Red Lion DA50N

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Red Lion Equipment: DA50N Vulnerabilities: Insufficient Verification of Data Authenticity, Weak Password Requirements, Use of Unmaintained Third-Party Components, Insufficiently Protected Credentials 2...

Siemens RUGGEDCOM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...

Moxa MXview Network Management Software

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXview Network Management Software Vulnerabilities: Path Traversal, Use of Hard-coded Password, Unprotected Transport of Credentials, Injection, Improper Access Control 2. RISK...

Potential for China Cyber Response to Heightened U.S.–China Tensions

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note : on October 20, 2020, the National Security Agency NSA released a cybersecurity advisory providing...

Mitsubishi Electric Multiple Products (Update G)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : Multiple products Vulnerability : Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could be used...

Siemens SICAM MMU, SICAM T, and SICAM SGU

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM MMU, SICAM T and SICAM SGU Vulnerabilities: Out-of-bounds Read, Missing Authentication for Critical Function, Missing Encryption of Sensitive Data, Use of Password Hash wit...

ENTTEC Lighting Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: ENTTEC Equipment: Datagate Mk2, Storm 24, Pixelator, E-Streamer Mk2 Vulnerabilities: Use of Hard-coded Cryptographic Key, Cross-site Scripting, Improper Access Control...

Rockwell Automation EDS Subsystem

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: Rockwell Automation Equipment: EDS Subsystem Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, SQL Injection 2. RISK EVALUATION Successful...

Moxa EDR 810 Series

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDR 810 Vulnerabilities: Improper Input Validation, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution or...

Zebra Industrial Printers

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low skill level to exploit Vendor: Zebra Equipment: Industrial Printers Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets...

Johnson Controls Facility Explorer

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: Facility Explorer Vulnerabilities: Path Traversal, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read, write, and delete...

ABB TropOS (Update A)

CVSS v3 6.8 Vendor: ABB Equipment: TropOS Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-318-02 ABB TropOS that was published November 14, 2017, on the NCCIC/ICS-CERT website. AFFECTED PRODUCTS ABB reports that th...

Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC Industrial PCs, SINUMERIK Panel Control Unit PCU, SIMOTION P320 Vulnerability: Permissions, Privileges, and Access Controls AFFECTED PRODUCTS Siemens reports that the vulnerability affects...

VIPA Controls WinPLC7

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: VIPA Controls Equipment: WinPLC7 Vulnerability: Stack Buffer Overflow AFFECTED PRODUCTS The following versions of WinPLC7, a PLC programming software, are affected: WinPLC Versions 5.0.45.5921 and prior. IMPACT...

Animas OneTouch Ping Insulin Pump Vulnerabilities

OVERVIEW Rapid7 has identified vulnerabilities in the cybersecurity of the Animas OneTouch Ping insulin pump system. Animas will not be releasing a patch or new version to mitigate these vulnerabilities. Animas has provided compensating controls to help reduce the risk associated with the...

Schneider Electric IGSS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Integer Overflow or Wraparound, Path Traversal, Classic Buffer Overflow, Out-of-bounds Read, Improper...

Mobile Industrial Robots Vehicles and MiR Fleet Software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Mobile Industrial Robots MiR Equipment: MiR100, MiR200, MiR250, MiR500, MiR1000, MiR Fleet Vulnerabilities: Improper Access Control, Integer Overflow or Wraparound, Exposur...

ICSA-21-231-01_AVEVA SuiteLink Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Software, LLC Equipment: SuiteLink Server Vulnerabilities: Heap-based Buffer Overflow, Null Pointer Dereference, Improper Handling of Exceptional Conditions 2. RISK EVALUATION Successful...

Mitsubishi Electric GOT2000 Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: GOT2000 Series Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation, NULL Pointer Dereference, Improper Access...

Siemens SINUMERIK

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINUMERIK Vulnerabilities: Buffer Underflow, Heap-based Buffer Overflow, Improper Initialization, Out-of-bounds Read, Stack-based Buffer Overflow, Access of Memory Location After...

Inductive Automation Ignition (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition Vulnerabilities: Missing Authentication for Critical Function, Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up...

ICSA-19-134-06 Siemens SINAMICS PERFECT HARMONY GH180 Fieldbus Network

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINAMICS PERFECT HARMONY GH180 Fieldbus Network Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerabilities: Improper Input Validation, Out-of-Bounds Read, Code Injection, Untrusted Pointer Dereference,...

Siemens Industrial Products (Update S)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Remotely exploitable/low attack complexity Vendor : Siemens Equipment : Industrial Products Vulnerability : Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-17-339-01 Siemens...

