Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200

CVSS v3 5.9 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Schneider Electric Equipment: Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 Vulnerabilities: Stack-based Buffer Overflow, Use of Hard-coded Credentials, Use of a Broken or Risky Cryptographic...

Nari PCS-9611 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Nari Equipment : PCS-9611 Vulnerability : Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-025-01 Nari PCS-9611 that...

WECON Technology Co., Ltd. LeviStudio HMI Editor

CVSS v3 5.3 ATTENTION: Locally exploitable/low skill level to exploit. Vendor: WECON Technology Co., Ltd. WECON Equipment: LeviStudio HMI Editor Vulnerabilities: Buffer Overflows AFFECTED PRODUCTS The following versions of LEVI Studio HMI Editor, an HMI programming software product, are affected:...

Lynxspring JENEsys BAS Bridge Vulnerabilities

OVERVIEW Independent researcher Maxim Rupp has identified several vulnerabilities in Lynxspring’s JENEsys BAS Bridge application. Lynxspring has discontinued the BAS Bridge application and recommends that users upgrade to the Onyxx Bridge product. These vulnerabilities could be exploited remotely...

Panasonic FPWIN Pro Vulnerabilities

OVERVIEW NCCIC/ICS-CERT received a report from Trend Micro’s Zero Day Initiative ZDI concerning buffer overflow vulnerabilities in Panasonic FPWIN Pro software. These vulnerabilities were reported to ZDI by security researcher Steven Seeley. Panasonic has produced a new version to mitigate these...

Kepware Resource Exhaustion Vulnerability

OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a resource exhaustion vulnerability in the Kepware Technologies’ DNP Master Driver for the KEPServerEX Communications Platform. Kepware Technologies has produced a new version that mitigates this vulnerability. This...

NTP Reflection Attack

OVERVIEW NCCIC/ICS-CERT has been following the increase in denial-of-service DoS attacks using Network Time Protocol NTP Reflection. This type of attack provides an adversary the ability to generate high volume distributed denial of service DDoS traffic to target web sites or public‑facing device...

Wonderware System Platform Buffer Overflows

Overview ICS-CERT originally released Advisory ICSA-12-081-01P on the US-CERT secure portal on March 21, 2012. This web page release was delayed to allow users time to download and install the update. Independent researcher Celil Unuver from SignalSec Corporation has identified two buffer overflo...

InduSoft ISSymbol ActiveX Control Buffer Overflow

Overview ICS-CERT received a report from Indusoft and the Zero Day Initiative ZDI concerning a heap-based buffer overflow vulnerability affecting the InduSoft ISSymbol ActiveX control. This vulnerability was reported to ZDI by security researcher Alexander Gavrun. Successful exploitation of this...

Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to expose information, inject code, manipulate data, or achieve cross-site scripting XSS, resulting in full session compromise. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of Defense Cyber Crime Center DC3 are releasing this joint Cybersecurity Advisory CSA to warn network defenders that, as of August 2024, a group of Iran-based cyber actors...

Siemens SINEC NMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Ovarro TBox RTUs

1. EXECUTIVE SUMMARY ​CVSS v3 7.2 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Ovarro ​Equipment: TBox RTUs ​Vulnerabilities: Missing Authorization, Use of Broken or Risky Cryptographic Algorithm, Inclusion of Functionality from Untrusted Control Sphere, Insufficient Entropy,...

Mitsubishi Electric MELSEC Series CPU module (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : MELSEC Series CPU module Vulnerability : Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

#StopRansomware: BianLian Ransomware Group

Actions to take today to mitigate cyber threats from BianLian ransomware and data extortion: 1. Strictly limit the use of RDP and other remote desktop services. 2. Disable command-line and scripting activities and permissions. 3. Restrict usage of PowerShell and update Windows PowerShell or...

Korenix Jetwave

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Korenix Equipment: Jetwave Vulnerabilities: Command Injection, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain full...

Mitsubishi Electric MELSOFT iQ AppPortal

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT iQ AppPortal Vulnerabilities: HTTP Request Smuggling, Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of these...

Siemens Products affected by OpenSSL 3.0

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SCALANCE

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens RUGGEDCOM ROS Code Injection

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC S7-400

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Mitsubishi Electric EcoWebServerIII

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Energy Saving Data Collecting Server EcoWebServerIII Vulnerabilities: Improper Neutralization of Input During Web Page Generation, Uncontrolled Resource...

