Johnson Controls Sensormatic Electronics American Dynamics victor Web Client and Software House C•CURE Web Client (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Low skill level to exploit Vendor : Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment : American Dynamics victor Web Client Vulnerability : Improper Authorization 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

BIOTRONIK CardioMessenger II

1. EXECUTIVE SUMMARY CVSS v3 4.6 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: BIOTRONIK Equipment: CardioMessenger II-S T-Line, CardioMessenger II-S GSM Vulnerabilities: Improper Authentication, Cleartext Transmission of Sensitive Information, Missing Encryption...

Rockwell Automation FactoryTalk Linx Software (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Linx Software Vulnerabilities: Improper Input Validation, Path Traversal, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful...

Inductive Automation Ignition

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition 8 Gateway Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write endless...

Siemens SCALANCE X Switches (Update B)

1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE X switches Vulnerability: Protection Mechanism Failure 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-042-07 Siemens...

Siemens TIA Portal (Update F)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: TIA Portal Vulnerability: Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-014-05 Siemens TIA Portal Update E that was published June...

Moxa EDS Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G508E, EDS-G512E, and EDS-G516E Series Ethernet Switches Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Schneider Electric Zelio Soft 2

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Zelio Soft 2 Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for remote code execution when opening a specially crafted project...

Echelon SmartServer 1, SmartServer 2, SmartServer 3, i.LON 100, i.LON 600 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Echelon Equipment: SmartServer 1, SmartServer 2, i.LON 100, i.LON 600 Vulnerabilities: Information Exposure, Authentication Bypass Using an Alternate Path or Channel, Unprotected Storage of...

Martem TELEM-GW6/GWM (Update B)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Martem Equipment : TELEM-GW6/GWM --------- Begin Update B Part 1 of 5 -------- Vulnerabilities : Missing Authentication for Critical Function, Incorrect Default Permissions, Resource Exhaustion,...

Eaton ELCSoft

CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Eaton Equipment: ELCSoft Vulnerability: Improper Input Validation AFFECTED PRODUCTS ELCSoft is programming software for all Eaton ELC programmable logic controllers. The ELC programmable logic controllers are not...

Schneider Electric IGSS SCADA Software

CVSS v3 7.0 ATTENTION: Locally exploitable/high skill level to exploit. Vendor: Schneider Electric Equipment: IGSS SCADA Software Vulnerability: Security Misconfiguration AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following IGSS SCADA Software products: IGSS...

Advantech WebAccess/SCADA

CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Path Traversal, SQL Injection AFFECTED PRODUCTS The following versions of WebAccess/SCADA, a SCADA software platform, are affected: WebAccess/SCADA versions prior ...

Ecava IntegraXor

CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerabilities: SQL Injection AFFECTED PRODUCTS The following version of IntegraXor, a web SCADA/HMI solution, is affected: Ecava IntegraXor v 6.1.1030.1 and prior. IMPACT Successful...

Rockwell Automation MicroLogix 1100 PLC Overflow Vulnerability

OVERVIEW David Atch of CyberX has identified a stack-based buffer overflow vulnerability in Rockwell Automation’s Allen-Bradley MicroLogix 1100 programmable logic controller PLC systems. Rockwell Automation has produced a new firmware version to mitigate this vulnerability. This vulnerability cou...

Rockwell Automation RSLogix 500 and RSLogix Micro File Parser Buffer Overflow Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-224-02 Rockwell Automation RSLogix 500 and RSLogix Micro File Parser Buffer Overflow Vulnerability that was published September 15, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3...

Moxa MiiNePort Session Hijack Vulnerabilities

OVERVIEW Independent researcher Aditya Sood has identified vulnerabilities in Moxa’s MiiNePort. Moxa has produced new firmware editions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Moxa reports that the vulnerabilities affect the followin...

eWON Vulnerabilities

OVERVIEW Independent researcher Karn Ganeshen has identified several vulnerabilities in the eWON sa industrial router. eWON sa has produced an updated firmware to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following eWON router firmwar...

Tibbo AggreGate Platform Vulnerabilities

OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning two vulnerabilities in Tibbo’s AggreGate SCADA/HMI package, which is part of the AggreGate Platform. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi rgod. Tibbo has produced a...

Omron Multiple Product Vulnerabilities

OVERVIEW Air Force Institute of Technology researcher Stephen Dunlap has identified vulnerabilities in Omron Corporation’s CX-Programmer software, CJ2M series programmable logic controller PLC, and CJ2H series PLC. Omron Corporation has produced new versions that mitigate these vulnerabilities. O...

Network Time Protocol Vulnerabilities

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-353-01B Network Time Protocol Vulnerabilities that was published February 4, 2015, on the NCCIC/ICS-CERT web site. Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple...

Microsoft Remote Desktop Protocol Memory Corruption Vulnerability

Overview ICS-CERT is aware of a public report of a Remote Desktop Protocol RDP vulnerability with proof-of-concept PoC exploit code affecting multiple Microsoft Windows operating systems. RDP is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to...

