Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2020/04/02 12:0 a.m.106 views

B&R Automation Studio

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Automation Equipment: Automation Studio Vulnerabilities: Improper Privilege Management, Missing Required Cryptographic Step, Path Traversal 2. RISK EVALUATION Successful exploitation of these...

7.5CVSS7.4AI score0.01246EPSS
Exploits0References5
ICS
ICS
added 2019/12/10 12:0 a.m.106 views

Siemens SIMATIC Products (Update C)

1. EXECUTIVE SUMMARY CVSS v3 3.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC CP 1626; HMI Panel incl. SIPLUS variants; NET PC software; STEP 7 TIA Portal; WinCC TIA Portal; WinCC OA; WinCC Runtime Pro and Advanced; TIM 1531 IRC incl. SIPLUS variant Vulnerability: Exposed...

5.9CVSS5.9AI score0.00978EPSS
Exploits0References11
ICS
ICS
added 2019/07/09 12:0 a.m.106 views

ICSA-19-192-02 Siemens SIMATIC WinCC and PCS7 (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS7 Vulnerability: Unrestricted Upload of File with Dangerous Type 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...

7.2CVSS7.3AI score0.01297EPSS
Exploits0References9
ICS
ICS
added 2019/01/29 7:0 a.m.106 views

Mitsubishi Electric MELSEC-Q Series PLCs

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC-Q series PLCs Vulnerability: Resource Exhaustion 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to send...

7.5CVSS7.7AI score0.04274EPSS
Exploits0References10
ICS
ICS
added 2019/01/24 12:0 a.m.106 views

PHOENIX CONTACT FL SWITCH

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PHOENIX CONTACT Equipment: FL SWITCH Vulnerabilities: Cross-site Request Forgery, Improper Restriction of Excessive Authentication Attempts, Cleartext Transmission of Sensitive Information, Resourc...

9.8CVSS8.1AI score0.02314EPSS
Exploits0References5
ICS
ICS
added 2018/01/04 12:0 a.m.106 views

Advantech WebAccess (Update A)

CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech Equipment: WebAccess Vulnerabilities: Untrusted Pointer Dereference, Stack-based Buffer Overflow, Path Traversal, SQL Injection, Improper Input Validation. UPDATE INFORMATION This updated advisory is a...

10CVSS9.8AI score0.50321EPSS
Exploits9References2
ICS
ICS
added 2022/02/10 12:0 a.m.105 views

Siemens Solid Edge, JT2Go, and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Rea...

7.8CVSS8.2AI score0.01798EPSS
Exploits0References47
ICS
ICS
added 2021/08/17 12:0 a.m.105 views

xArrow SCADA

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: xArrow Equipment: xArrow SCADA Vulnerabilities: Cross-site Scripting, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution...

7.8CVSS7.2AI score0.00752EPSS
Exploits0References6
ICS
ICS
added 2021/01/19 12:0 a.m.105 views

dnsmasq by Simon Kelley (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: dnsmasq by Simon Kelley Equipment: dnsmasq Vulnerabilities: Heap-based Buffer Overflow, Insufficient Verification of Data Authenticity, Use of a Broken or Risky Cryptographic Algorithm CISA is awar...

8.3CVSS8.5AI score0.86692EPSS
Exploits2References11
ICS
ICS
added 2019/11/12 12:0 a.m.105 views

Siemens Mentor Nucleus Networking Module

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Mentor Nucleus Networking Module Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to affect the integrity and...

7.1CVSS7.2AI score0.00715EPSS
Exploits0References10
ICS
ICS
added 2019/10/22 12:0 a.m.105 views

ICSA-19-295-01_Schneider Electric ProClima

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Proclima Vulnerabilities: Code Injection, Improper Restriction of Operations within the Bounds of a Memory Buffer, Uncontrolled Search Path Element 2. RISK EVALUATION...

10CVSS9.9AI score0.04953EPSS
Exploits0References2
ICS
ICS
added 2019/06/11 12:0 a.m.105 views

Siemens SCALANCE X (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Storing Passwords in a Recoverable Format 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-162-04 Siemens SCALANCE X...

