Lucene search
K

96 matches found

ICS
ICS
added 2021/09/14 12:0 a.m.52 views

Siemens Desigo CC Family

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Desigo CC Family Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code...

10CVSS9.9AI score0.0189EPSS
Exploits0References11
ICS
ICS
added 2021/08/26 12:0 a.m.55 views

Delta Electronics DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-238-04 Delta Electronics DOPSoft that was...

7.8CVSS8.2AI score0.02376EPSS
Exploits0References5
ICS
ICS
added 2021/08/24 12:0 a.m.32 views

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: TPEditor Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow for arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

7.8CVSS8AI score0.01068EPSS
Exploits0References5
ICS
ICS
added 2021/07/13 12:0 a.m.177 views

Schneider Electric Modicon Controllers and Software (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : EcoStruxure Control Expert, EcoStruxure Process Expert, SCADAPack RemoteConnect x70, SCADAPack x70 RTUs, and Modicon M580 and M340 control products Vulnerabilities :...

9.1CVSS8.4AI score0.01023EPSS
Exploits0References5
ICS
ICS
added 2021/06/15 12:0 a.m.140 views

Automation Direct CLICK PLC CPU Modules

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Automation Direct Equipment: CLICK PLC CPU modules Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Cleartext Transmission of Sensitive Information, Unprotected Storage of...

9.8CVSS9.6AI score0.0107EPSS
Exploits0References5
ICS
ICS
added 2021/05/04 12:0 a.m.64 views

Delta Electronics CNCSoft ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device, and an out-of-bounds write...

7.8CVSS8.2AI score0.09728EPSS
Exploits0References5
ICS
ICS
added 2021/04/20 12:0 a.m.44 views

Delta Electronics CNCSoft ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Industrial Automation Equipment: CNCSoft ScreenEditor Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1...

9.8CVSS9.7AI score0.01752EPSS
Exploits0References5
ICS
ICS
added 2021/04/13 12:0 a.m.63 views

Siemens Nucleus DNS (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Nucleus Vulnerability: Use of Insufficiently Random Values 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-103-14 Siemens Nucleus...

5.3CVSS5.5AI score0.00751EPSS
Exploits0References11
ICS
ICS
added 2021/01/21 12:0 a.m.63 views

Mitsubishi Electric MELFA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELFA FR Series, MELFA CR Series, MELFA ASSISTA Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

7.8CVSS7.7AI score0.02744EPSS
Exploits0References4
ICS
ICS
added 2020/11/19 7:0 a.m.91 views

Mitsubishi Electric MELSEC iQ-R Series (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

7.8CVSS7.6AI score0.02117EPSS
Exploits0References10
ICS
ICS
added 2020/09/01 6:0 a.m.98 views

Mitsubishi Electric Multiple Products (Update G)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : Multiple products Vulnerability : Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could be used...

9.8CVSS9.7AI score0.0227EPSS
Exploits0References10
ICS
ICS
added 2020/07/30 12:0 a.m.78 views

Mitsubishi Electric Factory Automation Products Path Traversal (Update C)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Factory Automation products Vulnerability: Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

9.8CVSS9.5AI score0.02254EPSS
Exploits0References5
ICS
ICS
added 2020/02/11 12:0 a.m.134 views

Siemens PROFINET-IO Stack (Update H)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.7AI score0.01448EPSS
Exploits1References12
ICS
ICS
added 2019/09/10 12:0 a.m.529 views

ICSA-19-253-03_Siemens Industrial Products (Update P)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION...

8.6AI score
Exploits0References2
erpscan
erpscan
added 2016/06/17 12:0 a.m.156 views

SAP NetWeaver AS Java 7.5 XXE in com.sap.km.cm.ice

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2387249 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE...

4CVSS6.8AI score0.01373EPSS
Exploits0
ICS
ICS
added 2015/11/27 12:0 a.m.224 views

Siemens SIMATIC Communication Processor Vulnerability (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...

9.7CVSS6.8AI score0.02149EPSS
Exploits0References10
Rows per page
Query Builder