Lucene search
K
IcsMost viewed

4232 matches found

ICS
ICS
added 2021/06/29 12:0 a.m.83 views

Claroty Secure Remote Access Site

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Claroty Equipment: Secure Remote Access SRA Site Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability enables an attacker with local Linux...

5.5CVSS5.8AI score0.00216EPSS
Exploits0References4
ICS
ICS
added 2021/04/29 12:0 a.m.83 views

Texas Instruments SimpleLink

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Texas Instruments Equipment: SimpleLink Wi-Fi, MSP432, CC13XX, CC26XX, CC32XX, CC3100 Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow or Wraparound 2. RISK EVALUATION Successful...

9.8CVSS8.7AI score0.01752EPSS
Exploits0References5
ICS
ICS
added 2021/01/12 12:0 a.m.83 views

Siemens SCALANCE X Switches (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X200, X200IRT, X300 Vulnerabilities: Use of Hard-coded Cryptographic Key 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

5.9CVSS6.4AI score0.01176EPSS
Exploits0References11
ICS
ICS
added 2019/12/10 12:0 p.m.83 views

Siemens SIMATIC CP 343-1/CP 443-1 Modules and SIMATIC S7-300/S7-400 CPUs Vulnerabilities (Update B)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

8.8CVSS6.9AI score0.01852EPSS
Exploits0References34
ICS
ICS
added 2019/01/29 12:0 a.m.83 views

Stryker Medical Beds

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Public exploits are available Vendor: Stryker Equipment: Secure II MedSurg Bed, S3 MedSurg Bed, and InTouch ICU Bed Vulnerability: Reusing a Nonce 2. RISK EVALUATION Successful exploitation of this vulnerability could allow data traffic manipulation,...

8.1CVSS8AI score0.04575EPSS
Exploits1References5
ICS
ICS
added 2018/08/29 12:0 p.m.83 views

Siemens OpenSSL Vulnerabilities (Update G)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-198-03F Siemens OpenSSL Vulnerabilities that was published October 16, 2014, on the NCCIC/ICS-CERT web site. --------- Begin Update G Part 1 of 3 -------- Siemens has identified four vulnerabilities in its OpenSS...

7.4CVSS7.9AI score0.95326EPSS
Exploits9References24
ICS
ICS
added 2017/12/07 12:0 a.m.83 views

Rockwell Automation FactoryTalk Alarms and Events

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Rockwell Automation Equipment: FactoryTalk Alarms and Events Vulnerability: Improper Input Validation AFFECTED PRODUCTS The following versions of FactoryTalk Alarms and Events, a component of the Factory Talk Services...

7.5CVSS8.1AI score0.04217EPSS
Exploits0References3
ICS
ICS
added 2017/03/09 12:0 a.m.83 views

Schneider Electric ClearSCADA

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: ClearSCADA Vulnerability: Improper Input Validation AFFECTED PRODUCTS The following versions of ClearSCADA, server and communications driver processes, are affected: All supported version...

7.5CVSS7.7AI score0.01711EPSS
Exploits0References2
ICS
ICS
added 2017/03/02 12:0 a.m.83 views

Schneider Electric Conext ComBox

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Conext ComBox Vulnerability: Resource Exhaustion AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following Conext ComBox solar battery monitor: Conext...

7.8CVSS7.7AI score0.36943EPSS
Exploits4References3
ICS
ICS
added 2016/12/01 12:0 a.m.83 views

Siemens SICAM PAS Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-01 Siemens SICAM PAS Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Siemens has released an advisory to inform its users on how to mitigate vulnerabilities that affect...

9.8CVSS1AI score0.03255EPSS
Exploits0References21
ICS
ICS
added 2023/05/10 9:13 p.m.82 views

Hitachi Energy MSM

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Modular Switchgear Monitoring MSM Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Authentication Bypass by Capture-replay, Code Injection, Improper...

9.8CVSS9.6AI score0.08848EPSS
Exploits11References4
ICS
ICS
added 2023/04/11 12:0 a.m.82 views

Siemens Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS8.1AI score0.00954EPSS
Exploits0References10
ICS
ICS
added 2022/09/27 12:0 a.m.82 views

Rockwell Automation ThinManager ThinServer

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: ThinManager ThinServer Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the software crashing; a buffer overflow...

