Sensormatic PowerManage (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc Equipment: PowerManage Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This update advisory is a follow-up to the...

Siemens TIM 4R-IE Devices

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: TIM 4R-IE Vulnerabilities: Incorrect Type Conversion or Cast, Improper Input Validation, Improper Authentication, Security Features, Null Pointer Dereference, Data Processing Errors,...

Hitachi ABB Power Grids eSOMS Telerik

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: eSOMS Telerik Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Improper Input Validation, Inadequate Encryption Strength, Insufficiently...

Johnson Controls exacq Enterprise Manager

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc. Equipment: exacq Enterprise Manager Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability...

GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, RXi

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : GE Equipment : PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, RXi Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this...

GE UR Family (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: UR Family Vulnerabilities: Inadequate Encryption Strength, Session Fixation, Exposure of Sensitive Information to an Unauthorized Actor, Improper Input Validation, Unrestricted Upload...

Mitsubishi Electric FA Engineering Software (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials,...

Yokogawa CENTUM and ProSafe-RS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: CENTUM and ProSafe-RS Vulnerabilities: OS Command Injection, Improper Authentication, NULL Pointer Dereference, Improper Input Validation, Resource Management Errors 2. RISK...

Schneider Electric Modicon M221

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon M221 Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a change of...

Siemens SIMATIC WinCC

​​As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

Secheron SEPCOS Control and Protection Relay

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Secheron Equipment: SEPCOS Control and Protection Relay Vulnerabilities: Improper Enforcement of Behavioral Workflow, Lack of Administrator Control over Security, Improper Privilege Management,...

Mitsubishi Electric GOT2000 series and GT SoftGOT2000

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT2000 series and GT SoftGOT2000 Vulnerability: Missing Synchronization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service...

AVEVA Vijeo Citect and Citect SCADA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit --------- Begin Update A Part 1 of 5 --------- Vendor: AVEVA and Schneider Electric Equipment: AVEVA’s Vijeo Citect and Citect SCADA; Schneider Electric’s Power SCADA Operation --------- End Update A Part...

Orpak SiteOmat

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: Orpak acquired by Gilbarco Veeder-Root Equipment: SiteOmat Vulnerabilities: Use of Hard-coded Credentials, Cross-site Scripting, SQL Injection, Missing Encryption of...

Siemens Industrial Products with OPC UA (Update H)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

OpenClinic GA (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: OpenClinic GA is a product of open-source collaboration on Source Forge Equipment: OpenClinic GA Vulnerabilities: Authentication Bypass Using an Alternate Path or...

Teledyne DALSA Sherlock

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Teledyne DALSA Equipment: Sherlock Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may...

Sierra Wireless AirLink ALEOS (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Sierra Wireless Equipment: AirLink ALEOS Vulnerabilities: OS Command Injection, Use of Hard-coded Credentials, Unrestricted Upload of File with Dangerous Type,...

Emerson DeltaV DCS Workstations

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/Low skill level to exploit Vendor: Emerson Equipment: DeltaV DCS Workstations Vulnerabilities: Uncontrolled Search Path Element, Relative Path Traversal, Improper Privilege Management, Stack-Based Buffer Overflow 2. RISK EVALUATION...

ICSA-21-217-03_mySCADA myPRO

1. EXECUTIVE SUMMARY CVSS v3 X8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type, Path Traversal, Exposure of Information Through Directory Listing 2. RISK EVALUATION...

Mitsubishi Electric Factory Automation Engineering Products (Update L)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Factory Automation Engineering products Vulnerability: Unquoted Search Path or Element 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...

Philips Intellispace Portal ISP Vulnerabilities

OVERVIEW Philips reported vulnerabilities in the Philips’ IntelliSpace Portal ISP, an advanced visualization and image analysis system. Philips is creating a software update to mitigate these vulnerabilities in the affected products. Additionally, they are issuing mitigating controls for some...

SWARCO CPU LS4000

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SWARCO TRAFFIC SYSTEMS Equipment: CPU LS4000 Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to the device and disturb...

OSIsoft PI System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI System Vulnerabilities: Uncontrolled Search Path Element, Improper Verification of Cryptographic Signature, Incorrect Default Permissions, Uncaught Exception, Null Pointer...

Wind River VxWorks (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Wind River Equipment: VxWorks Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Integer Underflow, Improper Restriction of Operations within the Bounds of a Memory Buffer,...

