131 matches found
CVE-2026-8479
IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode BCI is...
CVE-2026-45037
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating system's protocol handler without validating the protocol scheme. This allows a malicious SSH or Telnet server to send crafted termina...
EUVD-2026-32928
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...
EUVD-2026-31814
IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode BCI is...
CVE-2026-32648
Affected products: Anviz CX2 Lite and CX7. The CVE-2026-32648 vulnerability allows unauthenticated access that discloses debug configuration details (e.g., SSH/RTTY status), aiding reconnaissance against the device. The available sources (NVD/NVD-based entries and ENISA EUVD) confirm the issue bu...
CVE-2026-32648 Anviz Products Missing Authorization
Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details e.g., SSH/RTTY status, assisting attackers in reconnaissance against the device...
Siemens SICAM 8 product suffers from an out-of-bounds write vulnerability
The SICAM A8000 RTU Remote Terminal Unit is a modular device for remote control and automation applications in all areas of energy supply.SICAM EGS Enhanced Grid Sensors is a gateway for local substations in the distribution network.The SICAM S8000 offers RTU functionality, PLCs, and communicatio...
CVE-2026-27663
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.10, RTUM85 RTU Base All versions V26.10. The affected application contains denial-of-service DoS vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjecte...
EUVD-2026-16179
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.10, RTUM85 RTU Base All versions V26.10. The affected application contains denial-of-service DoS vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjecte...
CVE-2026-27663
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.10, RTUM85 RTU Base All versions V26.10. The affected application contains denial-of-service DoS vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjecte...
CVE-2026-27663
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.10, RTUM85 RTU Base All versions V26.10. The affected application contains denial-of-service DoS vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjecte...
CVE-2026-27663
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.10, RTUM85 RTU Base All versions V26.10. The affected application contains denial-of-service DoS vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjecte...
CVE-2026-27663
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.10, RTUM85 RTU Base All versions V26.10. The affected application contains denial-of-service DoS vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjecte...
CVE-2026-1772
CVE-2026-1772 concerns the RTU500 web interface, where an unprivileged user can read user management information. The vulnerability does not require UI access and can be exploited via browser developer tools, with no user interaction and network-based access. The CVSS 4.0 vector indicates: AV:N/A...
Hitachi Energy RTU500 安全漏洞
Hitachi Energy RTU500 is a series of industrial control components developed by Hitachi, Ltd. There is a security vulnerability in Hitachi Energy RTU500, where non-privileged users can access user management information, potentially leading to data leakage...
Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps
The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...
Socomec DIRIS Digiware M-70 Denial of Service Vulnerability (CNVD-2025-30458)
The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A denial of service vulnerability exists in the Socomec DIRIS Digiware M-70 that stems from the...
CVE-2025-54848
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...
CVE-2025-55222
CVE-2025-55222 affects Socomec DIRIS Digiware M-70 gateway (firmware 1.6.9). A DoS can be triggered by unauthenticated crafted Modbus TCP or Modbus RTU over TCP messages (USB Function), on port 503, causing device unresponsiveness. TALOS details confirm the vulnerability exists in Modbus TCP/RTU ...
Socomec DIRIS Digiware M-70 安全漏洞
The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A denial of service vulnerability exists in the Socomec DIRIS Digiware M-70, which stems from a...