9.8CVSS9.6AI score0.21829EPSS
Exploits0References5
ICS
ICS
added 2022/07/28 12:0 a.m.82 views

Rockwell Products Impacted by Chromium Type Confusion

1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low attack complexity/public exploits are available Vendor: Rockwell Automation Equipment: FactoryTalk Software, Enhanced HIM for PowerFlex, Connected Components Workbench Vulnerability: Type Confusion 2. RISK EVALUATION Successful exploitation of this...

8.8CVSS8.7AI score0.24237EPSS
Exploits1References4
ICS
ICS
added 2021/08/26 12:0 a.m.82 views

Annke Network Video Recorder

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Annke Equipment: N48PBB NVR Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a stack-based buffer overflow, which could allow an...

10CVSS9.9AI score0.13305EPSS
Exploits0References5
ICS
ICS
added 2021/08/10 12:0 a.m.82 views

Siemens Industrial Products Intel CPUs (Update F)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC, SINUMERIK Vulnerabilities: Missing Encryption of Sensitive Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-222-05 Siemens Industrial Products...

7.8CVSS8.7AI score0.00347EPSS
Exploits0References12
ICS
ICS
added 2021/05/27 12:0 a.m.82 views

MesaLabs AmegaView

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mesa Labs Equipment: AmegaView Vulnerabilities: Command Injection, Improper Authentication, Authentication Bypass Using an Alternate Path or Channel, Improper Privilege Management 2. RISK EVALUATION...

10CVSS10AI score0.03081EPSS
Exploits0References5
ICS
ICS
added 2021/04/29 12:0 a.m.82 views

Johnson Controls Exacq Technologies exacqVision

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Vulnerability: Off-by-one Error 2. RISK EVALUATION A local attacker could exploit this vulnerability to obtain “Super User” access to the underlying Ubuntu Linux...

7.8CVSS8.1AI score0.99295EPSS
Exploits81References5
ICS
ICS
added 2021/03/09 12:0 a.m.82 views

Siemens LOGO! 8 BM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.5CVSS5.8AI score0.00266EPSS
Exploits0References10
ICS
ICS
added 2020/03/03 12:0 a.m.82 views

Emerson ValveLink

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: ValveLink Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

7.8CVSS8AI score0.00278EPSS
Exploits0References5
ICS
ICS
added 2019/08/27 12:0 a.m.82 views

Datalogic AV7000 Linear Barcode Scanner

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Datalogic Equipment: AV7000 Linear Barcode Scanner Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could...

8.8CVSS9.4AI score0.02365EPSS
Exploits0References5
ICS
ICS
added 2019/06/06 12:0 a.m.82 views

Panasonic Control FPWIN Pro

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Panasonic Equipment: Control FPWIN Pro Vulnerabilities: Heap-based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device and allow remote code...

7.8CVSS8.3AI score0.06853EPSS
Exploits0References5
ICS
ICS
added 2019/03/14 12:0 a.m.82 views

Gemalto Sentinel UltraPro

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Gemalto Equipment: Sentinel UltraPro Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow execution of unauthorized code or commands. 3...

7.8CVSS8AI score0.01532EPSS
Exploits0References5
ICS
ICS
added 2019/01/08 12:0 a.m.82 views

ICSA-19-043-06 Siemens CP1604 and CP1616 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : CP1604 and CP1616 Vulnerabilities : Cleartext Transmission of Sensitive Information, Cross-site Scripting, Cross-site Request Forgery 2. UPDATE INFORMATION This updated...

