NUUO CMS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: NUUO Equipment: CMS Vulnerabilities: Use of Insufficiently Random Values, Use of Obsolete Function, Incorrect Permission Assignment for Critical Resource, Use of Hard-coded Credentials 2. RISK...

Tec4Data SmartCooler

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Tec4Data Equipment: SmartCooler Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device to shut down by...

Siemens SCALANCE X Switches

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

GE Proficy HMI/SCADA iFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-336-05A GE Proficy HMI/SCADA IFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability that was published January 24, 2017, on the NCCIC/ICS-CERT web site. GE has reported an insufficiently protecte...

ABB Relion 650 Series OpenSSL Vulnerability (Update A)

OVERVIEW --------- Begin Update A Part 1 of 2-------- This updated advisory is a follow-up to the original advisory titled ICSA-14-126-01 ABB Relion 650 Series OpenSSL Vulnerability, that was published May 06, 2014, on the NCCIC/ICS-CERT web site. ABB has identified an OpenSSL vulnerability in it...

Fuji Electric V-Server Lite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to view sensitive...

PTC Kepware KEPServerEX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PTC Equipment: Kepware KEPServerEX Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Siemens SIMATIC Panels

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Panels Vulnerabilities: Path Traversal, Open Redirect 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow download of arbitrary files from the...

ICSA-20-212-02_Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products Vulnerability: Permission Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...

Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-064-02 Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths that was published March 5, 2015, on the NCCIC/ICS‑CERT web site. Ivan Sanchez from...

Wibu-Systems CodeMeter (Update F)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Wibu-Systems AG Equipment: CodeMeter Vulnerabilities: Buffer Access with Incorrect Length Value, Inadequate Encryption Strength, Origin Validation Error, Improper Input Validation, Improper Verificatio...

Siemens S7-400 CPUs (Update B)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens JT2Go and Teamcenter Visualization (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization --------- Begin Update B Part 1 of 2 --------- Vulnerabilities: Type Confusion, Improper Restriction of XML External Entity Reference, Out-of-Bounds Write,...

Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal)

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Panels and SIMATIC WinCC TIA Portal Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network...

Advantech EKI Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-344-01A Advantech EKI Vulnerabilities that was published December 15, 2015, on the NCCIC/ICS-CERT web site. --------- Begin Update B Part 1 of 3 -------- HD Moore of Rapid7 identified several vulnerabilities in...

ICSA-18-317-07 Siemens SIMATIC IT Production Suite

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC IT Production Suite Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise confidentiality, integrity and...

ICSA-18-317-06 Siemens SIMATIC STEP 7 (TIA Portal)

1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC STEP 7 TIA Portal Vulnerability: Unprotected Storage of Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to reconstruct passwords. 3...

Siemens SIMATIC S7 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7 Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-317-05 Siemens SIMATIC S7 that...

Hikvision Cameras

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Hikvision Equipment: Cameras Vulnerabilities: Improper Authentication, Password in Configuration File AFFECTED PRODUCTS Hikvision reports that the following cameras and versions are affected: DS-2CD2xx2F-I Series...

Treck TCP/IP (Update I)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Treck Inc. Equipment : TCP/IP Vulnerabilities : Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or...

ICSA-18-317-04 Siemens SCALANCE S

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE S Vulnerability: Cross-site Scripting 2. RISK EVALUATION If an attacker tricks a user into clicking a malicious link, the device could allow arbitrary script injection XSS. 3. TECHNICAL DETAILS...

Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

SUMMARY Update September 6, 2023: This Cybersecurity Advisory has been updated with new tactics, techniques, and procedures TTPs as well as indicators of compromise IOCs received from an additional victim and trusted third parties. Update End The Cybersecurity and Infrastructure Security Agency...

Siemens Synco OZW Default Password

Overview Siemens has reported to ICS-CERT that a default password vulnerability exists in the Siemens Synco OZW Web Server device used for building automation systems. Siemens urges their customers to set a secure password on their device’s web interface. This vulnerability could be exploited...

Siemens SCALANCE X (Update D)

1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE X Vulnerability: Expected Behavior Violation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-085-01 Siemens SCALANCE X Update C that was published...

Delta Electronics DIAScreen

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DIAScreen Vulnerabilities: Type Confusion, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed and may allow remote code...

Interpeak IPnet TCP/IP Stack (Update D)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by...

Siemens OpenSSL Affected Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

ICSA-21-063-02_Schneider Electric EcoStruxure Building Operation (EBO)

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Building Operation Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, Improper Restriction of XML External Entity...

Open Design Alliance Drawings SDK (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Open Design Alliance Equipment: Drawings SDK --------- Begin Update A Part 1 of 3 --------- Vulnerabilities: Stack-based Buffer Overflow, Type Confusion, Untrusted Pointer Dereference, Incorrect Type Conversion or Cast,...