GE Proficy CIMPLICITY-Cleartext

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to capture a...

Siemens Simcenter Femap

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the...

Siemens JT Utilities and JT Open Toolkit

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT Utilities, JT Open Toolkit Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Stack-based Buffer Overflow, Use After Free, Improper Restriction of Operations within the Bounds of a Memory Buffer...

Siemens JT2Go and Teamcenter Visualization products

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go & Teamcenter Visualization Vulnerabilities: Use After Free, Out-of-bounds Write, Out-of-bounds Read, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Siemens Industrial Products LLDP (Update D)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC Communication Processor Vulnerability (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...

Siemens LOGO! Soft Comfort

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

LokiBot Malware

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA with contributions...

APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note: the analysis in this joint cybersecurity advisory is ongoing, and the...

Fieldcomm Group HART-IP and hipserver

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fieldcomm Group Equipment: HARP-IP Developer kit, hipserver Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being...

Mitsubishi Electric MELSEC iQ-R Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-161-02 Mitsubishi...

Opto 22 SoftPAC Project

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Opto 22 Equipment: SoftPAC Project Vulnerabilities: External Control of File Name or Path, Improper Verification of Cryptographic Signature, Improper Access Control, Uncontrolled Search Path...

Top 10 Routinely Exploited Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patchi...

Emerson OpenEnterprise

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Emerson Equipment: OpenEnterprise SCADA Server Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA...

Equinox Control Expert

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Equinox Equipment: Control Expert Vulnerability: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' 2. RISK EVALUATION Successful exploitation of this vulnerability...

ABB Power Generation Information Manager (PGIM) and Plant Connect

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Power Generation Information Manager PGIM and Plant Connect Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this...

Siemens Industrial Products Local Privilege Escalation Vulnerability (Update I)

1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: Exploitable locally Vendor: Siemens Equipment: Industrial Products Vulnerability: Improper privilege management 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-16-313-02 Siemens Industrial Products Local...

ICSA-19-120-01_Rockwell Automation CompactLogix 5370

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: CompactLogix 5370 Vulnerabilities: Uncontrolled Resource Consumption, Stack-based Buffer Overflow 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to...

ENTTEC Lighting Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ENTTEC Equipment: Datagate MK2, Storm 24, Pixelator Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could reboot this...

ControlByWeb X-320M

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ControlByWeb Equipment: X-320M Vulnerabilities: Improper Authentication, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow arbitrary code execution...

ICSA-18-333-02_Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low skill level Vendor : Tridium Equipment : Niagara Enterprise Security, Niagara AX, and Niagara 4 Vulnerability : Cross-site Scripting 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on...

Johnson Controls Metasys and BCPro

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION : Exploitable on an adjacent network/low skill level to exploit Vendor : Johnson Controls Equipment : Metasys and BCPro Vulnerability : Information Exposure Through an Error Message 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Schweitzer Engineering Laboratories, Inc. Compass and AcSELerator Architect

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/Low skill level to exploit/Public exploits are available for these vulnerabilities Vendor: Schweitzer Engineering Laboratories, Inc. SEL Equipment: Compass and AcSELerator Architect Vulnerabilities: Incorrect Default Permissions,...

OSIsoft PI Data Archive

CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: OSIsoft Equipment: PI Data Archive Vulnerabilities: Deserialization of Untrusted Data, Improper Input Validation, Incorrect Default Permissions AFFECTED PRODUCTS The following versions of PI Data Archive, a data stora...

ICSA-18-018-01A Siemens SIMATIC WinCC Add-On (Update A)

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC WinCC Add-On Vulnerabilities: Stack-based Buffer Overflow, Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Security Features, Improper...

Schneider Electric Wonderware ArchestrA Logger

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Wonderware ArchestrA Logger Vulnerabilities: Stack-Based Buffer Overflow, Uncontrolled Resource Consumption, Null Pointer Deference AFFECTED PRODUCTS Schneider Electric reports that the...

Schneider Electric Wonderware InTouch Access Anywhere

CVSS v3 8.8 ATTENTION: Remotely Exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: Wonderware InTouch Access Anywhere Vulnerabilities: Cross-Site Request Forgery, Information Exposure, Inadequate Encryption Strength AFFECTED PRODUCTS The following Wonderware InTouch Acce...

BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-017-02 BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities that was published February 7, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 4 -------- Researchers at...