Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2012/03/29 6:0 a.m.93 views

Invensys Wonderware InTouch 10 DLL Hijack

Overview ICS-CERT originally released Advisory ICSA-12-177-01P on the US-CERT Portal on July 05, 2012. This web page release was delayed to provide the vendor time to contact customers concerning this information. Independent researcher Carlos Mario Penagos Hollmann has identified an uncontrolled...

6.9CVSS6.8AI score0.00447EPSS
Exploits0References10
ICS
ICS
added 2011/09/08 6:0 a.m.93 views

ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities

Overview This Advisory is a follow-up to the Alert, “ICS-ALERT-11-271-01 - ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities.” ICS-CERT is aware of publicly and privately disclosed reports of four vulnerabilities in ARC Informatique’s PcVue application. These vulnerabilities include:...

9.3CVSS8.3AI score0.07439EPSS
Exploits1References10
ICS
ICS
added 2024/01/11 7:0 a.m.92 views

Rapid Software LLC Rapid SCADA

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely, low attack complexity Vendor: Rapid Software LLC Equipment: Rapid SCADA Vulnerabilities: Path Traversal, Relative Path Traversal, Local Privilege Escalation through Incorrect Permission Assignment for Critical Resource,...

9.8CVSS7.8AI score0.01233EPSS
Exploits0References10
ICS
ICS
added 2023/12/18 12:0 p.m.92 views

#StopRansomware: Play Ransomware

Actions to take today to mitigate cyber threats from Play ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable multifactor authentication MFA for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. 3. Regularly...

9.8CVSS9AI score0.99999EPSS
Exploits38References103
ICS
ICS
added 2023/09/12 12:0 a.m.92 views

Siemans QMS Automotive

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.1CVSS7.7AI score0.00561EPSS
Exploits0References12
ICS
ICS
added 2023/03/14 12:0 a.m.92 views

Siemens SCALANCE, RUGGEDCOM Third-Party

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS9.7AI score0.94921EPSS
Exploits153References11
ICS
ICS
added 2022/11/25 12:0 p.m.92 views

#StopRansomware: Hive Ransomware

Actions to Take Today to Mitigate Cyber Threats from Ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable and enforce multifactor authentication with strong passwords. 3. Close unused ports and remove any application not deemed necessary for day-to-day operations...

10CVSS8.7AI score0.99999EPSS
Exploits27References54
ICS
ICS
added 2022/05/02 12:0 p.m.92 views

Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Summary Multifactor Authentication MFA: A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization...

9CVSS10AI score0.99759EPSS
Exploits41References56
ICS
ICS
added 2022/02/22 12:0 a.m.92 views

WIN-911 2021

1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION: Low attack complexity Vendor: WIN-911 Equipment: WIN-911 2021 Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the misconfigured privileges to the...

7.8CVSS7.6AI score0.00208EPSS
Exploits0References5
ICS
ICS
added 2021/11/18 12:0 a.m.92 views

Philips Patient Information Center iX (PIC iX) and Efficia CM Series

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Philips Equipment: Patient Information Center iX PIC iX and Efficia CM Series Vulnerabilities: Improper Input Validation, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky...

6.5CVSS7AI score0.00366EPSS
Exploits0References5
ICS
ICS
added 2021/10/14 12:0 a.m.92 views

Uffizio GPS Tracker

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Uffizio Equipment: GPS Tracker Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type, Open Redirect, Cross-site Scripting, Cross-site Request Forgery 2. RISK...

9.8CVSS7.4AI score0.01837EPSS
Exploits0References5
ICS
ICS
added 2021/03/16 12:0 a.m.92 views

Hitachi ABB Power Grids AFS Series

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: AFS Series Vulnerability: Infinite Loop 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition on one of the ports in a HSR ring...

6.5CVSS6.7AI score0.00566EPSS
Exploits0References5
ICS
ICS
added 2020/03/31 12:0 a.m.92 views

Hirschmann Automation and Control HiOS and HiSecOS Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hirschmann Automation and Control GmbH, a division of Belden Inc. Equipment: HiOS, HiSecOS Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability...

