Capsule Technologies SmartLinx Neuron 2 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Capsule Technologies Equipment: SmartLinx Neuron 2 Vulnerability: Protection Mechanism Failure 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

BD Alaris PCU (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: Alaris PCU Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Johnson Controls Equipment: Metasys Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability can allow a...

Siemens and PKE SiNVR, SiVMS Video Server (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 6 --------- CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR, SiVMS Video Servers Vulnerabilities: Missing Authentication for Critical Function, Weak Cryptography for Passwords...

Reliable Controls LicenseManager

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Reliable Controls Equipment: LicenseManager Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the system, view sensitive...

Siemens Desigo PX Devices

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : Desigo PX Devices Vulnerability : External Control of Assumed-Immutable Web Parameter 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

3S-Smart Software Solutions GmbH CODESYS V3

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : 3S-Smart Software Solutions GmbH Equipment : CODESYS V3 Vulnerabilities : Unverified Ownership, Uncontrolled Memory Allocation 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Siemens SIMATIC WinCC and SIMATIC PCS 7

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS 7 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Siemens SIMOCODE pro V EIP

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMOCODE pro V EIP Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition...

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor : LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment : LAquis SCADA Vulnerability : Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device an attacker...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update C)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability

OVERVIEW Independent researcher He Congwen has identified a hard-coded password vulnerability in Schneider Electric’s PowerLogic PM8ECC device. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...

Moxa MGate Authentication Bypass Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in Moxa’s MGate products. Moxa has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Moxa reports that the vulnerability...

Honeywell Midas Gas Detector Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 5, 2015, and is being released to the ICS-CERT web site. Independent researcher Maxim Rupp has identified two vulnerabilities in Honeywell’s Midas gas detector. Honeywell has produced firmware versions t...

Advantech WebAccess Vulnerabilities

OVERVIEW Researcher Ricardo Narvaja of Core Security Technologies has identified several buffer overflow vulnerabilities in Advantech’s WebAccess application. Advantech has produced a patch that mitigates these vulnerabilities. The researcher has tested the patch to validate that it resolves the...

3S CODESYS Gateway-Server Vulnerabilities

Overview This updated advisory is a follow-up to the original advisory titled ICSA-13-050-01, 3S CODESYS Gateway-Server Vulnerabilities that was published February 19, 2013, on the ICS-CERT Web page. This updated advisory provides mitigation details for five vulnerabilities in the 3S-Smart Softwa...

360 Systems Image Server 2000 Series Remote Root Access

Overview This updated advisory is a follow-up to the original advisory titled ICSA-13-038-01—360 Systems Image Server 2000 Series Remote Root Access that was published March 06, 2013, on the ICS-CERT Web site. This advisory provides mitigation details for a vulnerability that impacts the 360...

Cogent Real-Time Systems Vulnerabilities

Overview Dillon Beresford of Cimation has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. Affected Products Cogent Real-Time Systems reports...

ING. Punzenberger COPA-DATA GMBH DoS Vulnerabilities

Overview ICS-CERT originally released Advisory ICSA-12-013-01P on the US-CERT secure portal on January 13, 2012. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of the Security Research and Service Institute--Information and...

3S CoDeSys Vulnerabilities

Overview This advisory is a follow-up to the alert update, ICS-ALERT-11-336-01A 3S CoDeSys Vulnerabilities, which was released on the ICS-CERT Web page on December 02, 2011. Security researcher Celil Unuver SignalSec LLC and independent researcher Luigi Auriemma have identified vulnerabilities in...

Carlo Gavazzi EOS Box Multiple Vulnerabilities

Overview This advisory provides mitigation details for multiple vulnerabilities that impact the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has identified two vulnerabilities in the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has produced a firmware...

ABB AC500 PLC Webserver CoDeSys Vulnerability

Overview ICS-CERT has been notified of a buffer overflow vulnerability in the ABB AC500 PLC Webserver application. Successful exploitation of this vulnerability could lead to a denial of service DoS, affecting the availability of the service. This vulnerability is related to ICS-CERT Advisory,...

