4251 matches found
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 Controllers, MicroLogix 1100 Controllers, and RSLogix 500 Software Vulnerabilities: Use of Hard-coded Cryptographic Key, Use of a Broken or Risky...
3S-Smart Software Solutions GmbH CODESYS V3 Web Server
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 web server Vulnerabilities: Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
ICSA-19-192-04 Siemens SIMATIC RF6XXR
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely/public exploits are available Vendor : Siemens Equipment : SIMATIC RF6XXR Vulnerabilities : Improper Input Validation, Cryptographic Issues 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow access to...
Omron CX-Programmer
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Programmer within CX-One Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the...
Trihedral Engineering Limited VTScada
CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: Trihedral Engineering Limited Equipment: VTScada Vulnerabilities: Improper Access Control, Uncontrolled Search Path Element AFFECTED PRODUCTS Trihedral Engineering Limited reports that the vulnerability affects the following versions of t...
Trane Tracer SC Sensitive Information Exposure Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified an information exposure vulnerability in Trane U.S. Inc.’s Tracer SC field panel. Trane U.S. Inc. has produced an update to mitigate this vulnerability. Maxim Rupp has tested the update to validate that it resolves the vulnerability. This...
Hospira Plum A+ and Symbiq Infusion Systems Vulnerabilities
OVERVIEW Independent researcher Billy Rios has identified vulnerabilities in Hospira’s Plum A+ Infusion System that are similar to vulnerabilities identified in Hospira’s LifeCare PCA Infusion System discussed in advisory, ICSA-15-125-01B Hospira LifeCare PCA Infusion System Vulnerabilities...
Inductive Automation Ignition Vulnerabilities
OVERVIEW Evgeny Druzhinin, Alexey Osipov, Ilya Karpov, and Gleb Gritsai of Positive Technologies have identified several vulnerabilities in Inductive Automation’s Ignition Software. Inductive Automation has produced a patch that mitigates these vulnerabilities. These vulnerabilities could be...
Delta Electronics CNCSoft-G2
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Heap-Based Buffer Overflow, Out-of-bounds Read, Use of Uninitialized Variable 2. RISK EVALUATION...
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
Actions to take today to mitigate Volt Typhoon activity: 1. Apply patches for internet-facing systems. Prioritize patching critical vulnerabilities in appliances known to be frequently exploited by Volt Typhoon. 2. Implement phishing-resistant MFA. 3. Ensure logging is turned on for application,...
Rockwell Automation LP30/40/50 and BM40 Operator Interface
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : LP30, LP40, LP50, and BM40 Operator Panels Vulnerability : Improper Validation of Consistency within Input, Out-of-bounds Write, Stack-based Buffer Overflow,...
Siemens SINEC NMS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Measuresoft ScadaPro Server and Client
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Measuresoft Equipment: ScadaPro Server and Client Vulnerabilities: Untrusted Pointer Dereference, Stack-based Buffer Overflow, Use After Free, Link Following. 2. RISK EVALUATION Successful exploitation of these...
Siemens TIA Administrator
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATICS PCS neo Admin Console, SINTEPLAN, TIA Portal Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...
Hitachi Energy APM Edge
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: Transformer Asset Performance Management APM Edge Vulnerability: Reliance on Uncontrolled Component 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory...
Siemens SIMATIC NET CP Modules
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SINEMA Server
1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Server Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain encoded...
Cognex In-Sight OPC Server
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Cognex Equipment: In-Sight OPC Server Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker access to system...
Horner Automation Cscape
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Out-of-bounds Write, Access of Uninitialized Pointer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution in...
Siemens SCALANCE FragAttacks
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE family devices Vulnerabilities: Improper Authentication, Injection, Improper Validation of Integrity Check, Improper Input Validation 2. RISK EVALUATION Successful...
Red Lion Crimson 3.1
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: Crimson 3.1 Vulnerabilities: NULL Pointer Dereference, Missing Authentication for Critical Function, Improper Resource Shutdown or Release 2. RISK EVALUATION Successful...
Siemens XHQ Operations Intelligence
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: XHQ Operations Intelligence Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Cross-site Scripting, Basic XSS, SQL Injection, Relative Path Traversal,...
Mitsubishi Electric MELSEC iQ-R, Q, and L Series (Update E)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, Q, and L Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...
3S CoDeSys (Update A)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: 3S-Smart Software Solutions Equipment: CoDeSys Vulnerabilities: Improper Access Control, Relative Path Traversal 2. UPDATE INFORMATION This updated advisory is a...
Rockwell Automation FactoryTalk Linx Software (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Linx Software Vulnerabilities: Improper Input Validation, Path Traversal, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful...
