Güralp Systems FMUS Series and MIN Series Devices (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

Network Thermostat X-Series WiFi Thermostats

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

Medtronic MyCareLink Patient Monitor (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to system compromise, unauthorized access to sensitive data, and manipulation of the monitor's functionality. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

DuraComm DP-10iN-100-MU

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

Schneider Electric EcoStruxure Power Operation (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in the loss of system functionality or unauthorized access to system functions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA...

KUNBUS RevPi Webstatus

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to bypass authentication and gain unauthorized access to the application. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

Emerson ValveLink Products

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with access to the system to read sensitive information stored in cleartext, tamper with parameters, and run un-authorized code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

Hitachi Energy MicroSCADA X SYS600

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to tamper with the system file, overwrite files, create a denial-of-service condition, or leak file content. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

TrendMakers Sight Bulb Pro

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to capture sensitive information and execute arbitrary shell commands on the target device as root if connected to the local network segment. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform...

Kaleris Navis N4 Terminal Operating System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely exploit the operating system, achieve remote code execution, or extract sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

MICROSENS NMP Web+

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain system access, overwrite files or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

ControlID iDSecure On-premises

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, retrieve information, leak arbitrary data, or perform SQL injections. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

LS Electric GMWin 4

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

Siemens SIMATIC S7-1500 CPU family

SUMMARY Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP incl. SIPLUS variant. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not...

CyberData 011209 SIP Emergency Intercom

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, cause a denial-of-service condition, or achieve code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

Instantel Micromate (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the device's configuration port and execute commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

Craft CMS stores user-provided content session files

RISK EVALUATION Craft CMS stores user-provided content in session files. A remote, unauthenticated attacker can introduce arbitrary content, including PHP code, into session files with known names and locations. If an attacker can access these files, possibly through another vulnerability such...

Lantronix Device Installer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to the host machine running the Device Installer software. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability such...

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update F)

RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering on the target workstation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

ECOVACS DEEBOT Vacuum and Base Station (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to send malicious updates to the devices or execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...