9.1CVSS8.3AI score0.01769EPSS
Exploits0References9
ICS
ICS
added 2018/12/18 12:0 a.m.82 views

3S-Smart Software Solutions GmbH CODESYS Control V3 Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : 3S-Smart Software Solutions GmbH Equipment : CODESYS Control V3 products Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

10CVSS9.9AI score0.01267EPSS
Exploits0References5
ICS
ICS
added 2018/05/22 12:0 a.m.82 views

BD Kiestra and InoquIA Systems (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable from adjacent network Vendor : Becton, Dickinson and Company BD Equipment : BD Kiestra and InoqulA systems Vulnerabilities : Product UI does not Warn User of Unsafe Actions 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

6.3CVSS6.6AI score0.00412EPSS
Exploits0References5
ICS
ICS
added 2018/03/06 12:0 a.m.82 views

Hirschmann Automation and Control GmbH Classic Platform Switches

CVSS v3 7.5 ATTENTION: Exploitable remotely/high skill level is needed to exploit. Vendor: Hirschmann Automation and Control GmbH, a division of Belden Inc. Equipment: Classic Platform Switches Vulnerabilities: Session Fixation, Information Exposure Through Query Strings in GET Request, Cleartext...

9.8CVSS7.6AI score0.02932EPSS
Exploits0References5
ICS
ICS
added 2017/10/26 12:0 a.m.82 views

Korenix JetNet

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Korenix Equipment: JetNet Vulnerabilities: Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials AFFECTED PRODUCTS The following versions of JetNet, an Ethernet switch, are affected: JetNet5018G version...

10CVSS10AI score0.01923EPSS
Exploits0References3
ICS
ICS
added 2017/05/09 12:0 a.m.82 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update A)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

7.1CVSS0.5AI score0.01149EPSS
Exploits0References54
ICS
ICS
added 2017/05/09 12:0 a.m.82 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update H)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

6.5CVSS6.3AI score0.00469EPSS
Exploits0References43
ICS
ICS
added 2017/05/09 12:0 a.m.82 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update B)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

6.5CVSS0.5AI score0.00469EPSS
Exploits0References35
ICS
ICS
added 2016/05/15 6:0 a.m.82 views

Rockwell Automation MicroLogix 1400 SNMP Credentials Vulnerability

OVERVIEW Cisco Talos, Cisco Systems, Inc.'s security intelligence and research group reported to Rockwell Automation that an undocumented and privileged Simple Network Management Protocol SNMP community string exists in MicroLogix 1400 programmable logic controllers PLC. Rockwell Automation has...

7.5CVSS7.5AI score0.29398EPSS
Exploits1References10
ICS
ICS
added 2016/01/14 7:0 a.m.82 views

Siemens Industrial Products glibc Library Vulnerability (Update C)

OVERVIEW This updated advisory is a follow-up to the advisory update titled ICSA-16-103-01B Siemens Industrial Products glibc Library Vulnerability that was published July 14, 2016, on the NCCIC/ICS-CERT web site. Siemens reports that a buffer overflow vulnerability in the glibc library could...

8.1CVSS8.9AI score0.89557EPSS
Exploits17References10
ICS
ICS
added 2015/01/03 7:0 a.m.82 views

Schneider Electric VAMPSET Software Buffer Overflow Vulnerability

OVERVIEW Schneider Electric has notified NCCIS/ICS-CERT of a buffer overflow vulnerability in the Schneider Electric VAMPSET software product. Ricardo Narvaja and Joaquín Rodríguez of Core Security reported this vulnerability directly to Schneider Electric. Schneider Electric has published a...

4.4CVSS7.4AI score0.00518EPSS
Exploits1References10
ICS
ICS
added 2022/12/15 12:0 a.m.81 views

Prosys OPC UA Simulation Server (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 --------- Begin Update A part 1 of 3 --------- ATTENTION: Low attack complexity Vendor: Prosys OPC Equipment: UA Simulation Server, UA Modbus Server --------- End Update A part 1 of 3 --------- Vulnerability: Insufficiently Protected Credentials 2. UPDATE...

7.5CVSS7.5AI score0.00404EPSS
Exploits0References4
ICS
ICS
added 2021/06/22 12:0 a.m.81 views

Advantech WebAccess HMI Designer (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Advantech Equipment: WebAccess HMI Designer --------- Begin Update A Part 1 of 6 --------- Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Write, Improper Restriction of Operation Within the Bounds of a Memory...

