Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2019/06/20 12:0 a.m.100 views

PHOENIX CONTACT Automation Worx Software Suite

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerabilities: Access of Uninitialized Pointer, Out-of-bounds Read, Use After Free 2. RISK EVALUATION Successful exploitation of these...

8.8CVSS9.4AI score0.0377EPSS
Exploits0References5
ICS
ICS
added 2019/01/08 12:0 a.m.101 views

ICSA-19-038-02 Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : EN100 Ethernet module Vulnerabilities : Improper Input Validation 2. RISK EVALUATION The EN100 Ethernet module for the SWT 3000 management platform is affected by security...

7.8CVSS8.1AI score0.02389EPSS
Exploits0References9
ICS
ICS
added 2018/09/18 12:0 p.m.100 views

Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability (Update B)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Logix5000 Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the previously updated advisory titled...

10CVSS10AI score0.10494EPSS
Exploits0References23
ICS
ICS
added 2018/05/22 12:0 a.m.100 views

BD Kiestra and InoquIA Systems (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable from adjacent network Vendor : Becton, Dickinson and Company BD Equipment : BD Kiestra and InoqulA systems Vulnerabilities : Product UI does not Warn User of Unsafe Actions 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

6.3CVSS6.6AI score0.00412EPSS
Exploits0References5
ICS
ICS
added 2024/04/02 6:0 a.m.99 views

IOSIX IO-1020 Micro ELD

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION : Exploitable from adjacent network/Low attack complexity Vendor : IOSiX Equipment : IO-1020 Micro ELD Vulnerabilities : Use of Default Credentials, Download of Code Without Integrity Check 2. RISK EVALUATION Successful exploitation of these...

7.4CVSS8.3AI score0.004EPSS
Exploits0References8
ICS
ICS
added 2023/05/11 6:0 a.m.99 views

Teltonika Remote Management System and RUT Model Routers

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Teltonika Equipment: Remote Management System and RUT model routers Vulnerabilities: Observable Response Discrepancy, Improper Authentication, Server-Side Request Forgery, Cross-site Scripting, Inclusio...

9.8CVSS9.5AI score0.0148EPSS
Exploits0References10
ICS
ICS
added 2022/05/12 12:0 a.m.99 views

Cambium Networks cnMaestro

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Cambium Networks Equipment: cnMaestro Vulnerabilities: OS Command Injection, SQL Injection, Path Traversal, Use of Potentially Dangerous Function 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS8.8AI score0.01756EPSS
Exploits0References5
ICS
ICS
added 2022/04/14 12:0 a.m.99 views

Red Lion DA50N

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Red Lion Equipment: DA50N Vulnerabilities: Insufficient Verification of Data Authenticity, Weak Password Requirements, Use of Unmaintained Third-Party Components, Insufficiently Protected Credentials 2...

10CVSS7.5AI score0.01172EPSS
Exploits0References5
ICS
ICS
added 2022/03/08 12:0 a.m.99 views

Siemens RUGGEDCOM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

6.7CVSS6.5AI score0.00372EPSS
Exploits0References10
ICS
ICS
added 2022/03/01 12:0 p.m.99 views

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...

10CVSS9.9AI score0.99999EPSS
Exploits449References104
ICS
ICS
added 2021/11/09 12:0 a.m.99 views

Schneider Electric NMC cards and Embedded Devices

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Network Management Cards NMC and NMC Embedded Devices Vulnerabilities: Cross-site Scripting, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION...

6.1CVSS6.7AI score0.00768EPSS
Exploits0References4
ICS
ICS
added 2021/10/05 12:0 a.m.100 views

Emerson WirelessHART Gateway

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: WirelessHART Gateway Vulnerabilities: Missing Authentication for Critical Function, Improper Input Validation, Improper Limitation of a Pathname to a Restricted Directory,...

8.8CVSS8.7AI score0.01391EPSS
Exploits0References5
ICS
ICS
added 2021/08/19 12:0 a.m.99 views

ICSA-21-231-01_AVEVA SuiteLink Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Software, LLC Equipment: SuiteLink Server Vulnerabilities: Heap-based Buffer Overflow, Null Pointer Dereference, Improper Handling of Exceptional Conditions 2. RISK EVALUATION Successful...