Measuresoft ScadaPro DLL Hijack

Overview Independent researcher Carlos Mario Penagos Hollmann identified a remotely exploitable, uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in Measuresoft’s ScadaPro application. Measuresoft has produced an upgrade to address this vulnerability. Mr...

Siemens Automation License Manager Vulnerabilities

Overview This Advisory is a follow-up to the original Alert titled “ICS-ALERT-11-332-01A—Siemens Automation License Manager Vulnerabilities” that was published December 02, 2011, on the ICS-CERT web page. ICS-CERT is aware of publicly disclosed reports of four vulnerabilities in Siemens Automatio...

Sierra Wireless AirLink with ALEOS firmware

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Sierra Wireless Equipment : AirLink Vulnerabilities : Infinite Loop, NULL Pointer Dereference, Cross-site Scripting, Reachable Assertion, Use of Hard-coded Credentials, Use of Hard-coded...

Weintek cMT3000 HMI Web CGI

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Weintek Equipment : cMT3000 CMI Web CGI Vulnerabilities : Stack-based Buffer Overflow, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

Hitachi Energy MicroSCADA System Data Manager SDM600

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA System Data Manager SDM600 Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Improper Authorization, Improper Resource Shutdown or Release, Improper...

CP Plus KVMS Pro

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: CP Plus Equipment: KVMS Pro Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve sensitive credentials and control the...

GE iFIX

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: iFIX Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation and full control of the system. 3. TECHNICAL DETAILS 3.1...

Panasonic Sanyo CCTV Network Camera

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Panasonic Equipment: Sanyo CCTV Network Camera Vulnerability: Cross-Site Request Forgery CSRF 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

Rockwell Automation ISaGRAF

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: ISaGRAF Vulnerability: I mproper Restriction of XML External Entity Reference 2.UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-22-088-01 Rockwell...

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric HMI SCADA (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ICONICS and Mitsubishi Electric Equipment: ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerabilities: Cross-site Scripting, Incomplete List of Disallowed Inputs, Plaintext Storage of a...

Siemens Teamcenter

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Vulnerability: Privilege Defined with Unsafe Actions, Authorization Bypass Through User-Controlled Key, Improper Restriction of XML External Entity Reference 2. RISK...

Siemens JT2Go and Teamcenter Visualization (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go & Teamcenter Visualization Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Out-of-bounds Write, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up...

Swisslog Healthcare Translogic PTS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Swisslog Healthcare Equipment: Translogic PTS Pneumatic Tube Systems Vulnerabilities: Use of Hard-coded Password, Execution with Unnecessary Privileges, Improper Authentication, Download of Code without...

Siemens SIMATIC Software Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Low attack complexity Vendor : Siemens Equipment : SIMATIC Software Products Vulnerability : Incorrect Permission Assignment for Critical Resource 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-194-06...

Mitsubishi Electric GOT (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT Vulnerability: Improper Authentication 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-112-02 Mitsubishi Electric GOT that was published...

Schneider Electric C-Bus Toolkit

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: C-Bus Toolkit Vulnerabilities: Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code...

Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT &CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security...

GE Digital APM Classic

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Digital Equipment: APM Classic Vulnerabilities: Authorization Bypass Through User-controlled Key, Use of a One-Way Hash Without a Salt 2. RISK EVALUATION Successful exploitation of these...

Advantech iView

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Path Traversal, Command Injection, Improper Input Validation, Missing Authentication for Critical Function, Improper Access Control 2...

ABB Device Library Wizard

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: Device Library Wizard Vulnerability: Insecure Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-level user to escalate privileges and...

Siemens SIMOTICS, Desigo, APOGEE, and TALON

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: Siemens Equipment: SIMOTICS, Desigo, APOGEE, and TALON Vulnerability: Business Logic Errors 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

Digi ConnectPort LTS 32 MEI

1. EXECUTIVE SUMMARY CVSS v3 2.4 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Digi International Equipment : ConnectPort LTS 32 MEI Vulnerabilities : Unrestricted Upload of File with Dangerous Type, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these...

Siemens SINEMA Server

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Server Vulnerability: Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with a valid session, with...

WECON PLC Editor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Equipment: PLC Editor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation could allow an attacker to execute code under the privileges of the application. 3. TECHNICAL DETAILS...

Microsoft Operating Systems BlueKeep Vulnerability

Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems OSs, including both 32- and 64-bit versions, as well as all Service Pac...

Nortek Linear eMerge E3 Series

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Nortek Equipment: Linear eMerge E3 Series Vulnerability: Command Injection AFFECTED PRODUCTS The following Linear eMerge, an access control interface, versions are affected: Linear eMerge E3 series Versions V0.32-07e...

Siemens Industrial Products (Update B)

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01A Siemens Industrial Products that w...

Siemens BACnet Field Panels (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: BACnet Field Panels Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the...