7.8CVSS7.7AI score0.01041EPSS
Exploits0References5
ICS
ICS
added 2021/06/17 12:0 a.m.81 views

Softing OPC-UA C++ SDK

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Softing Equipment: OPC-UA C++ SDK Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION A remote attacker may be able to crash the device, resulting...

7.5CVSS7.9AI score0.01629EPSS
Exploits0References5
ICS
ICS
added 2021/04/15 12:0 p.m.81 views

Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

Summary Updated April 15, 2021: The U.S. Government attributes this activity to the Russian Foreign Intelligence Service SVR. Additional information may be found in astatement from the White House. For more information on SolarWinds-related activity, go to...

9.5AI score
Exploits0References158
ICS
ICS
added 2020/11/19 12:0 a.m.81 views

Mitsubishi Electric MELSEC iQ-R Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R series Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-324-05...

7.8CVSS7.6AI score0.04731EPSS
Exploits0References4
ICS
ICS
added 2020/11/17 12:0 a.m.81 views

Schneider Electric Interactive Graphical SCADA System (IGSS)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Interactive Graphical SCADA System IGSS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION...

7.8CVSS8.5AI score0.02395EPSS
Exploits0References5
ICS
ICS
added 2020/02/20 12:0 a.m.81 views

ICSA-20-051-01_B&R Automation Studio and Automation Runtime

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Industrial Automation GmbH Equipment: Automation Studio and Automation Runtime Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a...

9.4CVSS9.4AI score0.0165EPSS
Exploits0References2
ICS
ICS
added 2020/01/14 12:0 a.m.81 views

Siemens SCALANCE X Switches (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Missing Authentication for Critical Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

8.6CVSS8.8AI score0.01389EPSS
Exploits0References11
ICS
ICS
added 2019/11/07 12:0 a.m.81 views

Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series CPU Modules

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC-Q Series and MELSEC-L Series CPU Modules Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may...

5.9CVSS6AI score0.01521EPSS
Exploits0References5
ICS
ICS
added 2019/10/31 12:0 a.m.81 views

Honeywell equIP Series IP Cameras

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: equIP series IP cameras Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in denial-of-service conditions...

7.5CVSS7.7AI score0.02066EPSS
Exploits0References4
ICS
ICS
added 2019/07/23 12:0 a.m.81 views

NREL EnergyPlus

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: National Renewable Energy Laboratory NREL Equipment: EnergyPlus Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...

5.5CVSS6.1AI score0.00337EPSS
Exploits0References5
ICS
ICS
added 2019/04/09 12:0 a.m.81 views

ICSA-19-099-02 Siemens Spectrum Power 4.7

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power 4.7 Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability in versions of Spectrum Power 4 using the user-specific...

9.8CVSS10AI score0.02285EPSS
Exploits0References9
ICS
ICS
added 2019/02/12 12:0 a.m.81 views

ICSA-19-043-02 Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Communication Module and SIPROTEC 5 Relays Vulnerability: Improper Input Validation 2. RISK EVALUATION The EN100 Ethernet communication module and SIPROTEC 5...

5.9CVSS6AI score0.01155EPSS
Exploits0References9
ICS
ICS
added 2019/01/31 12:0 a.m.81 views

IDenticard PremiSys (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/vulnerability details have been publicly disclosed Vendor: IDenticard Equipment: PremiSys Vulnerabilities: Use of Hard-coded Credentials, Use of Hard-coded Password, Inadequate Encryption Strength 2...

9CVSS8.4AI score0.0289EPSS
Exploits0References6
ICS
ICS
added 2018/11/27 12:0 a.m.81 views

Rockwell Automation FactoryTalk Services Platform

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Services Platform Vulnerability: Heap-based Buffer Overflow 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on...

7.8CVSS7.8AI score0.03866EPSS
Exploits0References5
ICS
ICS
added 2018/07/31 12:0 a.m.81 views

WECON LeviStudioU (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WECON Technology Co., Ltd Equipment: LeviStudioU --------- Begin Update A Part 1 of 3 --------- Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-Bounds Write,...

9.3CVSS9.7AI score0.01947EPSS
Exploits0References5
Total number of security vulnerabilities4232