9.8CVSS8.7AI score0.0093EPSS
Exploits0References2
ICS
ICS
added 2021/08/10 12:0 a.m.99 views

ICSA-21-222-08_Siemens Solid Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Improper Restriction of XML External Entity Reference, Use After Free, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

7.8CVSS7.8AI score0.01383EPSS
Exploits0References2
ICS
ICS
added 2020/04/14 12:0 a.m.99 views

Triangle MicroWorks DNP3 Outstation Libraries

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Triangle MicroWorks Equipment: DNP3 Outstation Libraries Vulnerability: Stacked-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could possibly allow remote...

9.8CVSS10AI score0.01349EPSS
Exploits0References5
ICS
ICS
added 2017/11/21 12:0 a.m.99 views

PHOENIX CONTACT WLAN Capable Devices using the WPA2 Protocol

CVSS v3 6.8 ATTENTION: Public exploits are available. Vendor: PHOENIX CONTACT Equipment: WLAN capable devices using the WPA2 Protocol Vulnerabilities: Reusing a Nonce AFFECTED PRODUCTS PHOENIX CONTACT reports that these vulnerabilities affect all versions of the following WLAN capable devices usi...

6.8CVSS8.1AI score0.02388EPSS
Exploits0References3
ICS
ICS
added 2016/07/09 6:0 a.m.99 views

Animas OneTouch Ping Insulin Pump Vulnerabilities

OVERVIEW Rapid7 has identified vulnerabilities in the cybersecurity of the Animas OneTouch Ping insulin pump system. Animas will not be releasing a patch or new version to mitigate these vulnerabilities. Animas has provided compensating controls to help reduce the risk associated with the...

9.8CVSS8.2AI score0.04519EPSS
Exploits0References10
ICS
ICS
added 2015/04/02 6:0 a.m.99 views

SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability

OVERVIEW This updated advisory is a follow-up to the advisory titled ICSA-15-181-02 SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability that was published September 3, 2015, on the NCCIC/ICS-CERT web site. Aleksandr Timorin of PT Security has identified a hard-coded account...

10CVSS6.9AI score0.03388EPSS
Exploits0References10
ICS
ICS
added 2022/07/26 12:0 a.m.98 views

Inductive Automation Ignition

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Inductive Automation Equipment: Ignition Vulnerability: Improper Restriction of XML External Entity Reference 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

9.8CVSS9.6AI score0.00855EPSS
Exploits0References5
ICS
ICS
added 2021/10/07 12:0 a.m.98 views

Mobile Industrial Robots Vehicles and MiR Fleet Software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Mobile Industrial Robots MiR Equipment: MiR100, MiR200, MiR250, MiR500, MiR1000, MiR Fleet Vulnerabilities: Improper Access Control, Integer Overflow or Wraparound, Exposur...

10CVSS8.7AI score0.02459EPSS
Exploits6References5
ICS
ICS
added 2021/10/05 12:0 a.m.98 views

Moxa MXview Network Management Software

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXview Network Management Software Vulnerabilities: Path Traversal, Use of Hard-coded Password, Unprotected Transport of Credentials, Injection, Improper Access Control 2. RISK...

10CVSS9.9AI score0.15789EPSS
Exploits0References5
ICS
ICS
added 2021/09/14 12:0 a.m.98 views

Siemens NX

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: NX Vulnerabilities: Use After Free, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to an access violation and to arbitrary code execution on the target...

7.8CVSS8.2AI score0.00852EPSS
Exploits0References11
ICS
ICS
added 2021/09/09 12:0 a.m.98 views

Delta Electronics DOPSoft 2 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft 2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Heap-based Buffer Overflow 2. UPDATED INFORMATION This updated advisory is a follow-up to the original advisory...

7.8CVSS8.6AI score0.77892EPSS
Exploits0References5
ICS
ICS
added 2020/09/01 6:0 a.m.98 views

Mitsubishi Electric Multiple Products (Update G)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : Multiple products Vulnerability : Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could be used...

9.8CVSS9.7AI score0.0227EPSS
Exploits0References10
ICS
ICS
added 2020/07/14 12:0 a.m.98 views

Siemens SICAM MMU, SICAM T, and SICAM SGU

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM MMU, SICAM T and SICAM SGU Vulnerabilities: Out-of-bounds Read, Missing Authentication for Critical Function, Missing Encryption of Sensitive Data, Use of Password Hash wit...

