Lucene search
K
IcsMost viewed

4255 matches found

ICS
ICS
added 2023/01/26 12:0 a.m.50 views

Rockwell Automation products using GoAhead Web Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Products using GoAhead Web Server Vulnerabilities: Infinite Loop, Use after Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could have a high...

9.8CVSS8.6AI score0.66982EPSS
Exploits3References4
ICS
ICS
added 2022/12/13 12:0 a.m.50 views

Siemens APOGEE and TALON

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: APOGEE and TALON Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low privilege authenticated attacker to gain...

8.8CVSS7.6AI score0.01555EPSS
Exploits0References12
ICS
ICS
added 2022/09/20 12:0 a.m.50 views

Hitachi Energy PROMOD IV

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable Remotely Vendor: Hitachi Energy Equipment: PROMOD IV Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to delete arbitrary files once the system is compromised...

9.3CVSS5.8AI score0.11818EPSS
Exploits10References4
ICS
ICS
added 2022/09/20 12:0 a.m.50 views

Host Engineering Communications Module

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Host Engineering Equipment: H0-ECOM100 Communications Module Vulnerability: Stack-based Buffer overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the...

6.5CVSS7AI score0.00313EPSS
Exploits0References5
ICS
ICS
added 2022/09/13 12:0 a.m.50 views

Siemens Mendix SAML Module

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Authentication Bypass by Capture-replay 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA- ICSA-22-258-04 Siemens Mendix SAML...

9.8CVSS10AI score0.01085EPSS
Exploits0References11
ICS
ICS
added 2022/08/16 12:0 a.m.50 views

Yokogawa CENTUM Controller FCS

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: CENTUM VP & CS 3000 Controller FCS Vulnerability: Denial of Service 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the affected device, resulting in a...

7.5CVSS7.7AI score0.00972EPSS
Exploits0References5
ICS
ICS
added 2022/08/04 12:0 a.m.50 views

Digi ConnectPort X2D

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Digi International, Inc. Equipment: ConnectPort X2D Gateway Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

10CVSS9.8AI score0.00817EPSS
Exploits0References5
ICS
ICS
added 2022/06/14 12:0 a.m.50 views

Mitsubishi Electric MELSEC-Q/L and MELSEC iQ-R

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC-Q/L Series and iQ-R Series Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition and/or...

10CVSS9.8AI score0.02059EPSS
Exploits0References4
ICS
ICS
added 2022/05/09 12:0 p.m.50 views

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

Summary Actions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote...

9.8AI score
Exploits0References177
ICS
ICS
added 2022/03/08 12:0 a.m.50 views

Siemens Mendix

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-22-069-13 Siemens Mendix that was published March 10, 2021, to...

8.1CVSS8.2AI score0.00591EPSS
Exploits0References10
ICS
ICS
added 2022/02/01 12:0 a.m.50 views

Advantech ADAM-3600

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: ADAM-3600 Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized access to intercept traffic...

9.8CVSS9.9AI score0.01211EPSS
Exploits0References5
ICS
ICS
added 2022/01/06 12:0 a.m.50 views

Fernhill SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fernhill Software, Ltd. Equipment: Fernhill SCADA Server Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service...

7.5CVSS7.8AI score0.01077EPSS
Exploits0References5
ICS
ICS
added 2021/09/14 12:0 a.m.50 views

Siemens SIMATIC RFID

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC RFID terminals Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely execute code. 3...

7.5CVSS8AI score0.04472EPSS
Exploits1References11
ICS
ICS
added 2021/09/09 12:0 a.m.50 views

AVEVA PCS Portal

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: Platform Common Services PCS Portal Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION The DLL hijacking vulnerability in the Platform Common Services PCS Portal, if exploited, could allow...

7.8CVSS7.6AI score0.00215EPSS
Exploits0References5
ICS
ICS
added 2021/08/10 12:0 a.m.51 views

Siemens SIMATIC S7-1200 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1200 Devices Vulnerability: Improper Authentication 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-222-09 Siemens SIMATIC S7-1200 that was...

7.5CVSS7.9AI score0.00922EPSS
Exploits0References11
ICS
ICS
added 2021/07/13 12:0 a.m.50 views

Siemens RUGGEDCOM ROS

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : RUGGEDCOM ROS Vulnerability : Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network access to an affected device to cause a remote...

9.8CVSS10AI score0.02285EPSS
Exploits0References10
ICS
ICS
added 2021/07/01 12:0 a.m.50 views

Johnson Controls Facility Explorer

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Facility Explorer Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could give an authenticated user an unintended...

8.8CVSS8.9AI score0.00816EPSS
Exploits0References5
ICS
ICS
added 2021/05/13 12:0 a.m.50 views

OPC Foundation UA Products Built with .NET Framework

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: OPC Foundation Equipment: OPC UA Servers Vulnerability: Uncontrolled Recursion 2. RISK EVALUATION Successful exploitation of this vulnerability could trigger a stack overflow. 3. TECHNICAL DETAILS 3.1...

