Hitachi Energy MicroSCADA Pro/X SYS600 Products (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Low attack complexity Vendor : Hitachi Energy Equipment : MicroSCADA X SYS600, MicroSCADA Pro Vulnerability : Improper Use of Validation Framework 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized...

Hitachi Energy Lumada Asset Performance Management Prognostic Model Executor Service

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/public exploits are available Vendor: Hitachi Energy Equipment: Lumada Asset Performance Manager APM Vulnerabilities: Allocation of Resources Without Limits or Throttling, Code injection 2. RISK EVALUATION Successful exploitation of...

Johnson Controls Metasys ADS, ADX, OAS

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc Equipment: Metasys ADS, ADX, OAS with MUI Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

General Electric Renewable Energy MDS Radios

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: General Electric Renewable Energy Equipment: MDS iNET/iNET II/SD/TD220/TD220MAX Radios Vulnerabilities: I mproper Input Validation, Hidden Functionality, Inadequate Encryption Strength, Uncontrolled...

AVEVA System Platform

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: System Platform Vulnerability: Cleartext Storage of Sensitive Information in Memory 2. RISK EVALUATION Successful exploitation of this vulnerability could expose cleartext credentials for the network user...

Wibu-Systems CodeMeter Runtime

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Wibu-Systems AG Equipment: CodeMeter Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the CodeMeter Runtime Server, which could...

Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Modification of Assumed-Immutable Data, Improper Access Control, Exposure of Sensitive Information to an Unauthorized Actor, Improper...

Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Controlled Electronic Management Systems Ltd., a subsidiary of Johnson Controls Inc Equipment: CEM Systems AC2000 Vulnerability: Improper Authorization 2. RISK EVALUATION Under specific conditions,...

Swisslog Healthcare Translogic PTS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Swisslog Healthcare Equipment: Translogic PTS Pneumatic Tube Systems Vulnerabilities: Use of Hard-coded Password, Execution with Unnecessary Privileges, Improper Authentication, Download of Code without...

Exacq Technologies exacqVision Enterprise Manager

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls Inc. Equipment: exacqVision Enterprise Manager Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this...

Siemens Nucleus DNS (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Nucleus Vulnerability: Use of Insufficiently Random Values 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-103-14 Siemens Nucleus...

Hitachi Energy Relion 670, 650 and SAM600-IO

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670, 650, and SAM600-IO Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

Mitsubishi Electric MELFA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELFA FR Series, MELFA CR Series, MELFA ASSISTA Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

Summary The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI are warning that Iranian advanced persistent threat APT actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public...

B&R Automation SiteManager and GateManager

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Industrial Automation GmbH Equipment: SiteManager and GateManager Vulnerabilities: Path Traversal, Uncontrolled Resource Consumption, Information Exposure, Improper Authentication, Information...

Delta Industrial Automation TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: TPEditor Vulnerabilities: Out-of-bounds Read, Stack-based Buffer Overflow, Heap-based Buffer Overflow, Write-what-where Condition, Improper Input Validation 2. RISK EVALUATION Successful...

BIOTRONIK CardioMessenger II

1. EXECUTIVE SUMMARY CVSS v3 4.6 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: BIOTRONIK Equipment: CardioMessenger II-S T-Line, CardioMessenger II-S GSM Vulnerabilities: Improper Authentication, Cleartext Transmission of Sensitive Information, Missing Encryption...

Honeywell WIN-PAK

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Honeywell Equipment: WIN-PAK Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of HTTP Headers for Scripting Syntax, Use of Obsolete Function 2. RISK EVALUATION Successful exploitation of these...

Siemens S7-1200 and S7-200 SMART CPUs (Update B)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Low skill level to exploit Vendor : Siemens Equipment: S7-1200 CPU family including SIPLUS variants; S7-200 SMART CPU family Vulnerability : Exposed Dangerous Method or Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...

Microsoft Ending Support for Windows 7 and Windows Server 2008 R2

Summary Note : This alert does not apply to federally certified voting systems running Windows 7. Microsoft will continue to provide free security updates to those systems through the 2020 election. See Microsoft’s article, Extending free Windows 7 security updates to voting systems, for more...

Pangea Communications Internet FAX ATA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Pangea Communications Equipment: Internet FAX Analog Telephone Adapter ATA Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION...

RealFlex RealWin Buffer Overflow

Overview This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows, which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationResearcher, http://aluigi.altervista.org/adv/realwin1-adv.txt...

WAGO 750 Series

CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: WAGO Equipment: 750 Series Vulnerability: Improper Resource Shutdown or Release AFFECTED PRODUCTS The following versions of 750 series PLC are affected: 750-880 firmware version 10 and prior, 750-881 firmware version ...