Siemens Desigo Fire Safety UL and Cerberus PRO UL Fire Protection Systems

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC WinCC, OpenPCS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Known Indicators of Compromise Associated with Androxgh0st Malware

Actions to take today to mitigate malicious cyber activity: 1. Prioritize patching known exploited vulnerabilities in internet-facing systems. 2. Review and ensure only necessary servers and services are exposed to the internet. 3. Review platforms or services that have credentials listed in .env...

Rockwell Automation FactoryTalk Activation

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk Activation Manager Vulnerabilities : Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in a...

Siemens SCALANCE W1750D

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Mitsubishi Electric FA Engineering Software (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to...

Keysight N8844A Data Analytics Web Service (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Keysight Equipment : N8844A Data Analytics Web Service Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code...

Delta Electronics DIAEnergie

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie --------- Begin Update B part 1 of 5 --------- Vulnerabilities: Cross-site Scripting, SQL Injection, Authorization Bypass --------- End Update B part 1 of 5...

Delta Electronics InfraSuite Device Master

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Deserialization of Untrusted Data, Path Traversal, Missing Authentication for Critical Function 2. UPDATE OR REPOSTED INFORMATION...

Siemens Mobility CoreShield OWG Software

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Mobility Equipment: CoreShield One-Way Gateway OWG Software Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to leverage the default...

MZ Automation libIEC61850

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: MZ Automation GmbH Equipment: libIEC61850 Vulnerabilities: Buffer Overflow, Access of Resource Using Incompatible Type, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these...

Delta Electronics DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-244-01 Delta Electronics DOPSoft that was published...

Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Johnson Controls Metasys ADS ADX OAS Servers

1. EXECUTIVE SUMMARY CVSS v3 8.7 ATTENTION: Low attack complexity/exploitable remotely Vendor: Johnson Controls, Inc. Equipment: Metasys ADS/ADX/OAS Servers Vulnerabilities: Unverified Password Change, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Mitsubishi Electric MELSEC iQ-F Series

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-139-01...

Siemens Industrial Products with OPC UA

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET PC, SITOP Manager, TeleControl Server Basic Vulnerability: Null Pointer Dereference 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

APT Groups Target Healthcare and Essential Services

Summary This is a joint alert from the United States Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA and the United Kingdom’s National Cyber Security Centre NCSC. CISA and NCSC continue to see indications that advanced persistent threat APT groups are...

Johnson Controls exacqVision

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Server 32-bit Vulnerability: Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of this...

Mitsubishi Electric GOT and Tension Controller (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT and Tension Controller Vulnerability: Buffer Access with Incorrect Length Value 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-131-02...

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate their...

Delta Industrial Automation DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: Delta Industrial Automation DOPSoft Vulnerabilities: Out-of-bounds Read, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

ICSA-19-225-03_Siemens SCALANCE X Switches (Update D)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X switches Vulnerability: Insufficient Resource Pool 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-225-03 Siemens SCALANCE...

AVEVA Wonderware System Platform

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: AVEVA Equipment: Wonderware System Platform Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION This vulnerability could allow unauthorized access to the credentials for the ArchestrA Network User...

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules Vulnerability: Missing Authentication for Critical Function 2. REPOSTED INFORMATION This...

Lantech IDS 2102

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Lantech Equipment : IDS 2102 Vulnerabilities : Improper Input Validation, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...

Intel 2G Modem

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION : Exploitable remotely Vendor : Intel Equipment : Intel 2G Modem Vulnerability : Buffer Overflow 2. RISK EVALUATION Successful exploitation of this buffer overflow vulnerability may allow remote code execution. The vulnerability affects Intel 2G modem...

Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update C)

CVSS v3 6.8 Vendor: Siemens Equipment: SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-318-01B Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products that was...

ICSMA-17-241-01_Abbott Laboratories ' Accent/Anthem, Accent MRI, Assurity/Allure, and Assurity MRI Pacemaker Vulnerabilities

OVERVIEW MedSec Holdings Ltd has identified vulnerabilities in Abbott Laboratories’ formerly St. Jude Medical pacemakers. Abbott has produced a firmware patch to help mitigate the identified vulnerabilities in their pacemakers that utilize radio frequency RF communications. A third-party security...