resources. However, Mandiant Threat...

1.9AI score
Exploits0References6
The Hacker News
The Hacker News
added 2021/04/16 8:38 a.m.77 views

Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service DoS attacks, data leaks, and remote code execution. All OpENer commits and...

9.8CVSS2AI score0.04519EPSS
Exploits2
ThreatPost
ThreatPost
added 2020/11/25 2:40 p.m.102 views

Laser-Based Hacking from Afar Goes Beyond Amazon Alexa

Imagine someone hacking into an Amazon Alexa device using a laser beam and then doing some online shopping using that person account. This is a scenario presented by a group of researchers who are exploring why digital home assistants and other sensing systems that use sound commands to perform...

7.5AI score
Exploits0References10
Rows per page
Query Builder