PTC KEPServerEx

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : KEPServerEX, ThingWorx, OPC-Aggregator Vulnerabilities : Heap-based Buffer Overflow, Improper Validation of Certificate with Host Mismatch 2. RISK EVALUATION Successful...

Fuji Electric Tellus Lite V-Simulator

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : Tellus Lite V-Simulator Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Johnson Controls Quantum HD Unity

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable Remotely/Low attack complexity Vendor : Johnson Controls Inc. Equipment : Quantum HD Unity Vulnerability : Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to...

Siemens SIMATIC IPCs

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability

Actions to take today to mitigate cyber threats from CL0P ransomware: 1. Take an inventory of assets and data, identifying authorized and unauthorized devices and software. 2. Grant admin privileges and access only when necessary, establishing a software allow list that only executes legitimate...

Siemens CPCI85 Firmware of SICAM A8000 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

mySCADA myPRO

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: mySCADA Technologies Equipment: mySCADA myPRO Vulnerabilities: OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

JTEKT ELECTRONICS Kostac PLC Programming Software

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: JTEKT ELECTRONICS CORPORATION Equipment: Kostac PLC Programming Software Vulnerabilities: Out-of-bounds Read, Use After Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update E)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability : Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Digital Alert Systems DASDEC

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Digital Alert Systems Equipment: DASDEC Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities might result in false alerts...

Siemens Desigo PXM Devices

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Desigo PXM Devices Vulnerabilities: OS Command Injection, Exposure of Sensitive Information to an Unauthorized Actor, Cross-Site Scripting, Cross-Site Request Forgery, Improper...

Medtronic NGP 600 Series Insulin Pumps

1. EXECUTIVE SUMMARY CVSS v3 4.8 ATTENTION: Exploitable from an adjacent network Vendor: Medtronic Equipment: MiniMed 600 Series Insulin Pumps Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to deliver...

Triangle Microworks Libraries

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Triangle Microworks Equipment: TMW IEC 61850 Software Library and TMW IEC 60870-6 ICCP/TASE.2 Software Library Vulnerability: Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation...

Siemens SIMATIC MV500 Devices

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC MV500 Devices Vulnerabilities: Insufficient Session Expiration, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these...

Meridian Cooperative Meridian

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Meridian Cooperative Equipment: Meridian Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a disclosure of sensitive information...

Siemens Simcenter Femap

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could cause code execution if the affected application is used to open a malicious .NEU...

Mitsubishi Electric GOT and Tension Controller (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT and Tension Controller Vulnerabilities: Improper Handling of Exceptional Conditions, Improper Input Validation --------- Begin Update A Part 1 of 2 ---------...

Boston Scientific Zoom Latitude

1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION: Low attack complexity Vendor: Boston Scientific Equipment: ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120 Vulnerabilities: Use of Password Hash with Insufficient Computational Effort, Missing Protection Against Hardware Reverse Engineering Using...

GENIVI Alliance DLT

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: GENIVI Alliance Equipment: DLT-Daemon Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution or crash the...

Siemens SIMARIS Configuration (Update A)

1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMARIS configuration Vulnerability: Incorrect Default Permissions 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-040-08 Siemens SIMARIS...

Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-300 CPUs and SINUMERIK Controller Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-315-04...

Schneider Electric APC Easy UPS On-Line

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: APC Easy UPS On-Line Vulnerabilities: Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to remote code execution. 3...

Trailer Power Line Communications

1. EXECUTIVE SUMMARY CVSS v3 4.3 Vendor: Multiple Trailer and Brake Manufacturers Equipment: Power Line Communications Bus / PLC4TRUCKS / J2497 Vulnerability: Exposure of Sensitive Information Through Sent Data 2. RISK EVALUATION The National Motor Freight Traffic Association NMFTA and Assured...

Rockwell Automation Logix Designer Studio 5000

1. EXECUTIVE SUMMARY CVSS v3 3.6 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: Logix Designer Studio 5000 Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Siemens and PKE SiNVR, SiVMS Video Server (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 6 --------- CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR, SiVMS Video Servers Vulnerabilities: Missing Authentication for Critical Function, Weak Cryptography for Passwords...

OSIsoft PI Vision

1. EXECUTIVE SUMMARY CVSS v4.8 ATTENTION: Low skill level to exploit Vendor: OSIsoft Equipment: PI Vision Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and modify the contents of the PI Vision web page and data...

Omron CX-One CX-Protocol

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Protocol within CX-One Vulnerabilities: Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the...

Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities

OVERVIEW Siemens has identified two vulnerabilities within products utilizing the Siemens WinCC application. Siemens has produced a patch that mitigates this vulnerability in the WinCC application and is working on updates for the remaining affected products to address the other vulnerability in...

ICSA-18-128-02 Siemens Siveillance VMS (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : Siveillance Video Management Software VMS Vulnerability : Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-128-02...

Medtronic 2090 Carelink Programmer Vulnerabilities (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.1 Vendor: Medtronic Equipment: 2090 CareLink Programmer, 29901 Encore Programmer Vulnerabilities: Storing Passwords in a Recoverable Format, Relative Path Traversal, Improper Restriction of Communication Channel to Intended Endpoints 2. UPDATE INFORMATION This...

