342 matches found
Advantech WebAccess/SCADA
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated attacker to read or modify a remote database. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...
National Instruments LabView
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...
Multiple vulnerabilities in CHOCO TEI WATCHER mini
Overview CHOCO TEI WATCHER mini provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below. Clickjacking CWE-1021 - CVE-2025-59479 Improper check for unusual conditions CWE-754 - CVE-2025-61976 Improper check for unusual conditions CWE-754 - CVE-2025-66357 JTEKT...
Hitachi Energy AFS, AFR and AFF Series
RISK EVALUATION Successful exploitation of this vulnerability could compromise the integrity of the product data and disrupt its availability. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...
Universal Boot Loader (U-Boot) (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...
Multiple India-based CCTV Cameras (Update A)**
RISK EVALUATION Successful exploitation of this vulnerability could result in information disclosure including capture of camera account credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...
Siemens COMOS
SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...
Advantech iView
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify, or delete data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...
SiRcom SMART Alert (SiSA)
RISK EVALUATION Successful exploitation of this vulnerability could enable an attacker to remotely activate or manipulate emergency sirens. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...
Shelly Pro 4PM
RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...
AVEVA Edge
RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to reverse engineer passwords through brute force. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...
*Rockwell Automation AADvance-Trusted SIS Workstation *
RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...
CVE-2025-64180 Manager-io/Manager: Complete Bypass of SSRF Protection via Time-of-Check Time-of-Use (TOCTOU)
Manager-io/Manager is accounting software. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorized access to internal network resources. The flaw lies in the fundamental design of the DNS validation mechanism. A Time-of-Check Time-of-Use TOCTOU...
Manager-io 代码问题漏洞
Manager-io is an open source accounting software from Manager.io. It is available for Windows, Mac and Linux. A code issue vulnerability exists in Manager-io 25.11.1.3085 and prior versions that stems from a TOCTOU condition in the DNS authentication mechanism, which could lead to bypassing netwo...
Advantech DeviceOn/iEdge
RISK EVALUATION Successful exploitation of these vulnerabilities could result in a denial-of-service condition, remote code execution, or an attacker reading arbitrary files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...
Survision License Plate Recognition Camera
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to fully access the system without requiring authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...
Hitachi Energy TropOS
RISK EVALUATION Successful exploitation of these vulnerabilities could allow command injections and privilege escalation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for...
International Standards Organization ISO 15118-2 (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could result in man-in-the-middle attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...
Packet Fence 15.0.0
PacketFence is a network access control NAC system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration...
Veeder-Root TLS4B Automatic Tank Gauge System
RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to execute system-level commands, gain full shell access, achieve remote command execution, move laterally within the network, trigger a denial of service condition, cause administrative lockout, and disrupt...