4251 matches found
Moxa EDS-G516E and EDS-510E Series Ethernet Switches
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...
Siemens SIMATIC CP 1543-1
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC CP 1543-1 Vulnerabilities: Improper Access Control, Loop with Unreachable Exit Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
Omron PLC CJ, CS and NJ Series
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Omron Equipment : PLC CJ, CS and NJ Series Vulnerability : Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...
BD Pyxis (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: Pyxis Vulnerability: Session Fixation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-248-01 BD Pyxis...
Philips HDI 4000 Ultrasound
1. EXECUTIVE SUMMARY CVSS v3 3.0 ATTENTION: Public exploits are available/exploitable from within the same local subnet Vendor: Philips Equipment: HDI 4000 Ultrasound Systems Vulnerability: Use of Obsolete Function 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to...
Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200
CVSS v3 5.9 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Schneider Electric Equipment: Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 Vulnerabilities: Stack-based Buffer Overflow, Use of Hard-coded Credentials, Use of a Broken or Risky Cryptographic...
3S-Smart Software Solutions GmbH CODESYS Web Server
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Web Server Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS All Microsoft Windows also WinCE based CODESYS web servers running stand-alone Version 2.3, o...
Schneider Electric Wonderware InTouch Access Anywhere
CVSS v3 8.8 ATTENTION: Remotely Exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: Wonderware InTouch Access Anywhere Vulnerabilities: Cross-Site Request Forgery, Information Exposure, Inadequate Encryption Strength AFFECTED PRODUCTS The following Wonderware InTouch Acce...
BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-017-02 BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities that was published February 7, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 4 -------- Researchers at...
Kepware Resource Exhaustion Vulnerability
OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a resource exhaustion vulnerability in the Kepware Technologies’ DNP Master Driver for the KEPServerEX Communications Platform. Kepware Technologies has produced a new version that mitigates this vulnerability. This...
Adcon Telemetry A840 Vulnerabilities
OVERVIEW Independent researcher Aditya K. Sood has identified vulnerabilities in Adcon Telemetry’s A840 Telemetry Gateway Base Station. Adcon Telemetry has stated that the A840 is an obsolete product and is no longer supported. No patches or updates will be created for this product. Adcon Telemet...
Schneider Electric Vijeo Citect, CitectSCADA, PowerLogic SCADA Vulnerability
Overview Schneider Electric has identified an XML external entity vulnerability in Vijeo Citect, CitectSCADA, and PowerLogic SCADA applications. Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies reported the vulnerability directly to Schneider Electric. Schneider Electric has...
Monroe Electronics DASDEC Compromised Root SSH Key
OVERVIEW This advisory provides mitigation details for a vulnerability that impacts the Monroe Electronics DASDEC. Mike Davis, a researcher with IOActive, reported a compromised root SSH key vulnerability to CERT Coordination Center CERT/CC. This vulnerability is in Monroe Electronics DASDEC‑I an...
Carlo Gavazzi EOS Box Multiple Vulnerabilities
Overview This advisory provides mitigation details for multiple vulnerabilities that impact the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has identified two vulnerabilities in the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has produced a firmware...
Softing edgeConnector
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION : Low attack complexity Vendor : Softing Equipment : edgeConnector Vulnerabilities : Cleartext Transmission of Sensitive Information, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could create conditions...
Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment
Actions to take today to harden your internal environment to mitigate follow-on activity after initial access. 1. Use phishing-resistant multi-factor authentication MFA for all administrative access. 2. Verify the implementation of appropriate hardening measures, and change, remove, or deactivate...
Iagona ScrutisWeb
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Iagona Equipment: ScrutisWeb Vulnerabilities: Absolute Path Traversal, Authorization Bypass Through User-Controlled Key, Use of Hard-coded Cryptographic Key, Unrestricted Upload of File with Dangerous...
Ovarro TBox RTUs
1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ovarro Equipment: TBox RTUs Vulnerabilities: Missing Authorization, Use of Broken or Risky Cryptographic Algorithm, Inclusion of Functionality from Untrusted Control Sphere, Insufficient Entropy,...
Rockwell Automation FactoryTalk Diagnostics (Update B)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Diagnostics Vulnerabilities: Deserialization of Untrusted Data 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original...
Siemens SCALANCE Third-Party
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Mitsubishi Electric MELSOFT iQ AppPortal
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT iQ AppPortal Vulnerabilities: HTTP Request Smuggling, Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of these...
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch FCEB organization where CISA observed suspected advanced persistent threat APT activity. In the course of incident response activities, CISA determined that cyber...
ABB e-Design
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ABB Equipment: e-Design Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Exploitation of these vulnerabilities could allow privilege escalation or a denial-of service condition. 3. TECHNICAL DETAILS 3.1...
Phoenix Contact Classic Line Industrial Controllers
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 Vulnerability: Missing Authentication for Critical...
GE Proficy CIMPLICITY-Cleartext
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to capture a...
Sensormatic Electronics VideoEdge
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: VideoEdge Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...