9.8CVSS10AI score0.01606EPSS
Exploits0References5
ICS
ICS
added 2020/02/13 12:0 a.m.92 views

Schneider Electric Modicon Ethernet Serial RTU

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon BMXNOR0200H Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Improper Access Control 2. RISK EVALUATION Successful exploitation of these...

8.8CVSS9AI score0.02084EPSS
Exploits0References5
ICS
ICS
added 2019/09/12 12:0 a.m.92 views

Philips IntelliVue WLAN

1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Philips Equipment: IntelliVue M3002A X2 MMS Transport Monitor/Module and IntelliVue MP monitors MP2/X2, MP5, MP20-MP90, MX600, MX700 and MX800 Vulnerabilities: Use of Hard-coded Password, Download of Code Without Integrity Check 2. RISK EVALUATION...

7.2CVSS8AI score0.01358EPSS
Exploits0References5
ICS
ICS
added 2019/04/04 12:0 a.m.92 views

Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700

1. EXECUTIVE SUMMARY ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Stratix 5400/5410/5700, ArmorStratix 5700 Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

8.6CVSS8.7AI score0.01587EPSS
Exploits0References5
ICS
ICS
added 2019/01/17 12:0 a.m.92 views

ABB CP400 Panel Builder TextEditor 2.0

1. EXECUTIVE SUMMARY CVSS v7.0 Vendor: ABB Equipment: CP400 Panel Builder TextEditor 2.0 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, and cause a denial-of-service condition within the...

7.8CVSS8.1AI score0.01567EPSS
Exploits0References6
ICS
ICS
added 2017/10/10 12:0 a.m.92 views

JanTek JTC-200

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: JanTek Equipment: JTC-200 Vulnerabilities: Cross-site Request Forgery, Improper Authentication AFFECTED PRODUCTS The following versions of JTC-200, a TCP/IP converter, are affected:...

10CVSS9.6AI score0.02392EPSS
Exploits2References3
ICS
ICS
added 2017/05/16 12:0 a.m.92 views

Hanwha Techwin SRN-4000

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Hanwha Techwin Equipment: SRN-4000 Vulnerability: Unauthenticated Access AFFECTED PRODUCTS The following versions of SRN-4000, a network video management platform, are affected: SRN-4000 firmware versions prior to...

9.8CVSS10AI score0.04774EPSS
Exploits0References3
ICS
ICS
added 2013/04/30 12:0 p.m.92 views

Honeywell TEMA Remote Installer ActiveX Vulnerability

Overview Industrial Control Systems Cyber Emergency Response Team ICS-CERT received a report from independent security researchers Billy Rios and Terry McCorkle concerning a vulnerability affecting Honeywell Enterprise Buildings Integrator EBI software systems that have Temaline physical access...

8.2AI score
Exploits0References17
ICS
ICS
added 2011/07/09 6:0 a.m.92 views

Beckhoff TwinCAT Read Access Violation

Overview This Advisory is a follow-up to the Alert, ICS-ALERT-11-256-06—BECKHOFF TWINCAT READ ACCESS VIOLATION, that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team ICS-CERT web page. ICS-CERT is aware of a public report of a read access violation...

5CVSS6AI score0.50556EPSS
Exploits3References10
ICS
ICS
added 2024/04/16 6:0 a.m.91 views

Electrolink FM/DAB/TV Transmitter

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Electrolink Equipment : FM/DAB/TV Transmitter Vulnerabilities : Authentication Bypass by Assumed-Immutable Data, Reliance on Cookies without Validation and...

8.8CVSS8.6AI score0.0143EPSS
Exploits8References8
ICS
ICS
added 2024/01/09 12:0 a.m.91 views

Siemens Solid Edge

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS8.2AI score0.00205EPSS
Exploits0References12
ICS
ICS
added 2023/10/31 6:0 a.m.91 views

Zavio IP Camera

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Zavio Equipment : IP Camera Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer, OS Command Injection 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS10AI score0.40396EPSS
Exploits0References8
ICS
ICS
added 2022/05/10 12:0 a.m.91 views

Siemens JT2GO and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2GO, Teamcenter Visualization Vulnerabilities: Infinite Loop, Null Pointer Dereference, Integer Overflow to Buffer Overflow, Double Free, Access of Uninitialized Pointer 2. RISK EVALUATION Successful...