Johnson Controls exacqVision Enterprise System Manager

1. EXECUTIVE SUMMARY CVSS v3 6.7 Vendor: Johnson Controls Equipment: exacqVision Enterprise System Manager ESM Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

USB Malware Targeting Siemens Control Software (Update C)

Overview VirusBlokAda, an antivirus vendor based in Belarus, announcedVirusBlokAda, http://www.anti-virus.by/en/tempo.shtml, website last visited July 15, 2010. the discovery of malware that uses a zero-day vulnerability in Microsoft Windows processing of shortcut files. The malware utilizes this...

Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Siemens --------- Begin Update C Part 1 of 3 -------- Equipment: SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 --------- End Update C Part 1 of 3 -------- Vulnerabilities: Resource...

Yokogawa CENTUM and Exaopc

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: CENTUM and Exaopc Vulnerabilities: Use of Hard-coded Credentials, Relative Path Traversal, Improper Output Neutralization for Logs, OS Command Injection, Permissions, Privileges...

Delta Electronics DIAEnergie (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Use of Password Hash with Insufficient Computational Effort, Authentication Bypass Using an Alternate Path or Channel, Unrestricted Upload of Fil...

ZOLL Defibrillator Dashboard

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: ZOLL Equipment: Defibrillator Dashboard Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Use of Hard-coded Cryptographic Key, Cleartext Storage of Sensitive Information, Cross-site...

PTC Kepware LinkMaster

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Low skill level to exploit Vendor: PTC Equipment: Kepware LinkMaster Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to globally overwrite the service...

Rockwell Automation Stratix 5900

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Rockwell Automation Equipment: Stratix 5900 Vulnerabilities: Improper Input Validation, Resource Management Errors, Improper Authentication, Path Traversal . REPOSTED INFORMATION This advisory was originally posted t...

Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability

OVERVIEW Schneider Electric Wonderware’s Cyber Security Team has identified an OpenSSL Heartbleed vulnerability in the Wonderware Intelligence application, caused by a third-party component. Schneider Electric Wonderware has produced a patch that mitigates this vulnerability. This vulnerability...

Schneider Electric Modicon M340 PLC (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Remotely exploitable/low-skill level to exploit Vendor: Schneider Electric Equipment: Modicon M340 PLC Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-054-03 Schneider...

Honeywell EBI, SymmetrE, and ComfortPoint Open Manager Station

Overview This updated advisory is a follow-up to the original advisory titled ICSA-13-053-02--Honeywell Enterprise Buildings Integrator EBI, SymmetrE, and ComfortPoint Open Manager Station that was published February 22, 2013, on the ICS-CERT Web page. This advisory provides mitigation details fo...

Tridium Niagara

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Tridium Equipment: Niagara Vulnerabilities: Path Traversal, Improper Authentication 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on July 10, 2018, and is being released to the...

Schneider Electric Triconex TriStation and Tricon Communication Module

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Triconex TriStation and Triconex Tricon Communication Module Vulnerabilities: Cleartext Transmission of Sensitive Information, Uncontrolled Resource Consumption,...

Hitachi Energy MicroSCADA Pro/X SYS600

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Observable Discrepancy, HTTP Request Smuggling, Classic Buffer Overflow, Improper Certificate Validation, Improper Restriction of...

Siemens SIMATIC Communication Processor Vulnerability (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...

Delta Electronics CNCSoft-B

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft-B Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Untrusted Pointer Dereference, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

All Bachmann M1 System Processor Modules

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bachmann Electronic, GmbH Equipment: All M-Base Controllers Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This updated advisory is a follow-up to the...

Siemens Simcenter Amesim

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-One Vulnerabilities: Untrusted Pointer Dereference, Stack-based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being...

Siemens SINEMA Remote Connect (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Remote Connect Client and Server Vulnerabilities: Incorrect Calculation of Buffer Size, Out-of-bounds Read, Stack-based Buffer Overflow, Improper Handling of Insufficient...

Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-105-03A Siemens Industrial Products OpenSSL Heartbleed Vulnerability that was published April 29, 2014, on the NCCIC/ICS-CERT web site. Siemens reported to ICS-CERT a list of products affected by the OpenSSL...

OSIsoft PI SQL Client

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: OSIsoft LLC Equipment: OSIsoft PI SQL Client Vulnerability: Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution or cause a denial of service,...

Advantech iView

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Missing Authentication for Critical Function, Relative Path Traversal, Command Injection 2. RISK EVALUATION Successful exploitation of these...

Fuji Electric Alpha7 PC Loader

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Alpha7 PC Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Delta Electronics DIAEnergie (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Path Traversal, Incorrect Default Permissions, SQL Injection, Uncontrolled Search Path Element 2. UPDATE INFORMATION This updated advisory is a...