ICSA-17-355-01_Moxa NPort W2150A and W2250A

CVSS v3 6.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Moxa Equipment: NPort W2150A and W2250A Vulnerability: Credentials Management AFFECTED PRODUCTS The following versions of NPort, a serial network interface, are affected: NPort W2150A Versions prior to 1.11, and NPort...

Satel Iberia SenNet Data Logger and Electricity Meters

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Satel Iberia Equipment: SenNet Data Logger and Electricity Meters Vulnerability: Command Injection AFFECTED PRODUCTS The following versions of SenNet Data Logger and Electricity Meters, monitoring platforms, are...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update I)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

Certec EDV GmbH atvise scada

CVSS v3 6.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Certec EDV GmbH Equipment: atvise scada Vulnerabilities: Cross-Site Scripting, Header Injection AFFECTED PRODUCTS The following versions of atvise scada, a HMI configuration platform, are affected: Atvise scada 3.0 an...

Schneider Electric Wonderware Historian

CVSS V3 7.3 ATTENTION: Remotely exploitable/Low skill level to exploit Vendor: Schneider Electric Equipment: Wonderware Historian Vulnerability: Credentials Management AFFECTED PRODUCTS The following Wonderware Historian versions are affected: Wonderware Historian 2014 R2 SP1 P01 and earlier...

Advantech WebAccess ActiveX Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-173-01 Advantech WebAccess ActiveX Vulnerabilities that was published June 21, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- Zhou Yu of Acorn Network Security and ZDI Zero...

Resource Data Management Intuitive 650 TDB Controller Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-140-01 Resource Data Management Intuitive 650 TBD Controller Vulnerabilities that was published May 19, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified a privilege escalati...

Meteocontrol WEB'log Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-133-01 Meteocontrol WEB'log Vulnerabilities that was published May 12, 2016, on the NCCIC/ICS‑CERT web site. Independent researcher Karn Ganeshen has identified one authentication and two information exposure...

Siemens SCALANCE S613 Denial-of-Service Vulnerability

OVERVIEW Siemens has identified a resource exhaustion vulnerability that causes a denial-of-service condition in the Siemens SCALANCE S613 device. Siemens recommends that customers contact Siemens customer support in order to obtain advice on a solution for the customer’s specific environment. Th...

Clorius Controls A/S ISC SCADA Insecure Java Client Web Authentication

OVERVIEW Independent researcher Aditya Sood has identified an insecure Java client web authentication vulnerability in the Clorius Controls A/S ISC SCADA server. Clorius Controls A/S has produced an update that mitigates this vulnerability. Aditya Sood has tested the update to validate that it...

Network Time Protocol Vulnerabilities (Supplement Update A)

OVERVIEW --------- Begin Update A Part 1 of 2 -------- This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-353-01C Network Time Protocol Vulnerabilities that was published February 5, 2015, on the ICS‑CERT web site. --------- End Update A Part 1 of 2 ----------...

Cogent DataHub Vulnerabilities

OVERVIEW Independent researcher Alain Homewood has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent Real-Time Systems has produced a new version that mitigates three of the four identified vulnerabilities; they have recommended a mitigation for the...

Mitsubishi Electric Automation MX Component V3 ActiveX Vulnerability

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-091-01 Mitsubishi Electric Automation MX Buffer Overflow Vulnerability that was published April 1, 2013, on the ICS-CERT Web siteICSA-13-091-01, http://ics-cert.us-cert.gov/alerts/ICSA-13-091-01, last accessed May 20, 2013...

Rockwell Automation FactoryTalk RNADiagReceiver

Overview This Updated Advisory is a follow-up to the original Advisory titled “ICSA-12-088-01 – Rockwell Automation FactoryTalk RNADiagReceiver DOS Vulnerabilities” that was published March 28, 2012 on the ICS-CERT web page. This advisory is a follow-up to ICS-CERT Alert...

Siemens ProcessSuite and Invensys Intouch Poorly Encrypted Password File

Overview This advisory provides mitigation details for a vulnerability that impacts Siemens ProcessSuite and Invensys Wonderware InTouch products. Researcher Seth Bromberger of NCI Security, LLC and independent researcher Slade Griffin have identified an insecure password storage vulnerability in...

Siemens SIMATIC S7-200 SMART Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Delta Electronics CNCSoft-G2 DOPSoft (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 DOPSoft Vulnerability : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

Hitachi Energy MACH SCM (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION : Exploitable remotely Vendor : Hitachi Energy Equipment : MACH SCM Vulnerabilities : Improper Control of Generation of Code, Improper Neutralization of Directives in Dynamically Evaluated Code 2. RISK EVALUATION Successful exploitation of...

Siemens Spectrum Power 7

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Delta Electronics InfraSuite Device Master

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : InfraSuite Device Master Vulnerabilities : Path Traversal, Deserialization of Untrusted Data, Exposed Dangerous Method or Function. 2. RISK EVALUATION...