4251 matches found
Invensys Wonderware InTouch 10 DLL Hijack
Overview ICS-CERT originally released Advisory ICSA-12-177-01P on the US-CERT Portal on July 05, 2012. This web page release was delayed to provide the vendor time to contact customers concerning this information. Independent researcher Carlos Mario Penagos Hollmann has identified an uncontrolled...
ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities
Overview This Advisory is a follow-up to the Alert, “ICS-ALERT-11-271-01 - ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities.” ICS-CERT is aware of publicly and privately disclosed reports of four vulnerabilities in ARC Informatique’s PcVue application. These vulnerabilities include:...
Rapid Software LLC Rapid SCADA
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely, low attack complexity Vendor: Rapid Software LLC Equipment: Rapid SCADA Vulnerabilities: Path Traversal, Relative Path Traversal, Local Privilege Escalation through Incorrect Permission Assignment for Critical Resource,...
#StopRansomware: Play Ransomware
Actions to take today to mitigate cyber threats from Play ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable multifactor authentication MFA for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. 3. Regularly...
Siemans QMS Automotive
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SCALANCE, RUGGEDCOM Third-Party
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
#StopRansomware: Hive Ransomware
Actions to Take Today to Mitigate Cyber Threats from Ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable and enforce multifactor authentication with strong passwords. 3. Close unused ports and remove any application not deemed necessary for day-to-day operations...
Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
Summary Multifactor Authentication MFA: A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization...
WIN-911 2021
1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION: Low attack complexity Vendor: WIN-911 Equipment: WIN-911 2021 Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the misconfigured privileges to the...
Philips Patient Information Center iX (PIC iX) and Efficia CM Series
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Philips Equipment: Patient Information Center iX PIC iX and Efficia CM Series Vulnerabilities: Improper Input Validation, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky...
Uffizio GPS Tracker
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Uffizio Equipment: GPS Tracker Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type, Open Redirect, Cross-site Scripting, Cross-site Request Forgery 2. RISK...
Hitachi ABB Power Grids AFS Series
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: AFS Series Vulnerability: Infinite Loop 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition on one of the ports in a HSR ring...
Hirschmann Automation and Control HiOS and HiSecOS Products
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hirschmann Automation and Control GmbH, a division of Belden Inc. Equipment: HiOS, HiSecOS Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability...
Schneider Electric Modicon Ethernet Serial RTU
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon BMXNOR0200H Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Improper Access Control 2. RISK EVALUATION Successful exploitation of these...
Philips IntelliVue WLAN
1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Philips Equipment: IntelliVue M3002A X2 MMS Transport Monitor/Module and IntelliVue MP monitors MP2/X2, MP5, MP20-MP90, MX600, MX700 and MX800 Vulnerabilities: Use of Hard-coded Password, Download of Code Without Integrity Check 2. RISK EVALUATION...
Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700
1. EXECUTIVE SUMMARY ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Stratix 5400/5410/5700, ArmorStratix 5700 Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
ABB CP400 Panel Builder TextEditor 2.0
1. EXECUTIVE SUMMARY CVSS v7.0 Vendor: ABB Equipment: CP400 Panel Builder TextEditor 2.0 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, and cause a denial-of-service condition within the...
JanTek JTC-200
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: JanTek Equipment: JTC-200 Vulnerabilities: Cross-site Request Forgery, Improper Authentication AFFECTED PRODUCTS The following versions of JTC-200, a TCP/IP converter, are affected:...
Hanwha Techwin SRN-4000
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Hanwha Techwin Equipment: SRN-4000 Vulnerability: Unauthenticated Access AFFECTED PRODUCTS The following versions of SRN-4000, a network video management platform, are affected: SRN-4000 firmware versions prior to...
Honeywell TEMA Remote Installer ActiveX Vulnerability
Overview Industrial Control Systems Cyber Emergency Response Team ICS-CERT received a report from independent security researchers Billy Rios and Terry McCorkle concerning a vulnerability affecting Honeywell Enterprise Buildings Integrator EBI software systems that have Temaline physical access...
Beckhoff TwinCAT Read Access Violation
Overview This Advisory is a follow-up to the Alert, ICS-ALERT-11-256-06—BECKHOFF TWINCAT READ ACCESS VIOLATION, that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team ICS-CERT web page. ICS-CERT is aware of a public report of a read access violation...
Electrolink FM/DAB/TV Transmitter
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Electrolink Equipment : FM/DAB/TV Transmitter Vulnerabilities : Authentication Bypass by Assumed-Immutable Data, Reliance on Cookies without Validation and...
Siemens Solid Edge
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Zavio IP Camera
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Zavio Equipment : IP Camera Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer, OS Command Injection 2. RISK EVALUATION Successful exploitation of these...
