4214 matches found
Siemens WinCC 7.2 Multiple Vulnerabilities
OVERVIEW This advisory provides mitigation details for vulnerabilities that impact the Siemens WinCC Web Navigator 7.2. Researchers Alexander Tlyapov, Sergey Gordeychik, and Timur Yunusov of Positive Technologies have identified multiple vulnerabilities in the Siemens WinCC Web Navigator 7.2...
Ruggedcom ROS Hard-Coded RSA SSL Private Key
Overview This Updated Advisory is a follow-up to the original advisory titled ICSA-12-354-01 RuggedCom ROS Hard-Coded RSA SSL Private Key that was published December 18, 2012, on the ICS-CERT Web page, as a follow-up to the original ICS-CERT alert ICS-ALERT-12-234-01 RuggedCom ROS Key Management...
Wonderware InBatch ActiveX Vulnerabilities
Overview ICS-CERT originally released advisory “ICSA-11-332-01P—Invensys Wonderware InBatch ActiveX Vulnerabilities” in the US-CERT secure portal on November 28, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of the...
AVEVA PI Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : PI Server Vulnerabilities : Improper Check or Handling of Exceptional Conditions, Missing Release of Resource after Effective Lifetime 2. RISK EVALUATION Successful...
Schneider Electric Easergy Studio
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Schneider Electric Equipment : Easergy Studio Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full control of a...
Siemens Desigo CC product family
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Mitsubishi Electric CNC Series (Update E)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : CNC Series devices Vulnerability : Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious remote attacker to...
Weintek Weincloud
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Weintek Equipment: Weincloud Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Improper Authentication, Improper Restriction of Excessive Authentication Attempts, Improper...
Hitachi Energy FOXMAN-UN and UNEM Products
1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: High attack complexity Vendor: Hitachi Energy Equipment: FOXMAN-UN, UNEM Products Vulnerability: Improper Output Neutralization for Logs 2. RISK EVALUATION Successful exploitation of this vulnerability could permit an attacker to access sensitive...
Phoenix Contact Classic Line Controllers
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC, AXC, RFC, PC WORX, FC Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Siemens Simcenter STAR-CCM+ Viewer
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Viewer Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a crash,...
WECON LeviStudioU
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 3. TECHNICAL...
Siemens Solid Edge
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, 3D CAD and solid modeling software Vulnerabilities: Use After Free, Out-of-bounds Read, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Horner Automation Cscape
1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Improper Input Validation, Improper Access Controls 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution in the context of the...
Schneider Electric C-Bus Toolkit
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: C-Bus Toolkit Vulnerabilities: Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code...
SIMATIC WinCC Graphics Designer
1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low skill level to exploit Vendor : Siemens Equipment: SIMATIC WinCC and PCS 7 Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...
Paradox IP150 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Paradox Equipment: IP150 Vulnerabilities: Stack-based Buffer Overflow, Classic Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
MOXA NPort IAW5000A-I/O Series
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MOXA Equipment: NPort IAW5000A-I/O Series Vulnerabilities: Session Fixation, Improper Privilege Management, Weak Password Requirements, Cleartext Transmission of Sensitive Information, Improper...
GE Grid Solutions Reason RT Clocks
1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Low skill level to exploit/exploitable remotely Vendor: GE Equipment: Grid Solutions Reason RT Clocks Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to...
Siemens SIMOTICS, Desigo, APOGEE, and TALON
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: Siemens Equipment: SIMOTICS, Desigo, APOGEE, and TALON Vulnerability: Business Logic Errors 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...
Digi ConnectPort LTS 32 MEI
1. EXECUTIVE SUMMARY CVSS v3 2.4 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Digi International Equipment : ConnectPort LTS 32 MEI Vulnerabilities : Unrestricted Upload of File with Dangerous Type, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these...
Honeywell equIP and Performance Series IP Cameras
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: equIP series and Performance series IP cameras Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability...
Fuji Electric Alpha5 Smart Loader
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: Alpha5 Smart Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of...
ICSA-19-099-05 Siemens RUGGEDCOM ROX II
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: RUGGEDCOM ROX II Vulnerabilities: Double Free, Out-of-bounds Read, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
ABB IP Gateway
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: IP Gateway Vulnerabilities: Improper Authentication, Cross-site Request Forgery, Unprotected Storage of Credentials 2. RISK EVALUATION Successful exploitation of these...
3S-Smart Software Solutions GmbH CODESYS Web Server
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Web Server Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS All Microsoft Windows also WinCE based CODESYS web servers running stand-alone Version 2.3, o...
ICSMA-17-255-01_Philips' IntelliView MX40 Patient Worn Monitor (WLAN) Vulnerabilities
OVERVIEW Philips has identified two vulnerabilities in Philips’ IntelliView MX40 Patient Worn Monitor for use with wireless local area networks WLANs. Philips has produced a software update that fixes one of the identified vulnerabilities and provides mitigations for the other vulnerability...
Mitsubishi Electric Europe B.V. E-Designer
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Mitsubishi Electric Europe B.V. Equipment: E-Designer Vulnerabilities: Heap-Based Buffer Overflow, Stack-Based Buffer Overflow, Out-of-Bounds Write AFFECTED PRODUCTS The following version of E-Designer, a Mitsubishi...
Siemens SIPROTEC 4 and SIPROTEC Compact (Update C)
CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerabilities: Improper Input Validation, Missing Authorization, Improper Authentication UPDATE INFORMATION This updated advisory is a follow-up to the updated...
