Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2019/04/09 12:0 a.m.96 views

Siemens SCALANCE and SIMATIC libcurl (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE and SIMATIC Vulnerability: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-068-10 Siemens SCALANCE and...

7.5CVSS7.7AI score0.04286EPSS
Exploits1References9
ICS
ICS
added 2017/11/23 12:0 a.m.96 views

Siemens Industrial Products (Update S)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Remotely exploitable/low attack complexity Vendor : Siemens Equipment : Industrial Products Vulnerability : Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-17-339-01 Siemens...

8.7CVSS7.4AI score0.03315EPSS
Exploits0References12
ICS
ICS
added 2017/07/06 12:0 a.m.96 views

Schneider Electric Ampla MES

CVSS v3 6.7 ATTENTION: Low skill level to exploit. Vendor: Schneider Electric Equipment: Ampla MES Vulnerabilities: Cleartext Transmission of Sensitive Information, Inadequate Encryption Strength AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following Ampla...

4.1CVSS5.1AI score0.0024EPSS
Exploits0References3
ICS
ICS
added 2016/06/12 6:0 a.m.96 views

GE Bently Nevada 3500/22M Improper Authorization Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on September 8, 2016, and is being released to the NCCIC/ICS-CERT web site. GE has identified an improper authorization vulnerability in the GE Bently Nevada 3500/22M monitoring system. GE has produced a new firmwar...

10CVSS9.8AI score0.02305EPSS
Exploits0References10
ICS
ICS
added 2015/07/30 6:0 a.m.96 views

Infinite Automation Systems Mango Automation Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ISCA-15-300-02 Infinite Automation Systems Mango Automation Vulnerabilities that was published October 27, 2015, on the NCCIC/ICS-CERT web site. Steven Seeley of Source Incite and Gjoko Krstic of Zero Science Lab have...

6.8CVSS8.4AI score0.03257EPSS
Exploits9References10
ICS
ICS
added 2012/06/16 6:0 a.m.96 views

Siemens WinCC WebNavigator Multiple Vulnerabilities

Overview Siemens has reported multiple vulnerabilities in the Siemens WinCC WebNavigator application. These vulnerabilities were originally reported directly to Siemens by Positive Technologies. Siemens has produced an update that mitigates these vulnerabilities. These vulnerabilities could be...

7.5CVSS7.9AI score0.02638EPSS
Exploits0References10
ICS
ICS
added 2025/07/17 6:0 a.m.95 views

Panoramic Corporation Digital Imaging Software

RISK EVALUATION Successful exploitation of this vulnerability could allow a standard user to obtain NT Authority/SYSTEM privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.8CVSS6.3AI score0.00494EPSS
Exploits1References10
ICS
ICS
added 2024/02/13 12:0 a.m.95 views

Siemens SCALANCE SC-600 Family

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.4CVSS7.9AI score0.01352EPSS
Exploits0References12
ICS
ICS
added 2021/07/13 12:0 a.m.95 views

Schneider Electric C-Bus Toolkit

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: C-Bus Toolkit Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enable...

5.7CVSS6AI score0.12083EPSS
Exploits1References5
ICS
ICS
added 2021/06/10 12:0 a.m.95 views

AGG Software Web Server Plugin

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: AGG Software Equipment: Web Server Vulnerabilities: Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution and...

8.2CVSS7.6AI score0.00754EPSS
Exploits0References5
ICS
ICS
added 2021/05/11 12:0 a.m.95 views

Siemens SIMATIC UltraVNC HMI WinCC Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC HMIs/WinCC Products Vulnerabilities: Improper Initialization, Out-of-bounds Read, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Access of Memory Location After End...

9.8CVSS9.6AI score0.04843EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.95 views

Siemens Industrial PCs and CNC devices

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Industrial PCs and CNC devices Vulnerabilities: Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, Improper Privilege Management 2. UPDATE...

7.8CVSS7.2AI score0.0051EPSS
Exploits0References11
ICS
ICS
added 2021/04/15 12:0 a.m.95 views

EIPStackGroup OpENer Ethernet/IP

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : EIPStackGroup Equipment : OpENer EtherNet/IP Vulnerabilities : Incorrect Conversion Between Numeric Types, Out-of-bounds Read, Reachable Assertion 2. RISK EVALUATION Successful exploitation of these...