9.8CVSS9.5AI score0.01889EPSS
Exploits0References9
ICS
ICS
added 2020/05/26 12:0 a.m.98 views

Inductive Automation Ignition (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition Vulnerabilities: Missing Authentication for Critical Function, Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up...

7.5CVSS7.8AI score0.20208EPSS
Exploits4References5
ICS
ICS
added 2020/05/19 12:0 a.m.98 views

Rockwell Automation EDS Subsystem

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: Rockwell Automation Equipment: EDS Subsystem Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, SQL Injection 2. RISK EVALUATION Successful...

8.2CVSS7.4AI score0.02511EPSS
Exploits1References5
ICS
ICS
added 2019/05/14 12:0 a.m.98 views

ICSA-19-134-06 Siemens SINAMICS PERFECT HARMONY GH180 Fieldbus Network

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINAMICS PERFECT HARMONY GH180 Fieldbus Network Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

7.5CVSS7.8AI score0.0185EPSS
Exploits0References9
ICS
ICS
added 2019/04/16 12:0 a.m.98 views

WAGO Series 750-88x and 750-87x

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: Series 750-88x and 750-87x Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION This vulnerability allows a remote attacker to change the settings or alter the...

9.8CVSS10AI score0.02763EPSS
Exploits0References5
ICS
ICS
added 2019/01/22 12:0 a.m.98 views

Johnson Controls Facility Explorer

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: Facility Explorer Vulnerabilities: Path Traversal, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read, write, and delete...

9.8CVSS9.2AI score0.0622EPSS
Exploits0References5
ICS
ICS
added 2019/01/15 12:0 a.m.98 views

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerabilities: Improper Input Validation, Out-of-Bounds Read, Code Injection, Untrusted Pointer Dereference,...

9.8CVSS8.4AI score0.39487EPSS
Exploits0References6
ICS
ICS
added 2019/01/10 12:0 a.m.98 views

Emerson DeltaV

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: DeltaV Distributed Control System Workstations Vulnerability: Authentication Bypass 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to shut down a service,...

6.5CVSS7AI score0.00716EPSS
Exploits0References5
ICS
ICS
added 2018/06/12 12:0 a.m.98 views

Siemens SCALANCE X Switches (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE X switches Vulnerabilities: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-163-02 Siemens SCALANCE X Switches that was...

6.1CVSS6.1AI score0.00994EPSS
Exploits0References11
ICS
ICS
added 2018/02/27 12:0 a.m.98 views

Delta Electronics WPLSoft

CVSS v3 8.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Delta Electronics Equipment: WPLSoft Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Write. AFFECTED PRODUCTS The following versions of WPLSoft, a PLC programming software, are...

8.8CVSS9.6AI score0.02814EPSS
Exploits0References5
ICS
ICS
added 2017/09/19 12:0 a.m.98 views

PHOENIX CONTACT mGuard Device Manager

CVSS v3 9.0 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: PHOENIX CONTACT Equipment: mGuard Device Manager Vulnerabilities: Improper Access Control vulnerabilities for Oracle Java SE AFFECTED PRODUCTS The following versions of mGuard Device Manager, a device management...

9CVSS8.8AI score0.05034EPSS
Exploits0References3
ICS
ICS
added 2017/06/29 12:0 a.m.98 views

Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC Industrial PCs, SINUMERIK Panel Control Unit PCU, SIMOTION P320 Vulnerability: Permissions, Privileges, and Access Controls AFFECTED PRODUCTS Siemens reports that the vulnerability affects...

10CVSS0.9AI score0.92189EPSS
Exploits7References29
ICS
ICS
added 2011/09/11 6:0 a.m.98 views

Siemens FactoryLink Multiple ActiveX Vulnerabilities

Overview ICS-CERT originally released Advisory ICSA-11-343-01P on the US-CERT secure portal on December 09, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Taiwan’s Information and Communication Security Technology Cent...

9.3CVSS8AI score0.04764EPSS
Exploits0References10
ICS
ICS
added 2022/05/12 12:0 a.m.97 views

Mitsubishi Electric MELSOFT iQ AppPortal

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT iQ AppPortal Vulnerabilities: Missing Authorization, Out-of-bounds Write, NULL Pointer Dereference, Classic Buffer Overflow, HTTP Request Smuggling, Infinite Loop...