Hitachi ABB Power Grids TropOS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Hitachi ABB Power Grids Equipment: TropOS Vulnerabilities: Injection, Inadequate Encryption Strength, Missing Authentication for Critical Function, Improper Authentication, Improper Validation of Integrity Check Value,...

AVEVA Wonderware License Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: AVEVA Software, LLC AVEVA Equipment: Wonderware License Server Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...

Opto 22 PAC Control Basic and PAC Control Professional

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Opto 22 Equipment: PAC Control Basic and PAC Control Professional Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device...

Siemens SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional, and SIMATIC NET PC Software (Update G)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Siemens Equipment : SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional, and SIMATIC NET PC Software Vulnerability : Improper Input Validation 2. UPDATE INFORMATION This updated...

Ice Qube Thermal Management Center

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Ice Qube Equipment: Thermal Management Center Vulnerabilities: Improper Authentication, Unprotected Storage of Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

GLEG Agora SCADA+ Exploit Pack

OVERVIEW On March 15, 2011, GLEG Ltd. announced the Agora SCADA+ Exploit Pack for Immunity’s CANVAS system. CANVAS is a penetration testing framework that is extensible using CANVAS Exploit Packs. On March 25, 2011, GLEG announced it would be adding exploits for the 35 vulnerabilities released by...

AVEVA Vijeo Citect and Citect SCADA Floating License Manager

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : AVEVA Equipment : Vijeo Citect and Citect SCADA Floating License Manager Vulnerabilities : Improper Input Validation, Memory Corruption 2. RISK EVALUATION These vulnerabilities could allow an...

Multiple RTOS (Update E)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendors: Multiple Equipment: Multiple Vulnerabilities: Integer Overflow or Wraparound CISA is aware of a public report, known as “BadAlloc” that details vulnerabilities found in multiple real-time operating...

Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: FOX615 Multiservice-Multiplexer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

Schneider Electric EcoStruxure Power Build-Rapsody (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Power Build-Rapsody Vulnerability: Unrestricted Upload of File with Dangerous Type 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

Eaton EASYsoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.8 Vendor: Eaton Equipment: EASYsoft Vulnerabilities: Type Confusion, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-007-03 Eaton EASYsoft that was published January 7, 2021, to the ICS webpage on...

Rockwell Automation Allen-Bradley Stratix and Allen-Bradley ArmorStratix

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Rockwell Automation Equipment: Allen-Bradley Stratix, Allen-Bradley ArmorStratix Vulnerability: Improper Input Validation AFFECTED PRODUCTS The following versions of the Allen-Bradley Stratix and ArmorStratix Industri...

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Summary Actions to Help Protect Against APT Cyber Activity: • Enforce multifactor authentication MFA on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on...

ICSA-21-040-06_Siemens JT2Go and Teamcenter Visualization (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization Vulnerabilities: Out-of-bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer, Stack-based Buffer overflow, Out-of-Bounds Write, Type...

Endress+Hauser HART Device DTM Vulnerability

OVERVIEW Alexander Bolshev and Svetlana Cherkasova of Digital Security have identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library used in Endress+Hauser HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which...

Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool

Summary Updated April 15, 2021: The U.S. Government attributes this activity to the Russian Foreign Intelligence Service SVR. Additional information may be found in astatement from the White House. For more information on SolarWinds-related activity, go to...

Marel Food Processing Systems

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Marel Equipment: Food Processing Systems Vulnerabilities: Hard-Coded Passwords, Unrestricted Upload AFFECTED PRODUCTS The following Marel food processing products are affected: M3000 terminal associated with the...

Siemens SIMATIC, SIMOTICS (Update A)

1. EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SIMOTICS Vulnerability: TOCTOU Race Condition 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-224-05 Siemens SIMATIC,...

MDT AutoSave

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: MDT Software Equipment: MDT AutoSave Vulnerabilities: Inadequate Encryption Strength, SQL Injection, Relative Path Traversal, Command Injection, Uncontrolled Search Path Element, Generation of Error...

Siemens Apache HTTP Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Apache HTTP Server Vulnerabilities: NULL Pointer Dereference, Out-of-bounds Write, Server-side Request Forgery SSRF 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Delta Electronics WPLSoft, ISPSoft, and PMSoft Vulnerabilities

OVERVIEW Researchers axt and Ariele Caltabiano each working with Trend Micro's Zero Day Initiative ZDI have identified vulnerabilities in Delta Electronics’ WPLSoft, ISPSoft, and PMSoft software applications. Delta Electronics has produced new software versions to mitigate these vulnerabilities...