Lucene search
K

97 matches found

ICS
ICS
added 2022/08/09 12:0 a.m.39 views

Siemens Simcenter STAR-CCM+

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Simcenter STAR-CCM+ contains an information disclosure vulnerability...

7.5CVSS7.6AI score0.00607EPSS
Exploits0References11
ICS
ICS
added 2022/07/26 6:0 a.m.90 views

ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, MC Works64 Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read 2...

9.8CVSS8.7AI score0.4548EPSS
Exploits0References8
ICS
ICS
added 2022/06/30 12:0 p.m.56 views

CODESYS Gateway Server (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS GmbH Equipment: CODESYS Gateway Server Vulnerability: Heap Based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-15-258-02 3S...

7.5CVSS7.6AI score0.0621EPSS
Exploits0References27
ICS
ICS
added 2022/05/03 12:0 a.m.256 views

Yokogawa CENTUM and ProSafe-RS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: CENTUM and ProSafe-RS Vulnerabilities: OS Command Injection, Improper Authentication, NULL Pointer Dereference, Improper Input Validation, Resource Management Errors 2. RISK...

9.1CVSS8.3AI score0.12841EPSS
Exploits0References5
ICS
ICS
added 2022/03/08 12:0 a.m.62 views

AVEVA System Platform

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: System Platform Vulnerability: Cleartext Storage of Sensitive Information in Memory 2. RISK EVALUATION Successful exploitation of this vulnerability could expose cleartext credentials for the network user...

8.1CVSS6.3AI score0.00166EPSS
Exploits0References5
ICS
ICS
added 2022/03/08 12:0 a.m.128 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
ICS
ICS
added 2022/03/08 12:0 a.m.98 views

Siemens RUGGEDCOM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

6.7CVSS6.5AI score0.00372EPSS
Exploits0References10
ICS
ICS
added 2022/02/22 12:0 a.m.92 views

WIN-911 2021

1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION: Low attack complexity Vendor: WIN-911 Equipment: WIN-911 2021 Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the misconfigured privileges to the...

7.8CVSS7.6AI score0.00208EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2022/01/13 6:29 a.m.623 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

This is a PoC exploit for CVE-2021-26084, a pre-auth RCE injecti...

9.8CVSS8.8AI score0.99999EPSS
Exploits45
ICS
ICS
added 2022/01/13 12:0 a.m.47 views

Mitsubishi Electric MELSEC-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Improper Initialization 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a denial-of-service condition in the...

7.8CVSS7.7AI score0.03595EPSS
Exploits0References4
ICS
ICS
added 2022/01/06 12:0 a.m.34 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

7.8CVSS8.3AI score0.09271EPSS
Exploits0References5
ICS
ICS
added 2021/12/16 12:0 a.m.71 views

Siemens Healthineers syngo fastView (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Healthineers, a subsidiary of Siemens Equipment: syngo fastView --------- Begin Update A Part 1 of 2 -------- Vulnerabilities: Out-of-bounds Write, Write-what-where Condition --------- End Update A Part 1 of 2...

7.8CVSS8.1AI score0.00323EPSS
Exploits0References4
ICS
ICS
added 2021/12/16 12:0 a.m.171 views

Mitsubishi Electric FA Engineering Software (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Vulnerabilities: Out-of-bounds Read, Integer Underflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-350-05...

5.5CVSS6AI score0.00932EPSS
Exploits0References4
ICS
ICS
added 2021/12/16 12:0 a.m.39 views

Delta Electronics CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure or an application crash. 3. TECHNICAL DETAILS 3.1...

6.1CVSS5.8AI score0.00662EPSS
Exploits0References4
ICS
ICS
added 2021/12/14 12:0 a.m.32 views

Siemens JTTK and JT Utilities

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JTTK and JT Utilities Vulnerabilities: Out-of-bounds Write, Use after Free, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead the application to crash or...

7.8CVSS7.3AI score0.00855EPSS
Exploits0References11
ICS
ICS
added 2021/12/02 12:0 a.m.44 views

Schneider Electric SESU

1. EXECUTIVE SUMMARY CVSS v3 3.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Schneider Electric Software Update SESU Vulnerability: Insufficient Entropy 2. RISK EVALUATION Successful exploitation of this vulnerability could cause unintended connection from an internal...

3.8CVSS4.8AI score0.00237EPSS
Exploits0References4
ICS
ICS
added 2021/11/24 7:0 a.m.44 views

Philips MRI 1.5T and 3T (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low attack complexity Vendor: Philips Equipment: MRI 1.5T and 3T Vulnerabilities: Improper Access Control, Incorrect Ownership Assignment, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these...

5.9CVSS6AI score0.00629EPSS
Exploits0References11
ICS
ICS
added 2021/10/26 12:0 a.m.86 views

Fuji Electric Tellus Lite V-Simulator and V-Server Lite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator, and V-Server Lite Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Untrusted Pointer Dereference, Out-of-bounds Read, Access of Uninitialized Pointer,...

7.8CVSS8.3AI score0.00981EPSS
Exploits0References5
ICS
ICS
added 2021/10/21 12:0 a.m.42 views

ICONICS GENESIS64 and Mitsubishi Electric MC Works64

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64, Mitsubishi Electric MC Works64 Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...

7.8CVSS5.4AI score0.02743EPSS
Exploits0References5
ICS
ICS
added 2021/09/23 12:0 a.m.42 views

Trane Symbio (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Trane Equipment: Symbio 700 and Symbio 800 controllers Vulnerability: Code Injection 2. UPDATE INFORMATION The updated advisory is a follow-up to the original advisory titled ICSA-21-266-01 Trane Symbio that was published...

7.6CVSS8.2AI score0.00272EPSS
Exploits0References5
Rows per page
Query Builder