Honeywell NOTI-FIRE-NET Web Server (NWS-3)
1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: NOTI-FIRE-NET Web Server NWS-3 Vulnerabilities: Authentication Bypass by Capture-replay, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Honeywell equIP and Performance Series IP Cameras and Recorders
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Honeywell Equipment: equIP series and Performance series IP cameras and recorders Vulnerability: Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could result in...
Siemens SIMATIC, SINUMERIK, and PROFINET IO (Update D)
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Fuji Electric Monitouch V-SFT
CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Fuji Electric Equipment: Monitouch V-SFT Vulnerabilities: Stack-Based Buffer Overflow, Heap-Based Buffer Overflow, Improper Privilege Management AFFECTED PRODUCTS The following versions of Monitouch V-SFT, a screen...
SCADA Engine BACnet OPC Server Vulnerabilities
OVERVIEW Independent researcher Josep Pi Rodriguez has identified three vulnerabilities in the SCADA Engine BACnet OPC Server application. SCADA Engine has produced a new software version that mitigates these vulnerabilities. Josep Pi Rodriguez has tested the new software version to validate that...
Wonderware Intelligence Tableau Server Ruby on Rails Improper Input Validation (Update A)
Overview This updated advisory was orignally posted to the US-CERT secure Portal library on February 5, 2013, and is now being released to the ICS-CERT Web page. Mitigation details for multiple vulnerabilities that impact third-party software integrated into the Invensys Wonderware Intelligence...
Siemens Teamcenter Visualization and JT2Go
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Mitsubishi Electric Factory Automation Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : Multiple Factory Automation Products Vulnerabilities : Observable Timing Discrepancy, Double Free, Access of Resource Using Incompatible Type 'Type Confusion'...
ABB Pulsar Plus Controller
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: Pulsar Plus Controller Vulnerabilities: Use of Insufficiently Random Values, Cross-Site Request Forgery CSRF 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
ESXiArgs Ransomware Virtual Machine Recovery Guidance
Summary The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI are releasing this joint Cybersecurity Advisory CSA in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware...
Siemens SRCS VPN Feature in SIMATIC CP Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Motorola Solutions MDLC
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Motorola Solutions Equipment: MDLC Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Plaintext Storage of a Password CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found...
Schneider Electric GUIcon
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: GUIcon Vulnerabilities: Out-of-bounds Write, Use After Free, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to execute arbitrary...
Advantech WebAccess/NMS
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/NMS Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the exposure of resources or functionality and...
Rockwell Automation Allen-Bradley Stratix 5950
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley Stratix 5950 Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write a...
ICSA-20-021-01_Honeywell Maxpro VMS & NVR
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: MAXPRO VMS & NVR Vulnerabilities : Deserialization of Untrusted Data, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in...
ICSA-19-134-05 Siemens SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could...
PHOENIX CONTACT RAD-80211-XD
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Phoenix Contact Equipment: RAD-80211-XD Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute system level commands...
ICONICS GENESIS (32 & 64) Vulnerabilities
OVERVIEW This advisory is a follow-up to ICS-ALERT-11-080-02 ICONICS GENESIS 32 & 64 Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent security researcher has published 13 vulnerabilities with proof of concept PoC code for the ICONICS GENESIS32 and GENESIS64...
Siemens SPCanywhere App Vulnerabilities
OVERVIEW Karsten Sohr, Bernhard Berger, and Kai Hillmann from the TZI-Bremen, Kim Schlyter, Seyton Bradford, and Richard Warren from FortConsult, and Stefan Schuhmann have identified vulnerabilities in the Siemens SPCanywhere mobile application. Siemens has produced a new mobile application calle...
Geutebruck IP Cameras
CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Geutebrück Equipment: IP Cameras Vulnerabilities: Improper Authentication, SQL Injection, Cross-Site Request Forgery, Improper Access Control, Server-Side Request Forgery, Cross-site Scripting AFFECTED PRODUCTS...
ICSA-18-023-02 Siemens Industrial Products (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
Delta Electronics Delta Industrial Automation Screen Editor
CVSS v3 5.5 ATTENTION: Low skill level to exploit. Vendor: Delta Electronics, Incorporated Delta Electronics Equipment: Delta Industrial Automation Screen Editor Vulnerabilities: Stack-based Buffer Overflow, Use-after-Free, Out-of-bounds Write, Type Confusion AFFECTED PRODUCTS The following...
LOYTEC LVIS-3ME
CVSS v3 8.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: LOYTEC Equipment: LVIS-3ME Vulnerabilities: Relative Path Traversal, Insufficient Entropy, Cross-site Scripting, Insufficiently Protected Credentials AFFECTED PRODUCTS The following versions of LVIS-3ME, an HMI Touch...
BD Alaris 8015 PC Unit (Update B)
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: BD Alaris 8015 PC Unit Vulnerabilities: Insufficiently Protected Credentials, Security Features 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...