7.5CVSS7.7AI score0.02186EPSS
Exploits0References5
ICS
ICS
added 2021/01/26 12:0 a.m.50 views

All Bachmann M1 System Processor Modules

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bachmann Electronic, GmbH Equipment: All M-Base Controllers Vulnerability : Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This updated advisory is a follow-up to...

8.8CVSS8.5AI score0.00824EPSS
Exploits0References4
ICS
ICS
added 2021/01/19 12:0 a.m.50 views

Philips Interventional Workstations

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Philips Interventional WorkSpot, Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live, ViewForum Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this...

6.5CVSS6.8AI score0.00887EPSS
Exploits0References5
ICS
ICS
added 2020/08/20 12:0 a.m.50 views

Philips SureSigns VS4

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely Vendor : Philips Equipment : SureSigns VS4 Vulnerabilities : Improper Input Validation, Improper Access Control, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...

6.3CVSS4.7AI score0.01003EPSS
Exploits0References5
ICS
ICS
added 2020/07/28 12:0 a.m.50 views

Softing Industrial Automation OPC

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Softing Industrial Automation, GmbH Equipment: OPC Vulnerabilities: Heap-based Buffer Overflow, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

9.8CVSS9.4AI score0.02515EPSS
Exploits0References6
ICS
ICS
added 2020/07/14 12:0 a.m.50 views

Siemens Opcenter Execution Core (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Opcenter Execution Core --------- Begin Update B Part 1 of 5 --------- Vulnerabilities: Cross-site Scripting, SQL Injection, Improper Access Control, Insufficiently Protected...

8.1CVSS8.2AI score0.01219EPSS
Exploits0References9
ICS
ICS
added 2020/03/10 12:0 a.m.50 views

ICSA-20-070-04_Johnson Controls Kantech EntraPass

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Kantech, a subsidiary of Johnson Controls Equipment: EntraPass Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code...

10CVSS9.9AI score0.01602EPSS
Exploits0References2
ICS
ICS
added 2019/07/02 12:0 a.m.50 views

Schneider Electric Modicon Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon Controllers Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could result...

7.5CVSS8AI score0.01129EPSS
Exploits0References4
ICS
ICS
added 2018/11/29 12:0 a.m.50 views

INVT Electric VT-Designer

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: INVT Electric Equipment: VT-Designer Vulnerabilities: Deserialization of Untrusted Data, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause...

8.8CVSS9.1AI score0.03199EPSS
Exploits0References6
ICS
ICS
added 2018/09/06 12:0 p.m.50 views

Schneider Electric Serial Modbus Driver Buffer Overflow

OVERVIEW Carsten Eiram of Risk-Based Security has identified a stack-based buffer overflow vulnerability in Schneider Electric’s Serial Modbus Driver that affects 11 Schneider Electric products. Schneider Electric has produced patches that mitigate this vulnerability. This vulnerability can be...

9.3CVSS7.4AI score0.22293EPSS
Exploits10References19
ICS
ICS
added 2018/04/17 12:0 a.m.50 views

ICSA-18-107-03_Rockwell Automation Stratix Services Router

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Rockwell Automation Equipment : Allen-Bradley Stratix 5900 Services Router Vulnerabilities : Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer,...

10CVSS9.6AI score0.14468EPSS
Exploits0References2
ICS
ICS
added 2018/01/18 12:0 a.m.50 views

Siemens SIMATIC WinCC Add-On (Update A)

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC WinCC Add-On Vulnerabilities: Stack-based Buffer Overflow, Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Security Features, Improper...

9.9CVSS1AI score0.04758EPSS
Exploits0References50
ICS
ICS
added 2017/08/03 12:0 a.m.50 views

Schneider Electric Pro-face GP-Pro EX

CVSS v3 7.2 ATTENTION: Public exploits are available. Vendor: Schneider Electric Equipment: Pro-face GP-Pro EX Vulnerability: Uncontrolled Search Path Element AFFECTED PRODUCTS The following versions of Pro-face GP-Pro EX software, an HMI management platform, are affected: GP Pro EX version...

7.8CVSS7.9AI score0.00378EPSS
Exploits0References3
ICS
ICS
added 2017/03/16 12:0 a.m.50 views

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

CVSS v3 7.3 ATTENTION: Low skill level to exploit. Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Improper Access Control AFFECTED PRODUCTS The following versions of LAquis SCADA, an industrial automation software, are affected: LAquis...

7.3CVSS7.4AI score0.00323EPSS
Exploits0References3
ICS
ICS
added 2016/09/23 6:0 a.m.50 views

Siemens Desigo PX Web Module Insufficient Entropy Vulnerability

OVERVIEW Siemens has released a firmware update to mitigate an insufficient entropy vulnerability that affects Siemens Desigo PX Web modules. Marcella Hastings, Joshua Fried, and Nadia Heninger from the University of Pennsylvania coordinated this vulnerability directly with Siemens. This...

7.5CVSS7.8AI score0.01499EPSS
Exploits0References10
ICS
ICS
added 2016/07/17 6:0 a.m.50 views

FATEK Automation Designer Memory Corruption Vulnerabilities

OVERVIEW Ariele Caltabiano kimiya working with Trend Micro’s Zero Day Initiative ZDI has identified a heap memory corruption and two stack buffer overflow vulnerabilities in Fatek’s Automation PM and FV Designer applications. Fatek has not produced an update to mitigate these vulnerabilities. ZDI...