5.5CVSS5.5AI score0.00301EPSS
Exploits0References9
ICS
ICS
added 2018/08/21 12:0 a.m.105 views

Philips IntelliVue Information Center iX (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Philips IntelliVue Information Center iX Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSMA-18-233-01 Philips...

5CVSS6.3AI score0.1463EPSS
Exploits2References5
ICS
ICS
added 2018/02/20 12:0 a.m.105 views

ABB netCADOPS Web Application

CVSS v3 5.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: ABB Equipment: netCADOPS Web Application Vulnerability: Information Exposure AFFECTED PRODUCTS The following versions of netCADOPS Web Application, a web interface, are affected: netCADOPS Web Application Version 3.4...

5.8CVSS5.9AI score0.01257EPSS
Exploits0References5
ICS
ICS
added 2021/07/13 12:0 a.m.104 views

Siemens VxWorks-based Industrial Products (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Siemens Equipment : Wind River VxWorks-based Industrial Products Vulnerability : Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

9.8CVSS10AI score0.02373EPSS
Exploits0References5
ICS
ICS
added 2021/01/12 12:0 a.m.104 views

Siemens SCALANCE X Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X Products Vulnerabilities: Missing Authentication for Critical Function, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

9.8CVSS9.3AI score0.01652EPSS
Exploits0References11
ICS
ICS
added 2020/12/08 12:0 a.m.104 views

GE Healthcare Imaging and Ultrasound Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Healthcare Equipment: GE Imaging and Ultrasound Products Vulnerabilities: Unprotected Transport of Credentials, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK...

10AI score
Exploits0References4
ICS
ICS
added 2019/12/12 12:0 a.m.104 views

Advantech DiagAnywhere Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: DiagAnywhere Server Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL...

9.8CVSS10AI score0.02768EPSS
Exploits0References5
ICS
ICS
added 2019/11/07 12:0 a.m.104 views

Fuji Electric V-Server

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; several heap-based buffer overflows...

9.8CVSS10AI score0.13954EPSS
Exploits0References5
ICS
ICS
added 2019/07/11 12:0 a.m.104 views

Schneider Electric Floating License Manager

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Floating License Manager Vulnerabilities: Improper Input Validation, Memory Corruption 2. RISK EVALUATION These vulnerabilities could allow an attacker to deny the...

9.8CVSS8.7AI score0.03669EPSS
Exploits0References5
ICS
ICS
added 2019/01/17 12:0 a.m.105 views

Omron CX-Supervisor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Low skill level to exploit Vendor: Omron Equipment: CX-Supervisor --------- Begin Update A Part 1 of 3 -------- Vulnerabilities: Code Injection, Command Injection, Use After Free, Type Confusion, Access of Uninitialized Pointer, Out-of-bounds Read...

8.8CVSS7.8AI score0.02421EPSS
Exploits0References5
ICS
ICS
added 2018/11/27 12:0 a.m.104 views

AVEVA Vijeo Citect and Citect SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: AVEVA Software, LLC AVEVA Equipment: Vijeo Citect, Citect SCADA Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute...

9.3CVSS8.1AI score0.02794EPSS
Exploits0References5
ICS
ICS
added 2018/09/10 12:0 p.m.104 views

Network Time Protocol Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-353-01A Network Time Protocol Vulnerabilities that was published December 23, 2014, on the NCCIC/ICS-CERT web site. Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple...

7.5CVSS8.4AI score0.7809EPSS
Exploits4References21
ICS
ICS
added 2018/09/06 12:0 p.m.104 views

SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability

Overview This advisory is a follow-up to ICS-ALERT-10-260-01 SCADA Engine BACnet OPC Client Buffer Overflow, which was published on the ICS-CERT Web site on September 17, 2010. A buffer overflow vulnerability has been reportedSecunia Advisory SA41466, http://secunia.com/advisories/41466/, website...

8.2AI score
Exploits0References17
ICS
ICS
added 2024/08/01 6:0 a.m.103 views

Rockwell Automation Logix Controllers

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix, and 1756 ControlLogix I/O Modules Vulnerability : Unprotected Alternate Channel 2. RISK EVALUATION Successful exploitation of this...