Schneider Electric SoMachine HVAC
CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: SoMachine HVAC Vulnerabilities: Buffer Overflow, DLL Hijack AFFECTED PRODUCTS The following version of SoMachine HVAC, a PLC programming software, is affected: SoMachine HVAC Versions 2.1.0 and prior. IMPACT...
3S-Smart Software Solutions GmbH CODESYS Web Server
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Web Server Vulnerabilities: Arbitrary File Upload, Stack Buffer Overflow AFFECTED PRODUCTS The following versions of CODESYS Web Server, part of the CODESYS WebVisu...
LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA
CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Path Traversal AFFECTED PRODUCTS The following versions of LAquis SCADA, an industrial automation software, are...
Moxa MiiNePort Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-145-01 Moxa MiiNePort Vulnerabilities that was published May 24, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified weak credential management, sensitive information not...
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-085-01 Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities, that was published March 26, 2015, to the NCCIC/ICS-CERT web site. Gleb Gritsai, Ilya Karpov, and Kirill Nesterov o...
Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities
OVERVIEW Aleksandr Timorin from Positive Technologies has identified authentication vulnerabilities in the Siemens SIMATIC STEP 7 TIA Portal application. Siemens has produced a service pack that mitigates these vulnerabilities. AFFECTED PRODUCTS The following Siemens products are affected: SIMATI...
Advantech EKI Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-344-01A Advantech EKI Vulnerabilities that was published December 15, 2015, on the NCCIC/ICS-CERT web site. --------- Begin Update B Part 1 of 3 -------- HD Moore of Rapid7 identified several vulnerabilities in...
Moxa VPort ActiveX SDK Plus Stack-Based Buffer Overflow Vulnerability
OVERVIEW HP’s Zero Day Initiative ZDI reports that independent researcher Ariele Caltabiano has identified a stack-based buffer overflow vulnerability in the Moxa VPort ActiveX SDK Plus application. Moxa has produced an update that mitigates this vulnerability. This vulnerability could be exploit...
Ecava IntegraXor DLL Vulnerabilities
OVERVIEW Security researcher Praveen Darshanam has identified two DLL loading vulnerabilities in Ecava’s IntegraXor SCADA Server. Ecava has produced a patch that mitigates these vulnerabilities. Praveen Darshanam has tested the patch to validate that it resolves the vulnerabilities. AFFECTED...
GE Proficy Vulnerabilities
OVERVIEW Researchers amisto0x07 and Z0mb1E of Zero Day Initiative ZDI have identified two vulnerabilities in the General Electric GE Proficy human-machine interface/supervisory control and data acquisition HMI/SCADA - CIMPLICITY application. GE has released security advisories, GEIP13-05 and...
Rockwell Automation FactoryTalk and RSLinx Vulnerabilities
OVERVIEW --------- Begin Update A Part 1 of 4 -------- This updated advisory is a follow-up to the original advisory titled ICSA-13-095-02 Rockwell Automation FactoryTalk and RSLinx Vulnerabilities that was published April 5, 2013, on the ICS-CERT Web page. --------- End Update A Part 1 of 4...
ABB Robot Communications Runtime Buffer Overflow
Overview ICS-CERT received a report from ABB and the Zero Day Initiative ZDI concerning a buffer overflow vulnerability in the Robot Communication Runtime software used to communicate with IRC5, IRC5C, and IRCP robot controllers. This vulnerability was reported to ZDI by independent security...
WellinTech KingView User Credentials Not Securely Hashed
Overview This advisory is a follow-up to the alert titled ICS-ALERT-12-212-02 WellinTech KingView User Credentials Not Securely Hashed that was published July 30, 2012, on the ICS-CERT Web page. Dr. Wesley McGrew of Mississippi State University has identified a default credential vulnerability in...
WellinTech Kingview 6.53 Remote Heap Overflow
Overview This advisory is a follow-up to ICS-ALERT-11-011-01 WellinTech Kingview Buffer Overflow, published on the ICS-CERT Web site on January 11, 2011. Independent security researcher Dillon Beresford reported a heap overflow vulnerability in WellinTech KingView V6.53, which may allow a remote,...
Siemens Remote Connect Server
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
ARDEREG Sistemas SCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ARDEREG Equipment: Sistemas SCADA Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate SQL query logic to extract...
Rockwell ArmorStart
1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Equipment: ArmorStart Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a malicious user to view and modify sensitive...
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
SUMMARY The Federal Bureau of Investigation FBI and Cybersecurity and Infrastructure Security Agency CISA are releasing this joint Cybersecurity Advisory CSA in response to the active exploitation of CVE-2023-27350. This vulnerability occurs in certain versions of PaperCut NG and PaperCut MF and...
Hitachi Energy MicroSCADA System Data Manager SDM600
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA System Data Manager SDM600 Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Improper Authorization, Improper Resource Shutdown or Release, Improper...
Honeywell OneWireless Wireless Device Manager
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: OneWireless Wireless Device Manager WDM Vulnerabilities: Command Injection, Use of Insufficiently Random Values, Missing Authentication for Critical Function 2. RISK EVALUATION...
Contec CONPROSYS HMI System (CHS)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Contec Equipment: CONPROSYS HMI System CHS --------- Begin Update A part 1 of 5 --------- Vulnerability: OS Command Injection, Use of Default Credentials, Use of Password Hash Instead of Password for...