Siemens JT2GO and Teamcenter Visualization
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2GO, Teamcenter Visualization Vulnerabilities: Infinite Loop, Null Pointer Dereference, Integer Overflow to Buffer Overflow, Double Free, Access of Uninitialized Pointer 2. RISK EVALUATION Successful...
Hitachi ABB Power Grids Ellipse EAM
1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: Ellipse EAM Vulnerabilities: Cross-site Scripting, User Interface Misrepresentation of Critical Information 2. RISK EVALUATION Successful exploitation of these...
Schneider Electric Web Server on Modicon M340
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Classic Buffer Overflow 2. RISK...
Mitsubishi Electric MELSEC iQ-R Series (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...
3S-Smart Software Solutions GmbH CODESYS V3 Library Manager (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 Library Manager Vulnerability: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-255-02...
Philips Tasy EMR (Update A)
1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 7 --------- CVSS v3 4.3 ATTENTION: Low skill level to exploit --------- End Update A Part 1 of 7 --------- Vendor: Philips Equipment: Tasy EMR --------- Begin Update A Part 2 of 7 --------- Vulnerability: Cross-site Scripting, Information...
WAGO e!DISPLAY Web-Based-Management
1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/Low skill level to exploit/Public exploits are available Vendor: WAGO Equipment: e!DISPLAY Web-Based-Management WBM Vulnerabilities: Cross-site Scripting, Unrestricted Upload of File with Dangerous Type, and Incorrect Permissions fo...
Siemens SIMATIC Industrial PCs
CVSS v3 5.9 ATTENTION: Remotely exploitable Vendor: Siemens Equipment: SIMATIC Industrial PCs Vulnerability: Cryptographic Issues AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of SIMATIC Industrial PCs using a version of Infineon’s Trusted Platform Module...
Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622
CVSS v3 7.2 ATTENTION: Remotely exploitable/Low skill level to exploit. Vendor: Schweitzer Engineering Laboratories, Inc. SEL Equipment: SEL-3620, SEL-3622 Vulnerability: Improper Access Control AFFECTED PRODUCTS The following versions of SEL-3620 and SEL-3622, an Ethernet Security Gateway, are...
Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 Fault Generation Vulnerability
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-12-342-01A Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 controller that was published December 11, 2012, on the NCCIC/ICS-CERT web site. Independent researcher Matthew Luallen of CYBATI has identified a fau...
GE Intelligent Platforms Proficy HTML Help Vulnerabilities
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Intelligent Platforms Vulnerabilities: Stack-based Buffer Overflow, Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
Siemens Industrial Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens RUGGEDCOM APE1808
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SiPass integrated AC5102 / ACC-G2 and ACC-AP
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, MC Works64 Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read 2...
Rockwell Automation Logix Controllers (Update A)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers Vulnerability: Insufficiently Protected Credentials 2. UPDATE INFORMATION This updated advisory is a...
SAE IT-systems FW-50 Remote Telemetry Unit (RTU)
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SAE IT-systems Equipment: FW-50 Remote Telemetry Unit RTU Vulnerabilities: Cross-site Scripting, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...
Honeywell IP-AK2
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: IP-AK2 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to download...
Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 and CompactLogix 5370 Controllers Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...
Siemens SIMATIC Panels and WinCC (TIA Portal)
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC Runtime Advanced, WinCC Runtime Professional, WinCC TIA Portal; HMI Panels Vulnerabilities: Use of Hard-coded Credentials, Insufficient Protection of Credentials,...
ICSA-17-318-01_Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update F)
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low skill level to exploit/public exploits are available. Vendor : Siemens Equipment : SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products Vulnerabilities : Security Features 2. UPDATE INFORMATION This updated advisory is a...
Marel Food Processing Systems (Update B)
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Marel Equipment: Food Processing Systems Vulnerabilities: Hard-Coded Passwords, Unrestricted Upload, Improper Access Control UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled...
Delta Electronics DIAEnergie
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : Improper Authorization, SQL Injection, Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
SUMMARY The Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, and Multi-State Information Sharing and Analysis Center MS-ISAC are releasing this joint Cybersecurity Advisory CSA in response to the active exploitation of CVE-2023-22515. This recently...
Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Actions to take today to mitigate malicious cyber activity: 1. Patch all systems for known exploited vulnerabilities KEVs, including firewall security appliances. 2. Monitor for unauthorized use of remote access software using endpoint detection tools. 3. Remove unnecessary disabled accounts and...
Rockwell Automation MicroLogix 1100 and 1400
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100 and 1400 Vulnerabilities: Cross-site Scripting, Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of these...