8.2CVSS8.3AI score0.01229EPSS
Exploits1References5
ICS
ICS
added 2020/02/25 12:0 a.m.95 views

Moxa PT-7528 and PT-7828 Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: PT-7528 Series and PT-7828 Series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

10CVSS9.7AI score0.0283EPSS
Exploits0References5
ICS
ICS
added 2019/08/29 12:0 a.m.95 views

Change Healthcare McKesson and Horizon Cardiology

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Change Healthcare Equipment: Change Healthcare Cardiology, Horizon Cardiology, McKesson Cardiology Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.8CVSS8AI score0.00328EPSS
Exploits0References5
ICS
ICS
added 2019/08/01 12:0 a.m.95 views

Fuji Electric FRENIC Loader

1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: FRENIC Loader Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

4.3CVSS4.1AI score0.00842EPSS
Exploits0References5
ICS
ICS
added 2018/04/17 12:0 p.m.95 views

Biosense Webster Carto 3 System Vulnerabilities

1. EXECUTIVE SUMMARY Biosense Webster Inc. BWI, a Johnson & Johnson company, has produced a software update that applies operating system patches and anti-virus signature updates to close known vulnerabilities in the operating system of the CARTO 3 System, a 3D cardiovascular mapping platform...

6.7AI score
Exploits0References19
ICS
ICS
added 2017/04/11 12:0 a.m.95 views

Schneider Electric Modicon Modbus Protocol

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Modicon Modbus Protocol Vulnerabilities: Authentication Bypass by Capture-Replay, Violation of Secure Design Principles AFFECTED PRODUCTS The following versions of Modicon Modbus protoco...

9.8CVSS7.3AI score0.05139EPSS
Exploits0References3
ICS
ICS
added 2016/05/17 12:0 a.m.95 views

Moxa EDR-G903 Secure Router Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-042-01 Moxa EDR‑G903 Secure Router Vulnerabilities that was published May 17, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Moxa’s EDR‑G903 secure...

7.8CVSS0.6AI score0.02221EPSS
Exploits0References20
ICS
ICS
added 2014/12/28 7:0 a.m.95 views

Schneider Electric Serial Modbus Driver Buffer Overflow (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-086-01A Schneider Electric Serial Modbus Driver Buffer Overflow that was published March 27, 2014, on the NCCIC/ICS-CERT web site. Carsten Eiram of Risk-Based Security has identified a stack-based buffer overflo...

9.3CVSS7.4AI score0.22293EPSS
Exploits10References10
ICS
ICS
added 2012/02/17 7:0 a.m.95 views

Advantech Studio ISSymbol ActiveX Buffer Overflow

Overview This advisory is a follow-up to the original alert titled ICS-ALERT-11-131-01 - Advantech Studio ISSymbol ActiveX Buffer Overflow Vulnerabilities that was published May 11, 2011, on the ICS-CERT web page. A remote attacker could exploit these vulnerabilities; publicly available exploit...

9.3CVSS8AI score0.32349EPSS
Exploits12References10
ICS
ICS
added 2023/09/12 12:0 a.m.94 views

Siemans QMS Automotive

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.1CVSS7.7AI score0.00561EPSS
Exploits0References12
ICS
ICS
added 2023/07/12 12:0 p.m.94 views

Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

SUMMARY In June 2023, a Federal Civilian Executive Branch FCEB agency identified suspicious activity in their Microsoft 365 M365 cloud environment. The agency reported the activity to Microsoft and the Cybersecurity and Infrastructure Security Agency CISA, and Microsoft determined that advanced...

9.2AI score
Exploits0References30
ICS
ICS
added 2022/08/09 12:0 a.m.94 views

Emerson ControlWave

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: ControlWave Vulnerabilities: Insufficient Verification of Data Authenticity CISA is aware of a public report, known as “OT:ICEFALL,” that details vulnerabilities found in multiple...