Siemens LOGO! CMR and SIMATIC RTU 3000
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: LOGO! CMR2020, LOGO! CMR2040 and SIMATIC RTU 3000 family Vulnerabilities: Incorrect Calculation of Buffer Size, Improper Certificate Validation 2. RISK EVALUATION Successful...
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Europe B.V. Equipment: smartRTU and INEA ME-RTU Vulnerabilities: OS Command Injection, Improper Access Control, Cross-site Scripting, Use of Hard-coded Credentials, Unprotected...
Siemens Teamcenter Active Workspace
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Siemens Equipment : Teamcenter Active Workspace Vulnerabilities : Generation of Error Message Containing Sensitive Information, Cross-site Scripting, Exposure of Sensitive Information to an...
FATEK Automation WinProladder
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these...
Siemens SIMATIC NET CP 443-1 OPC UA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET CP 443-1 OPC UA Vulnerabilities: Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Incorrect Calculation, Classic Buffer...
Datakit Libraries bundled in Luxion KeyShot
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Datakit Equipment: Software libraries embedded in Luxion KeyShot software Vulnerabilities: Out-of-bounds Write, Exposure of Sensitive Information to an Unauthorized Actor, Stack-Based buffer Overflow, Untrusted Pointer...
Siemens Solid Edge File Parsing (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Improper Restriction of XML External Entity Reference, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...
Schneider Electric PLC Simulator for EcoStruxure Control Expert
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: PLC Simulator for EcoStruxure Control Expert Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this...
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note: the analysis in this joint cybersecurity advisory is ongoing, and the...
FATEK Automation PLC WinProladder
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: FATEK Automation Equipment: PLC WinProladder Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow...
Mitsubishi Electric MELSEC iQ-R Series (Update C)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-161-02 Mitsubishi...
Triangle MicroWorks SCADA Data Gateway
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Triangle MicroWorks Equipment : SCADA Data Gateway Vulnerabilities : Stacked-based Buffer Overflow, Out-of-Bounds Read, Type Confusion 2. RISK EVALUATION These vulnerabilities allow remote...
Siemens SIMATIC S7-1500 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1500 CPU family Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-042-11 Siemens SIMATIC S7-1500 that was...
ICSA-19-120-01_Rockwell Automation CompactLogix 5370
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: CompactLogix 5370 Vulnerabilities: Uncontrolled Resource Consumption, Stack-based Buffer Overflow 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to...
ControlByWeb X-320M
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ControlByWeb Equipment: X-320M Vulnerabilities: Improper Authentication, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow arbitrary code execution...
Siemens TIM 1531 IRC Modules
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: TIM 1531 IRC Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform...
Johnson Controls Metasys and BCPro
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION : Exploitable on an adjacent network/low skill level to exploit Vendor : Johnson Controls Equipment : Metasys and BCPro Vulnerability : Information Exposure Through an Error Message 2. RISK EVALUATION Successful exploitation of this vulnerability could...
WECON Technology Co., Ltd. LeviStudio HMI Editor
CVSS v3 5.3 ATTENTION: Locally exploitable/low skill level to exploit. Vendor: WECON Technology Co., Ltd. WECON Equipment: LeviStudio HMI Editor Vulnerabilities: Buffer Overflows AFFECTED PRODUCTS The following versions of LEVI Studio HMI Editor, an HMI programming software product, are affected:...
Rockwell Automation Stratix 5100 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION: Exploitable remotely/public exploits are available Vendor: Rockwell Automation Equipment: Stratix 5100 Wireless Access Point/Workgroup Bridge Vulnerability: Reusing a Nonce 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...
Siemens 7KT PAC1200 Data Manager
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: 7KT PAC1200 data manager Vulnerability: Authentication Bypass Using an Alternate Path or Channel AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of the 7KT...
General Motors and Shanghai OnStar (SOS) iOS Client
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: General Motors GM, Shanghai OnStar SOS Equipment: SOS iOS Client Vulnerabilities: Cleartext Storage of Sensitive Information, Man-in-the-Middle, Improper Authentication REPOSTED INFORMATION This advisory was originall...
Automated Logic Corporation ALC WebCTRL, Liebert SiteScan, Carrier i-VU
CVSS v3 6.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Automated Logic Corporation ALC Equipment: ALC WebCTRL, Liebert SiteScan, Carrier i-VU Vulnerability: XML External Entity XXE REPOSTED INFORMATION This advisory was originally posted to the NCCIC Portal on May 30, 201...
Schneider Electric VAMPSET
CVSS v3 5.6 ATTENTION: Low skill level to exploit. Vendor: Schneider Electric Equipment: VAMPSET Vulnerability: Memory Corruption AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following VAMPSET setting and configuration software products: VAMPSET, versions prior ...
Honeywell XL Web II Controller Vulnerabilities
OVERVIEW Independent researcher Maxim Rupp has identified vulnerabilities in Honeywell’s XL Web II controller application. Honeywell has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following XL Web II controlle...