OSIsoft PI Vision

CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Vision Vulnerabilities: Protection Mechanism Failure, Information Exposure AFFECTED PRODUCTS The following versions of PI Vision, a data visualization framework, are affected: PI Vision versions...

OSIsoft PI ProcessBook and PI ActiveView

CVSS v3 High ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OSIsoft Equipment: PI ProcessBook and PI ActiveView Vulnerability: Using components with known vulnerabilities AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following PI products: PI ProcessBoo...

ABB VSN300 WiFi Logger Card

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: ABB Equipment: VSN300 WiFi Logger Card Vulnerabilities: Improper Authentication; Permissions, Privileges, and Access Controls AFFECTED PRODUCTS The following versions of VSN300 WiFi Logger Card, a device for solar...

Phoenix Broadband Technologies LLC PowerAgent SC3 Site Controller

CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Phoenix Broadband Technologies LLC Equipment: PowerAgent SC3 Site Controller Vulnerability: Use of Hard-Coded Password AFFECTED PRODUCTS Phoenix Broadband Technologies LLC reports that the following versions of...

Schneider Electric Wonderware Historian Client

CVSS v3 6.6 ATTENTION: Low skill level to exploit. Vendor: Schneider Electric Equipment: Wonderware Historian Client Vulnerability: Improper XML Parser Configuration AFFECTED PRODUCTS The following versions of Wonderware Historian Client, an analysis and reporting software, are affected: Wonderwa...

Marel Food Processing Systems (Update A)

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Marel Equipment: Food Processing Systems Vulnerabilities: Hard-Coded Passwords, Unrestricted Upload, Improper Access Control UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

Hanwha Techwin Smart Security Manager

CVSS v3 7.5 ATTENTION: Remotely exploitable Vendor: Hanwha Techwin Equipment: Smart Security Manager Vulnerabilities: Remote Code Execution AFFECTED PRODUCTS The following Smart Security Manager, a software management platform, versions are affected: Smart Security Manager Versions 1.5 and prior...

Meinberg NTP Time Server Vulnerabilities

OVERVIEW Independent researcher Ryan Wincey has identified a stack buffer overflow vulnerability and a privilege escalation vulnerability in Meinberg’s NTP Time Servers Interface. Meinberg has produced a new Version 6.20.004 to mitigate these vulnerabilities. The researcher has validated the...

ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-077-01 ABB Panel Builder 800 DLL Hijacking Vulnerability that was published March 17, 2016, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in the ABB...

HID Global Reader Configuration Cards

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : HID Global Equipment : Reader Configuration Cards Vulnerability : Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read the credential and device...

Siemens RUGGEDCOM and SCALANCE M-800/S615 Family

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SCALANCE Family Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens RUGGEDCOM APE180

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens RUGGEDCOM ROS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Snap One OvrC Cloud (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Snap One Equipment: OvrC Cloud, OvrC Pro Devices Vulnerabilities: Improper Input Validation, Observable Response Discrepancy, Improper Access Control, Cleartext Transmission of Sensitive Information,...

PTC Vuforia Studio

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Vuforia Studio Vulnerabilities: Insufficiently Protected Credentials, Improper Authorization, Unrestricted Upload of File with Dangerous Type, Path Traversal, Cross-site Request Forgery...

PTC ThingWorx Edge

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: ThingWorx Edge Vulnerabilities: Improper Validation of Array Index, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

Mitsubishi Electric GT SoftGOT2000

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: GT SoftGOT2000 Vulnerability: Operating System OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Delta Electronics DIAEnergie

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Use of Hard-coded Credentials 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled...

Eaton Intelligent Power Protector

1. EXECUTIVE SUMMARY CVSS v3 5.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Protector IPP Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

Mitsubishi Electric MELSEC-Q Series C Controller Module

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC-Q Series C Controller Module Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition or allow...

ABB SPIET800 and PNI800

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: Symphony Plus SPIET800 and PNI800 Vulnerabilities: Incomplete Internal State Distinction, Improper Handling of Unexpected Data Type, Uncontrolled Resource Consumption 2. RISK EVALUATION...

Digi PortServer TS 16

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Digi International, Inc. Equipment: PortServer TS 16 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability allows write access, which grants control of...

Siemens Solid Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Siemens Equipment : Solid Edge Vulnerabilities : Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an out-of-bounds write, a buffer overflow condition that may...

Siemens JT Utilities

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION : Low attack complexity Vendor : Siemens Equipment : JT Utilities Vulnerabilities : Function Call with Incorrect Variable or Reference as Argument, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a...

FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerability: Integer Underflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Incorrect Authorization\ 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated unprivileged...