7.8CVSS7.1AI score0.00742EPSS
Exploits0References11
ICS
ICS
added 2021/03/02 12:0 a.m.91 views

Hitachi ABB Power Grids Ellipse EAM

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: Ellipse EAM Vulnerabilities: Cross-site Scripting, User Interface Misrepresentation of Critical Information 2. RISK EVALUATION Successful exploitation of these...

6.1CVSS6.2AI score0.00612EPSS
Exploits0References5
ICS
ICS
added 2021/01/05 12:0 a.m.91 views

Schneider Electric Web Server on Modicon M340

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Classic Buffer Overflow 2. RISK...

8.8CVSS9.5AI score0.01087EPSS
Exploits0References5
ICS
ICS
added 2020/11/19 7:0 a.m.91 views

Mitsubishi Electric MELSEC iQ-R Series (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

7.8CVSS7.6AI score0.02117EPSS
Exploits0References10
ICS
ICS
added 2019/09/12 12:0 a.m.91 views

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 Library Manager Vulnerability: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-255-02...

8.6CVSS8.5AI score0.00855EPSS
Exploits0References4
ICS
ICS
added 2019/04/30 12:0 a.m.91 views

Philips Tasy EMR (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 7 --------- CVSS v3 4.3 ATTENTION: Low skill level to exploit --------- End Update A Part 1 of 7 --------- Vendor: Philips Equipment: Tasy EMR --------- Begin Update A Part 2 of 7 --------- Vulnerability: Cross-site Scripting, Information...

5.4CVSS6.2AI score0.00683EPSS
Exploits0References5
ICS
ICS
added 2018/07/17 12:0 a.m.92 views

WAGO e!DISPLAY Web-Based-Management

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/Low skill level to exploit/Public exploits are available Vendor: WAGO Equipment: e!DISPLAY Web-Based-Management WBM Vulnerabilities: Cross-site Scripting, Unrestricted Upload of File with Dangerous Type, and Incorrect Permissions fo...

8.8CVSS7.5AI score0.3014EPSS
Exploits8References5
ICS
ICS
added 2018/02/27 12:0 a.m.91 views

Siemens SIMATIC Industrial PCs

CVSS v3 5.9 ATTENTION: Remotely exploitable Vendor: Siemens Equipment: SIMATIC Industrial PCs Vulnerability: Cryptographic Issues AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of SIMATIC Industrial PCs using a version of Infineon’s Trusted Platform Module...

5.9CVSS6.5AI score0.09825EPSS
Exploits0References36
ICS
ICS
added 2017/07/11 12:0 a.m.91 views

Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622

CVSS v3 7.2 ATTENTION: Remotely exploitable/Low skill level to exploit. Vendor: Schweitzer Engineering Laboratories, Inc. SEL Equipment: SEL-3620, SEL-3622 Vulnerability: Improper Access Control AFFECTED PRODUCTS The following versions of SEL-3620 and SEL-3622, an Ethernet Security Gateway, are...

10CVSS9.4AI score0.02273EPSS
Exploits0References3
ICS
ICS
added 2012/09/10 6:0 a.m.91 views

Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 Fault Generation Vulnerability

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-12-342-01A Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 controller that was published December 11, 2012, on the NCCIC/ICS-CERT web site. Independent researcher Matthew Luallen of CYBATI has identified a fau...

7.1CVSS6.6AI score0.0405EPSS
Exploits0References10
ICS
ICS
added 2012/02/11 7:0 a.m.92 views

GE Intelligent Platforms Proficy HTML Help Vulnerabilities

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Intelligent Platforms Vulnerabilities: Stack-based Buffer Overflow, Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

9.3CVSS7.8AI score0.39711EPSS
Exploits11References10
ICS
ICS
added 2024/05/14 12:0 a.m.90 views

Siemens Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.2CVSS7AI score0.0026EPSS
Exploits0References10
ICS
ICS
added 2024/03/12 12:0 a.m.90 views

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS9.3AI score0.99999EPSS
Exploits45References10
ICS
ICS
added 2023/02/14 12:0 a.m.90 views

Siemens SiPass integrated AC5102 / ACC-G2 and ACC-AP

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS8.1AI score0.00229EPSS
Exploits0References11
ICS
ICS
added 2022/07/26 6:0 a.m.90 views

ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, MC Works64 Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read 2...

