Lucene search
K

196 matches found

ICS
ICS
added 2024/03/26 11:32 a.m.55 views

Hitachi Energy MACH SCM (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION : Exploitable remotely Vendor : Hitachi Energy Equipment : MACH SCM Vulnerabilities : Improper Control of Generation of Code, Improper Neutralization of Directives in Dynamically Evaluated Code 2. RISK EVALUATION Successful exploitation of...

7.5CVSS7.7AI score0.00628EPSS
Exploits0References9
Openbugbounty
Openbugbounty
added 2023/12/10 9:8 p.m.6 views

processcontrolformacion.com Improper Access Control vulnerability OBB-3808474

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.5 views

Softing OPC Security Vulnerability

Softing OPC is an OPC OLE for Process Control solution from Softing Germany. A security vulnerability exists in Softing OPC Suite version 5.25 and prior versions, which stems from incorrect access control. An attacker could exploit the vulnerability to obtain sensitive information via weak...

7.5CVSS7.3AI score0.00593EPSS
Exploits0References1
ICS
ICS
added 2023/11/28 12:0 a.m.23 views

Hitachi Energy Relion 670/650/SAM600-IO Series (Update C)

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2023-4518 that affects the Relion 670/650/SAM600-IO series that are listed below. An attacker successfully exploiting this vulnerability could cause operational disruptions of the devices. For immediate mitigation/workaround information,...

7.5CVSS7.4AI score0.00701EPSS
Exploits0References9
VulnCheck KEV
VulnCheck KEV
added 2023/10/11 12:0 a.m.7 views

VulnCheck KEV: CVE-2022-23748

Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code...

7.8CVSS7.5AI score0.09092EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/05 10:55 p.m.42 views

CVE-2023-4487 GE Digital CIMPLICITY Process Control

GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software...

7.8CVSS8AI score0.00183EPSS
Exploits0References2
CVE
CVE
added 2023/09/05 10:55 p.m.75 views

CVE-2023-4487

CVE-2023-4487 affects GE Digital CIMPLICITY 2023. A process-control vulnerability could allow a local attacker to insert malicious configuration files into the web server execution path, escalating privileges and gaining full control of the HMI software. Affected product: CIMPLICITY 2023. Impact:...

7.8CVSS7.8AI score0.00183EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/05 10:55 p.m.10 views

CVE-2023-4487 GE Digital CIMPLICITY Process Control

GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software...

7.8CVSS7.2AI score0.00183EPSS
Exploits0References2
ICS
ICS
added 2023/08/31 6:0 a.m.47 views

GE Digital CIMPLICITY

1. EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: GE Digital ​Equipment: CIMPLICITY ​Vulnerability: Process Control 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3...

7.8CVSS8AI score0.00183EPSS
Exploits0References8
ICS
ICS
added 2023/08/08 6:0 a.m.41 views

Hitachi Energy RTU500 series

1. EXECUTIVE SUMMARY ​CVSS v3 7.5 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Hitachi Energy ​Equipment: RTU500 series ​Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could cause a buffer overflow and reboot of...

7.5CVSS8.4AI score0.00596EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/08/04 12:0 a.m.7 views

The vulnerability of the Portmapper service in B&R Automation Runtime software for process control and management systems, related to initialization errors, allows a malicious actor to trigger a service failure.

The vulnerability of the Portmapper service in B&R Automation Runtime software for process control and management involves initialization errors. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending SYN requests...

9CVSS6.2AI score0.00454EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.9 views

The vulnerability of the application software interface for process control and automation system monitoring software from Rockwell Automation’s Enhanced HIM allows a attacker to perform a CSRF attack.

The vulnerability of the application software interface for process control and automation system monitoring software from Rockwell Automation, Enhanced HIM, is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack...

10CVSS7.4AI score0.00399EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/07/13 8:15 p.m.2 views

CVE-2023-30562

A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs...

6.7CVSS5.8AI score0.00164EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/07/04 12:0 a.m.6 views

The vulnerabilities of Siemens SIMATIC PCS 7, SIMATIC S7-PM, and SIMATIC STEP 7 operating systems allow attackers to gain increased privileges.

The vulnerability of Siemens SIMATIC PCS 7, SIMATIC S7-PM, and SIMATIC STEP 7 process control systems is related to incorrect code generation. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

9CVSS6.9AI score0.01EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/06/13 9:15 a.m.4 views

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions V5.7 SP1 HF1, SIMATIC S7-PM All versions V5.7 SP2 HF1, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low...

8.8CVSS6AI score0.01EPSS
Exploits0References2
Citrix
Citrix
added 2023/06/13 12:0 a.m.8 views

WEM Memory usage limit doesn't work as expected on Windows 2022 Server

When the WEM agent runs on Windows Server 2022, the memory usage limit applied to specific processes might not work as expected...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/05/13 2:9 a.m.3 views

SUSE CVE-2014-3576

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service shutdown via a shutdown command...

7.5CVSS8.5AI score0.12794EPSS
Exploits0References3
OSV
OSV
added 2023/04/21 3:15 p.m.9 views

AZL-26368 CVE-2023-1998 affecting package kernel for versions less than 5.15.111.1-1

The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to...

5.6CVSS6.6AI score0.01377EPSS
Exploits3References1
ICS
ICS
added 2023/03/06 7:52 p.m.42 views

Hitachi Energy Gateway Station

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Vulnerabilities: NULL Pointer Dereference, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause affected modules to...

7.5CVSS9AI score0.02183EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.4 views

SUSE CVE-2011-0753

Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service memory corruption via a large number of concurrent signals...

4.3CVSS7.4AI score0.008EPSS
Exploits0References4
Rows per page
Query Builder