7.8CVSS8AI score0.00171EPSS
Exploits0References5
ICS
ICS
added 2022/03/08 12:0 a.m.94 views

Siemens SINEC NMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

8.8CVSS8.1AI score0.03435EPSS
Exploits0References12
ICS
ICS
added 2021/06/15 12:0 a.m.94 views

ThroughTek P2P SDK

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: ThroughTek Equipment: P2P SDK Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION ThroughTek supplies multiple original equipment manufacturers of IP cameras with P2P...

9.1CVSS8.7AI score0.00607EPSS
Exploits0References5
ICS
ICS
added 2020/02/11 12:0 a.m.94 views

Siemens SIMATIC S7 (Update B)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS6.6AI score0.01702EPSS
Exploits0References11
ICS
ICS
added 2020/01/16 12:0 a.m.94 views

Schneider Electric Modicon Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. UPDATE INFORMATION This updated...

7.5CVSS7.8AI score0.0163EPSS
Exploits0References5
ICS
ICS
added 2019/09/12 12:0 a.m.94 views

3S-Smart Software Solutions GmbH CODESYS Control V3 Online User Management

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Control V3 online user management Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation...

8.8CVSS8.7AI score0.0186EPSS
Exploits0References4
ICS
ICS
added 2018/07/11 12:0 a.m.94 views

ICSA-18-347-02 Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Communication Module and SIPROTEC 5 relays Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

7.8CVSS8.2AI score0.02389EPSS
Exploits0References9
ICS
ICS
added 2018/05/15 12:0 a.m.94 views

Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Remotely exploitable/low skill level to exploit Vendor : Advantech Equipment : WebAccess Vulnerabilities : SQL Injection, Improper Authorization, Path Traversal, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Untrusted Pointer Dereference,...

9.8CVSS10AI score0.05754EPSS
Exploits0References6
ICS
ICS
added 2018/02/06 12:0 a.m.94 views

GE Medical Devices Vulnerability

OVERVIEW This advisory was originally posted to the HSIN ICS-CERT library on February 6, 2018, and is being released to the NCCIC/ICS-CERT website. Independent researcher Scott Erven submitted information regarding the potential use of default or hard-coded credentials in multiple GE Healthcare...

10AI score
Exploits0References10
ICS
ICS
added 2017/08/29 12:0 a.m.94 views

Advantech WebAccess

CVSS v3 7.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech Equipment: WebAccess Vulnerabilities: SQL Injection, Out-of-Bounds Access, Multiple Buffer Overflows, Externally Controlled Format String, Improper Authentication, Incorrect Permission Assignment for Critica...

10CVSS9.4AI score0.04831EPSS
Exploits1References3
ICS
ICS
added 2017/07/27 12:0 a.m.94 views

PDQ Manufacturing, Inc. LaserWash, Laser Jet and ProTouch

CVSS v3 9.4 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available Vendor: PDQ Manufacturing, Inc. Equipment: LaserWash, Laser Jet and ProTouch Vulnerabilities: Improper Authentication, Missing Encryption of Sensitive Data AFFECTED PRODUCTS The following version...

9.8CVSS10AI score0.01186EPSS
Exploits0References3
ICS
ICS
added 2016/04/12 12:0 a.m.94 views

Siemens Industrial Products DROWN Vulnerability (Update C)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-103-03B Siemens Industrial Products DROWN Vulnerability that was published June 15, 2017, on the NCCIC/ICS-CERT web site. Siemens has found that a DROWNa Decrypting RSA with Obsolete and Weakened eNcryption attac...

5.9CVSS0.1AI score0.82112EPSS
Exploits2References30
ICS
ICS
added 2024/09/05 12:0 p.m.93 views

Russian Military Cyber Actors Target US and Global Critical Infrastructure

Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and National Security Agency NSA assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate GRU 161st Specialist Training Center Unit 29155 are responsible...

10CVSS9.3AI score0.99999EPSS
Exploits436References193
ICS
ICS
added 2023/12/18 12:0 p.m.93 views

#StopRansomware: Play Ransomware

Actions to take today to mitigate cyber threats from Play ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable multifactor authentication MFA for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. 3. Regularly...

9.8CVSS9AI score0.99999EPSS
Exploits38References103
ICS
ICS
added 2023/03/29 4:33 p.m.93 views

Delta Electronics InfraSuite Device Master

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Deserialization of Untrusted Data, Improper Access Control, Exposed Dangerous Method or Function, Path Traversal, Improper...