PHOENIX CONTACT mGuard Device Manager

CVSS v3 9.0 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: PHOENIX CONTACT Equipment: mGuard Device Manager Vulnerabilities: Improper Access Control vulnerabilities for Oracle Java SE AFFECTED PRODUCTS The following versions of mGuard Device Manager, a device management...

FATEK Automation PLC Ethernet Module

CVSS v3 7.3 ATTENTION: Remotely exploitable. Low skill level to exploit. Vendor: FATEK Automation Equipment: PLC Ethernet Module Vulnerability: Stack-based buffer overflow AFFECTED PRODUCTS The affected Ethercfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to...

Siemens SCALANCE SC-600 Family

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Inductive Automation Ignition

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Inductive Automation Equipment: Ignition Vulnerability: Improper Restriction of XML External Entity Reference 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

Fresenius Kabi Agilia Connect Infusion System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fresenius Kabi Equipment: Agilia Connect Infusion System Vulnerabilities: Uncontrolled Resource Consumption, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently Protected Credentials,...

Fuji Electric FRENIC Loader

1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: FRENIC Loader Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

Emerson DeltaV

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: DeltaV Distributed Control System Workstations Vulnerability: Authentication Bypass 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to shut down a service,...

Biosense Webster Carto 3 System Vulnerabilities

1. EXECUTIVE SUMMARY Biosense Webster Inc. BWI, a Johnson & Johnson company, has produced a software update that applies operating system patches and anti-virus signature updates to close known vulnerabilities in the operating system of the CARTO 3 System, a 3D cardiovascular mapping platform...

Moxa EDR-G903 Secure Router Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-042-01 Moxa EDR‑G903 Secure Router Vulnerabilities that was published May 17, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Moxa’s EDR‑G903 secure...

SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability

OVERVIEW This updated advisory is a follow-up to the advisory titled ICSA-15-181-02 SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability that was published September 3, 2015, on the NCCIC/ICS-CERT web site. Aleksandr Timorin of PT Security has identified a hard-coded account...

Schneider Electric Serial Modbus Driver Buffer Overflow (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-086-01A Schneider Electric Serial Modbus Driver Buffer Overflow that was published March 27, 2014, on the NCCIC/ICS-CERT web site. Carsten Eiram of Risk-Based Security has identified a stack-based buffer overflo...

Siemens WinCC WebNavigator Multiple Vulnerabilities

Overview Siemens has reported multiple vulnerabilities in the Siemens WinCC WebNavigator application. These vulnerabilities were originally reported directly to Siemens by Positive Technologies. Siemens has produced an update that mitigates these vulnerabilities. These vulnerabilities could be...

Siemens FactoryLink Multiple ActiveX Vulnerabilities

Overview ICS-CERT originally released Advisory ICSA-11-343-01P on the US-CERT secure portal on December 09, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Taiwan’s Information and Communication Security Technology Cent...

Emerson ControlWave

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: ControlWave Vulnerabilities: Insufficient Verification of Data Authenticity CISA is aware of a public report, known as “OT:ICEFALL,” that details vulnerabilities found in multiple...

Siemens SINEC NMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

GE Gas Power ToolBoxST

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Gas Power Equipment: ToolBoxST Vulnerabilities: Improper Restriction of XML External Entity Reference, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result...

AGG Software Web Server Plugin

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: AGG Software Equipment: Web Server Vulnerabilities: Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution and...

Siemens Industrial PCs and CNC devices

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Industrial PCs and CNC devices Vulnerabilities: Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, Improper Privilege Management 2. UPDATE...

Siemens SIMATIC UltraVNC HMI WinCC Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC HMIs/WinCC Products Vulnerabilities: Improper Initialization, Out-of-bounds Read, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Access of Memory Location After End...

Triangle MicroWorks DNP3 Outstation Libraries

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Triangle MicroWorks Equipment: DNP3 Outstation Libraries Vulnerability: Stacked-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could possibly allow remote...

Moxa PT-7528 and PT-7828 Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: PT-7528 Series and PT-7828 Series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

Siemens SIMATIC S7 (Update B)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

ICSA-18-347-02 Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Communication Module and SIPROTEC 5 relays Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Remotely exploitable/low skill level to exploit Vendor : Advantech Equipment : WebAccess Vulnerabilities : SQL Injection, Improper Authorization, Path Traversal, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Untrusted Pointer Dereference,...

GE Medical Devices Vulnerability

OVERVIEW This advisory was originally posted to the HSIN ICS-CERT library on February 6, 2018, and is being released to the NCCIC/ICS-CERT website. Independent researcher Scott Erven submitted information regarding the potential use of default or hard-coded credentials in multiple GE Healthcare...