9.8CVSS8.7AI score0.4548EPSS
Exploits0References8
ICS
ICS
added 2021/02/25 12:0 a.m.90 views

Rockwell Automation Logix Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers Vulnerability: Insufficiently Protected Credentials 2. UPDATE INFORMATION This updated advisory is a...

9.8CVSS8.6AI score0.25455EPSS
Exploits1References5
ICS
ICS
added 2020/05/05 12:0 a.m.90 views

SAE IT-systems FW-50 Remote Telemetry Unit (RTU)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SAE IT-systems Equipment: FW-50 Remote Telemetry Unit RTU Vulnerabilities: Cross-site Scripting, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...

9.1CVSS7.8AI score0.01406EPSS
Exploits0References8
ICS
ICS
added 2019/10/24 12:0 a.m.90 views

Honeywell IP-AK2

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: IP-AK2 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to download...

5.3CVSS5.5AI score0.0125EPSS
Exploits0References4
ICS
ICS
added 2019/04/23 12:0 a.m.90 views

Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 and CompactLogix 5370 Controllers Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...

6.1CVSS6.7AI score0.03043EPSS
Exploits0References5
ICS
ICS
added 2019/04/09 12:0 a.m.90 views

Siemens SIMATIC Panels and WinCC (TIA Portal)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC Runtime Advanced, WinCC Runtime Professional, WinCC TIA Portal; HMI Panels Vulnerabilities: Use of Hard-coded Credentials, Insufficient Protection of Credentials,...

9.1CVSS7.6AI score0.02721EPSS
Exploits0References11
ICS
ICS
added 2017/11/14 12:0 a.m.90 views

ICSA-17-318-01_Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update F)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low skill level to exploit/public exploits are available. Vendor : Siemens Equipment : SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products Vulnerabilities : Security Features 2. UPDATE INFORMATION This updated advisory is a...

8.1CVSS8AI score0.04575EPSS
Exploits1References2
ICS
ICS
added 2017/04/04 12:0 a.m.90 views

Marel Food Processing Systems (Update B)

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Marel Equipment: Food Processing Systems Vulnerabilities: Hard-Coded Passwords, Unrestricted Upload, Improper Access Control UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled...

9.8CVSS10AI score0.01848EPSS
Exploits0References2
ICS
ICS
added 2024/03/14 6:0 a.m.89 views

Delta Electronics DIAEnergie

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : Improper Authorization, SQL Injection, Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

9.8CVSS7.9AI score0.0879EPSS
Exploits0References10
ICS
ICS
added 2023/10/16 12:0 p.m.89 views

Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks

SUMMARY The Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, and Multi-State Information Sharing and Analysis Center MS-ISAC are releasing this joint Cybersecurity Advisory CSA in response to the active exploitation of CVE-2023-22515. This recently...

10CVSS9.8AI score0.99156EPSS
Exploits39References48
ICS
ICS
added 2023/09/07 12:0 p.m.89 views

Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

Actions to take today to mitigate malicious cyber activity: 1. Patch all systems for known exploited vulnerabilities KEVs, including firewall security appliances. 2. Monitor for unauthorized use of remote access software using endpoint detection tools. 3. Remove unnecessary disabled accounts and...

10CVSS10AI score0.99999EPSS
Exploits378References152
ICS
ICS
added 2022/12/20 12:0 a.m.89 views

Rockwell Automation MicroLogix 1100 and 1400

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100 and 1400 Vulnerabilities: Cross-site Scripting, Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of these...

7.5CVSS7.6AI score0.00678EPSS
Exploits0References4
Total number of security vulnerabilities4251