9.8CVSS9.9AI score0.5005EPSS
Exploits3References7
ICS
ICS
added 2021/08/20 12:0 p.m.93 views

Chinese State-Sponsored Cyber Operations: Observed TTPs

Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for referenced...

10CVSS10AI score0.99999EPSS
Exploits129References248
ICS
ICS
added 2021/06/10 12:0 a.m.93 views

Rockwell Automation FactoryTalk Services Platform

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Services Platform Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote, authenticated users to bypass...

8.8CVSS8.9AI score0.02339EPSS
Exploits0References5
ICS
ICS
added 2021/05/11 12:0 a.m.93 views

Siemens SINAMICS Medium Voltage Products Remote Access (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINAMICS Medium Voltage Products, Remote Access Vulnerabilities: Improper Restriction of Operations Within the Bounds of a Memory Buffer, Access of Memory Location After End of Buffer, Uncontrolled Resourc...

9.8CVSS9.5AI score0.04843EPSS
Exploits0References11
ICS
ICS
added 2020/09/29 12:0 a.m.93 views

ICSA-20-273-01_MB Connect line mbCONNECT24, mymbCONNECT24

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MB connect line Equipment: mymbCONNECT24, mbCONNECT24 Vulnerabilities: SQL Injection, Cross-site Request Forgery, Command Injection 2. RISK EVALUATION Successful exploitation of these...

6.5CVSS7.5AI score0.00845EPSS
Exploits0References2
ICS
ICS
added 2020/05/21 12:0 p.m.93 views

Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

Summary Note: As of January 24, 2020, Citrix has released all expected updates in response to CVE-2019-19781.1 On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller ADC and Citrix Gateway versions 11.1 and 12.0. On January 22, 2020, Citrix released...

9.8CVSS9.9AI score0.99999EPSS
Exploits48References60
ICS
ICS
added 2020/05/07 12:0 a.m.93 views

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerabilities: Improper Validation of Array Index, Relative Path Traversal, SQL Injection, Stack-based Buffer Overflow, Heap-based Buffer Overflow,...

9.8CVSS10AI score0.09076EPSS
Exploits0References5
ICS
ICS
added 2020/03/31 12:0 a.m.93 views

Hirschmann Automation and Control HiOS and HiSecOS Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hirschmann Automation and Control GmbH, a division of Belden Inc. Equipment: HiOS, HiSecOS Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability...

9.8CVSS10AI score0.01606EPSS
Exploits0References5
ICS
ICS
added 2019/10/08 12:0 a.m.93 views

SMA Solar Technology AG Sunny WebBox

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to generate a...

8.8CVSS8.9AI score0.0223EPSS
Exploits4References5
ICS
ICS
added 2019/09/12 12:0 a.m.93 views

Philips IntelliVue WLAN

1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Philips Equipment: IntelliVue M3002A X2 MMS Transport Monitor/Module and IntelliVue MP monitors MP2/X2, MP5, MP20-MP90, MX600, MX700 and MX800 Vulnerabilities: Use of Hard-coded Password, Download of Code Without Integrity Check 2. RISK EVALUATION...

7.2CVSS8AI score0.01358EPSS
Exploits0References5
ICS
ICS
added 2019/09/12 12:0 a.m.93 views

3S-Smart Software Solutions GmbH CODESYS V3 Products Containing a CODESYS Communication Server

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 products containing a CODESYS communication server Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this...

7.5CVSS7.7AI score0.01696EPSS
Exploits0References4
ICS
ICS
added 2019/09/12 12:0 a.m.93 views

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 Library Manager Vulnerability: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-255-02...

8.6CVSS8.5AI score0.00855EPSS
Exploits0References4
ICS
ICS
added 2019/08/01 12:0 a.m.93 views

Rockwell Automation Arena Simulation Software (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: Arena Simulation Software --------- Begin Update B Part 1 of 2 --------- Vulnerabilities: Use After Free, Information Exposure, Type Confusion, Insufficient UI Warning of Dangerous...

7.8CVSS7.2AI score0.12042EPSS
Exploits0References5
Total number of security vulnerabilities4251