9.8CVSS10AI score0.97108EPSS
Exploits5References5
ICS
ICS
added 2021/12/21 12:0 a.m.97 views

Fresenius Kabi Agilia Connect Infusion System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fresenius Kabi Equipment: Agilia Connect Infusion System Vulnerabilities: Uncontrolled Resource Consumption, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently Protected Credentials,...

9.8CVSS8.7AI score0.0107EPSS
Exploits0References5
ICS
ICS
added 2020/06/09 12:0 a.m.97 views

Siemens SINUMERIK

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINUMERIK Vulnerabilities: Buffer Underflow, Heap-based Buffer Overflow, Improper Initialization, Out-of-bounds Read, Stack-based Buffer Overflow, Access of Memory Location After...

9.8CVSS10AI score0.05722EPSS
Exploits0References9
ICS
ICS
added 2019/10/01 12:0 a.m.97 views

Moxa EDR 810 Series

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDR 810 Vulnerabilities: Improper Input Validation, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution or...

7.2CVSS6.9AI score0.08747EPSS
Exploits5References5
ICS
ICS
added 2019/08/20 12:0 a.m.97 views

Zebra Industrial Printers

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low skill level to exploit Vendor: Zebra Equipment: Industrial Printers Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets...

7.5CVSS7.6AI score0.01703EPSS
Exploits0References5
ICS
ICS
added 2019/04/09 12:0 a.m.97 views

ICSA-19-099-02 Siemens Spectrum Power 4.7

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power 4.7 Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability in versions of Spectrum Power 4 using the user-specific...

9.8CVSS10AI score0.02285EPSS
Exploits0References9
ICS
ICS
added 2017/11/14 12:0 a.m.97 views

ABB TropOS (Update A)

CVSS v3 6.8 Vendor: ABB Equipment: TropOS Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-318-02 ABB TropOS that was published November 14, 2017, on the NCCIC/ICS-CERT website. AFFECTED PRODUCTS ABB reports that th...

8.1CVSS7.8AI score0.04575EPSS
Exploits1References3
ICS
ICS
added 2017/03/14 12:0 a.m.97 views

FATEK Automation PLC Ethernet Module

CVSS v3 7.3 ATTENTION: Remotely exploitable. Low skill level to exploit. Vendor: FATEK Automation Equipment: PLC Ethernet Module Vulnerability: Stack-based buffer overflow AFFECTED PRODUCTS The affected Ethercfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to...

9.8CVSS10AI score0.04414EPSS
Exploits0References3
ICS
ICS
added 2022/02/15 12:0 a.m.96 views

Schneider Electric IGSS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Integer Overflow or Wraparound, Path Traversal, Classic Buffer Overflow, Out-of-bounds Read, Improper...

9.8CVSS9.7AI score0.44559EPSS
Exploits0References4
ICS
ICS
added 2022/01/25 12:0 a.m.96 views

GE Gas Power ToolBoxST

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Gas Power Equipment: ToolBoxST Vulnerabilities: Improper Restriction of XML External Entity Reference, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result...

8.6CVSS8.8AI score0.03305EPSS
Exploits0References5
ICS
ICS
added 2021/08/10 12:0 a.m.96 views

Siemens SIMATIC CP (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Vulnerabilities: Out-of-Bounds Read, Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-222-07 Siemens SIMATIC...

9CVSS9.1AI score0.12045EPSS
Exploits1References11
ICS
ICS
added 2020/12/08 12:0 a.m.96 views

Siemens Products using TightVNC (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 5 --------- This advisory was previously released with a set of Siemens products considered to be affected. Following further investigation by the Siemens’ team, it was determined all products previously advised are not affected by any...

9.8CVSS9.4AI score0.19461EPSS
Exploits0References11
ICS
ICS
added 2020/07/07 12:0 a.m.96 views

Mitsubishi Electric GOT2000 Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: GOT2000 Series Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation, NULL Pointer Dereference, Improper Access...

10CVSS8.8AI score0.03489EPSS
Exploits1References5
Total number of security vulnerabilities4251