7.3CVSS7AI score0.09197EPSS
Exploits0References10
ICS
ICS
added 2024/05/02 6:0 a.m.103 views

CyberPower PowerPanel Business

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: CyberPower Equipment: PowerPanel business Vulnerabilities: Use of Hard-coded Password, Relative Path Traversal, Use of Hard-coded Credentials, Active Debug Code, Storing Passwords in a...

9.8CVSS8.8AI score0.00713EPSS
Exploits0References10
ICS
ICS
added 2022/07/26 12:0 a.m.103 views

Honeywell Saia Burgess PG5 PCD

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable on adjacent network/low attack complexity Vendor: Honeywell Equipment: Saia Burgess PG5 PCD Vulnerabilities: Authentication Bypass, Use of a Broken or Risky Cryptographic Algorithm CISA is aware of a public report known as “OT:ICEFALL” that...

8.1CVSS6.9AI score0.00655EPSS
Exploits0References4
ICS
ICS
added 2021/08/20 12:0 p.m.103 views

Top Routinely Exploited Vulnerabilities

Summary This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Australian Cyber Security Centre ACSC, the United Kingdom’s National Cyber Security Centre NCSC, and the U.S. Federal Bureau of Investigation FBI. This advisory provides...

10CVSS9.8AI score0.99999EPSS
Exploits499References181
ICS
ICS
added 2018/01/30 12:0 a.m.103 views

Siemens TeleControl Server Basic

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: TeleControl Server Basic Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Permissions, Privileges, and Access Controls, Resource Exhaustion AFFECTED PRODUCTS The following...

8.8CVSS7.8AI score0.02664EPSS
Exploits0References5
ICS
ICS
added 2017/12/07 12:0 a.m.103 views

Xiongmai Technology IP Cameras and DVRs

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Xiongmai Technology Equipment: IP Cameras and DVRs Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS The following versions of Xiongmai Technology IP cameras and DVRs are affected: All IP Cameras and DVRs...

10CVSS10AI score0.09216EPSS
Exploits3References3
ICS
ICS
added 2017/02/23 12:0 a.m.103 views

VIPA Controls WinPLC7

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: VIPA Controls Equipment: WinPLC7 Vulnerability: Stack Buffer Overflow AFFECTED PRODUCTS The following versions of WinPLC7, a PLC programming software, are affected: WinPLC Versions 5.0.45.5921 and prior. IMPACT...

7.5CVSS8.1AI score0.17711EPSS
Exploits5References3
ICS
ICS
added 2023/10/05 12:0 p.m.102 views

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency NSA and Cybersecurity and Infrastructure Security Agency CISA are releasing this joint cybersecurity advisory CSA to highlight the most common cybersecurity...

10CVSS10AI score0.99999EPSS
Exploits402References250
ICS
ICS
added 2022/03/31 12:0 a.m.102 views

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

10CVSS8.7AI score0.05013EPSS
Exploits0References5
ICS
ICS
added 2022/02/16 12:0 p.m.102 views

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs. • Implement endpoint detection and response tools. From at least January 2020, through February 202...

9.8CVSS10AI score0.99999EPSS
Exploits56References164
ICS
ICS
added 2019/11/14 12:0 a.m.103 views

Omron CX-Supervisor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Omron Equipment: CX-Supervisor Vulnerability: Use of Obsolete Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-318-04 Omron CX-Supervisor...

8.8CVSS8.8AI score0.01735EPSS
Exploits0References5
ICS
ICS
added 2019/09/05 12:0 a.m.102 views

Red Lion Controls Crimson

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Controls Equipment: Crimson Windows configuration software Vulnerabilities: Use After Free, Improper Restriction of Operations within the Bounds of a Memory Buffer, Pointer Issues, Use of...

7.8CVSS7.8AI score0.0133EPSS
Exploits0References5
ICS
ICS
added 2019/05/14 12:0 a.m.102 views

Siemens SIMATIC WinCC and SIMATIC PCS 7

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS 7 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

9.8CVSS0.4AI score0.0264EPSS
Exploits0References25
ICS
ICS
added 2019/03/26 12:0 a.m.102 views

ENTTEC Lighting Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ENTTEC Equipment: Datagate MK2, Storm 24, Pixelator Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could reboot this...

