Generative AI for Critical Infrastructure in Smart Grids: a Unified Framework for Synthetic Data Generation and Anomaly Detection

In digital substations, security events pose significant challenges to the sustained operation of power systems. To mitigate these challenges, the implementation of robust defense strategies is critically important. A thorough process of anomaly identification and detection in information and...

Siemens CPCI85 Central Processing和SICORE Base system 安全漏洞

The SICAM 8 power automation platform is a universal, integrated hardware and software-based solution for all applications in the power supply sector.The SICAM A8000 RTUs are modular devices for remote control and automation applications in all areas of energy supply.The SICAM EGS is the gateway ...

Siemens RUGGEDCOM ROS Device Web Server Denial of Service Vulnerability

RUGGEDCOM Ethernet switches are used for reliable operation in electrically harsh and climatically demanding environments such as power substations and traffic control cabinets. A denial of service vulnerability exists in the Siemens RUGGEDCOM ROS device web server, which can be exploited by an...

Siemens RUGGEDCOM 代码注入漏洞

RUGGEDCOM ROS-based devices, typically switches and serial-to-Ethernet devices, are used to connect devices operating in harsh environments, such as power substations and traffic control cabinets.A code injection vulnerability exists in Siemens RUGGEDCOM ROS, which could be exploited by an attack...

Siemens RUGGEDCOM Devices Information Disclosure Vulnerability

RUGGEDCOM ROS-based devices are typically switches and serial-to-Ethernet devices used to connect equipment that operates in harsh environments, such as electric utility substations and traffic control cabinets. An information disclosure vulnerability exists in Siemens RUGGEDCOM Devices, which ca...

Siemens RUGGEDCOM ROX Device Denial of Service Vulnerability

ROX-based VPN endpoints and firewall appliances are used to connect devices that operate in harsh environments, such as electric utility substations and transportation control cabinets. A denial of service vulnerability exists in the Siemens RUGGEDCOM ROX devices, which originates from a dump cra...

Siemens Ruggedcom Rox Mx5000 资源管理错误漏洞

ROX-based VPN endpoints and firewall appliances are used to connect devices that operate in harsh environments, such as electric utility substations and transportation control cabinets. A denial of service vulnerability exists in the Siemens RUGGEDCOM ROX devices, which originates from a dump cra...

The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 (HU250) automation systems in transformer substations stems from the lack of protection for operational data. This allows a malicious individual to compromise the closed keys used by the device.

The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 HU250 automation systems in transformer substations is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to compromise the closed keys...

The vulnerability of the microprogrammed software of the modular controller for the automation of transformer substations of Schneider Electric Easergy T300 (HU250) – related to uncontrolled resource consumption – allows a intruder to trigger a maintenance failure.

The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 HU250 for transformer substations automation involves an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the system due ...

The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 (HU250) automation systems for transformer substations lies in the improper limitation on the number of unsuccessful authentication attempts. This allows a perpetrator to gain full access.

The vulnerability of the microprogrammed control module software for automation of transformer substations in Schneider Electric Easergy T300 HU250 is related to an improper limitation on the number of unsuccessful authentication attempts. Exploiting this vulnerability can allow a malicious actor...

The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 (HU250) automation systems for transformer substations involves insecure management of privileges. This allows attackers to escalate their privileges and perform arbitrary file writing and deletion operations on the device.

The vulnerability of the microprogrammed control module software for Schneider Electric Easergy T300 HU250 automation systems for transformer substations is related to insecure privilege management. Exploiting this vulnerability allows an attacker to escalate their privileges and perform arbitrar...

The vulnerability of the microprogramming software of the modular controller for the automation of transformer substations of Schneider Electric Easergy T300 (HU250) is related to the use of a less secure encryption algorithm. This allows a hacker to obtain the password.

The vulnerability of the microprogramming software of the modular controller for the automation of transformer substations of Schneider Electric Easergy T300 HU250 is related to the use of a less secure encryption algorithm. Exploiting this vulnerability could allow an attacker operating remotely...

Denial of Service Vulnerability in DMP3391 Measurement and Control Device

The DMP3391 is a monitoring device adapted to the different requirements of substations and power plants of all voltage levels. A denial of service vulnerability exists in the DMP3391, which can be exploited by an attacker to cause a system crash...

ICSA-18-317-01 Siemens IEC 61850 System Configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC

1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability...

Siemens RUGGEDCOM ROX I Arbitrary File Read Vulnerability

Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. An arbitrary file read vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to read arbitrary files for...

Siemens Patches Password Reconstruction Vulnerability in SICAM PAS

The Industrial Control Systems Cyber Emergency Response Team ICS-CERT cautioned users who work in electrical substations to update certain builds of energy automation software this week. ICS-CERT claims two vulnerabilities exist in the Siemens SICAM Power Automation System, or PAS, that could...

GE MultiLink Series Hard-coded Credential Vulnerability

OVERVIEW GE has identified a hard-coded credential vulnerability in GE’s MultiLink series managed switches. GE has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following MultiLink products are affected: GE ML8...

Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities

OVERVIEW Siemens has reported to NCCIC/ICS-CERT that NTP daemon vulnerabilities exist in the Siemens RUGGEDCOM ROX-based devices. Siemens has produced firmware updates to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens...

Siemens RUGGEDCOM ROS IP forwarding Vulnerability(CVE-2 0 1 5-6 6 7 5)-vulnerability warning-the black bar safety net

Affected system: Siemens RuggedCom ROS 3.8.0-4.2.0 Description: CVECAN ID: CVE-2 0 1 5-6 6 7 5 Siemens RuggedCom ROS and ROX devices used in harsh environments for equipment connections, such as substations, traffic management, chassis, etc. RUGGEDCOM ROS 3.8.0-4.2.0 version of the IP forwarding...