7.8CVSS7.9AI score0.01516EPSS
Exploits0References25
ICS
ICS
added 2019/02/19 12:0 a.m.102 views

Intel Data Center Manager SDK

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor : Intel Equipment: Data Center Manager SDK Vulnerabilities: Improper Authentication, Protection Mechanism Failure, Permission Issues, Key Management Errors, Insufficient Control Flow Management 2...

8.8CVSS7.2AI score0.01275EPSS
Exploits0References6
ICS
ICS
added 2017/07/04 12:0 a.m.102 views

ICSA-17-187-03F Siemens SIPROTEC 4 and SIPROTEC Compact (Update F)

CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerabilities: Improper Input Validation, Missing Authorization, Improper Authentication UPDATE INFORMATION This updated advisory is a follow-up to the updated...

10CVSS8.5AI score0.74323EPSS
Exploits7References9
ICS
ICS
added 2016/02/18 12:0 a.m.102 views

AMX Multiple Products Credential Management Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-049-02 AMX Multiple Products Credential Management Vulnerabilities that was published February 18, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- ICS-CERT has become aware of...

10CVSS0.3AI score0.04674EPSS
Exploits2References21
ICS
ICS
added 2021/11/19 12:0 p.m.101 views

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implementmulti-factor authentication. • Usestrong, unique passwords.v...

10CVSS9.9AI score0.99999EPSS
Exploits39References71
ICS
ICS
added 2020/11/16 12:0 p.m.101 views

Saia Burgess Controls PCD Controller Hard-coded Password Vulnerability

OVERVIEW Independent researcher Artyom Kurbatov has identified a hard-coded password vulnerability in Saia Burgess Controls’s family of PCD controllers. Saia Burgess Controls has produced a new firmware version to mitigate this vulnerability. Artyom Kurbatov has tested the new firmware version to...

10CVSS9.5AI score0.02419EPSS
Exploits0References19
ICS
ICS
added 2020/04/07 12:0 a.m.101 views

HMS Networks eWON Flexy and Cosy

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely Vendor: HMS Networks Equipment: eWON Flexy and Cosy Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could initiate a password change. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

6.1CVSS6.5AI score0.00687EPSS
Exploits0References5
ICS
ICS
added 2018/04/10 12:0 a.m.101 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low skill level to exploit. Vendor : Omron Equipment : CX-One Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Type Confusion . 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code...

7.8CVSS8.4AI score0.00331EPSS
Exploits0References4
ICS
ICS
added 2017/08/31 12:0 a.m.101 views

OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OPW Fuel Management Systems Equipment: SiteSentinel Integra and SiteSentinel iSite Vulnerabilities: Missing Authentication for Critical Function, SQL Injection AFFECTED PRODUCTS OPW Fuel Management Systems OPW reports...

9.8CVSS10AI score0.02338EPSS
Exploits0References3
ICS
ICS
added 2020/10/20 12:0 p.m.100 views

Potential for China Cyber Response to Heightened U.S.–China Tensions

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note : on October 20, 2020, the National Security Agency NSA released a cybersecurity advisory providing...

10CVSS10AI score0.99999EPSS
Exploits608References160
ICS
ICS
added 2020/09/22 12:0 a.m.101 views

GE Reason S20 Ethernet Switch

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: General Electric Equipment: Reason S20 Ethernet Switch Vulnerabilities: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow unauthorized accounts...

6.1CVSS6.8AI score0.00706EPSS
Exploits0References5
ICS
ICS
added 2020/06/25 12:0 a.m.100 views

ENTTEC Lighting Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: ENTTEC Equipment: Datagate Mk2, Storm 24, Pixelator, E-Streamer Mk2 Vulnerabilities: Use of Hard-coded Cryptographic Key, Cross-site Scripting, Improper Access Control...

10CVSS8.5AI score0.02016EPSS
Exploits4References5
ICS
ICS
added 2020/05/14 12:0 a.m.100 views

Emerson WirelessHART Gateway

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: Emerson WirelessHART Gateways 1410, 1420 and 1552WU Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could disable the...

10CVSS9.8AI score0.01054EPSS
Exploits0References5
Total number of security vulnerabilities4251