8.8CVSS9AI score0.0229EPSS
Exploits0References10
ICS
ICS
added 2016/04/10 6:0 a.m.50 views

Moxa Device Server Web Console Authorization Bypass Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified an authorization bypass vulnerability in Moxa’s Device Server Web Console. Moxa has indicated the NPort 5232-N was discontinued in 2012 and has produced recommendations to mitigate this vulnerability. This vulnerability could be exploited...

9.8CVSS9.8AI score0.02848EPSS
Exploits0References10
ICS
ICS
added 2016/01/14 7:0 a.m.50 views

Siemens Industrial Products DROWN Vulnerability (Update C)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-103-03B Siemens Industrial Products DROWN Vulnerability that was published June 15, 2017, on the NCCIC/ICS-CERT web site. Siemens has found that a DROWNThe DROWN Attack, https://drownattack.com/, web site last...

5.9CVSS6.9AI score0.82112EPSS
Exploits2References10
ICS
ICS
added 2015/06/18 6:0 a.m.50 views

Advantech WebAccess Stack-Based Buffer Overflow Vulnerability

OVERVIEW Ivan Sanchez from Nullcode Team has identified a stack-based buffer overflow vulnerability in Advantech’s WebAccess application. Advantech has produced a new version to mitigate this vulnerability. Ivan Sanchez has tested the new version to validate that it resolves the vulnerability...

6.9CVSS7.3AI score0.00794EPSS
Exploits0References10
ICS
ICS
added 2014/11/07 7:0 a.m.50 views

Siemens SIMATIC WinCC OA Multiple Vulnerabilities

OVERVIEW Researchers Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies have identified multiple vulnerabilities in the Siemens SIMATIC WinCC Open Architecture OA application. Siemens has produced updates that mitigate these vulnerabilities. These vulnerabilities could be...

7.5CVSS8AI score0.05261EPSS
Exploits3References10
ICS
ICS
added 2013/01/12 7:0 a.m.50 views

Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability

Overview This advisory provides mitigation details for a vulnerability affecting the Schneider Electric MiCOM S1 Studio Software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the MiCOM S1 Studio Software using the Microsoft Attac...

6.6CVSS6.3AI score0.00336EPSS
Exploits0References10
ICS
ICS
added 2024/05/14 12:0 a.m.49 views

Siemens RUGGEDCOM CROSSBOW

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS8.6AI score0.01406EPSS
Exploits0References12
ICS
ICS
added 2024/03/12 12:0 a.m.49 views

Siemens SINEMA Remote Connect Server

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS7.9AI score0.00833EPSS
Exploits5References12
ICS
ICS
added 2023/07/20 6:0 a.m.49 views

Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers Vulnerabilities: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION...

9.8CVSS9.6AI score0.01163EPSS
Exploits0References10
ICS
ICS
added 2023/07/18 6:0 a.m.49 views

Keysight N6845A Geolocation Server

1. EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: Keysight Technologies ​Equipment: N6854A Geolocation Server ​Vulnerabilities: Exposed Dangerous Method or Function, Relative Path Traversal 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could allow...

7.8CVSS8.7AI score0.00239EPSS
Exploits0References8
ICS
ICS
added 2023/03/14 12:0 a.m.49 views

Siemens SCALANCE W1750D Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS8.3AI score0.59501EPSS
Exploits0References12
ICS
ICS
added 2022/11/03 6:0 a.m.49 views

Nokia ASIK AirScale System Module

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Nokia Equipment: ASIK AirScale 5G Common System Module Vulnerabilities: Improper Access Control for Volatile Memory Containing Boot Code, Assumed-Immutable Data is Stored in Writable Memory 2. RISK EVALUATION Successful...

8.8CVSS8.5AI score0.0022EPSS
Exploits0References10
ICS
ICS
added 2022/10/06 12:0 a.m.49 views

Rockwell Automation FactoryTalk VantagePoint

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk VantagePoint software Vulnerabilities: Improper Access Control, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

8.8CVSS9.6AI score0.03161EPSS
Exploits0References4
ICS
ICS
added 2022/09/01 6:0 a.m.49 views

Contec Health CMS8000 Patient Monitor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Contec Health Equipment: CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor Vulnerabilities: Improper Access Control, Uncontrolled Resource Consumption, Use of Hard-Coded Credentials, Active Debug Code 2. RISK EVALUATION...

7.5CVSS7AI score0.00797EPSS
Exploits0References10
ICS
ICS
added 2022/06/14 12:0 a.m.49 views

Siemens Teamcenter Active Workspace

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Active Workspace Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for malicious code execution. 3...

6.1CVSS6.2AI score0.00545EPSS
Exploits0References11
ICS
ICS
added 2022/05/10 12:0 a.m.49 views

Mitsubishi Electric MELSOFT GT OPC UA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT GT OPC UA Client Vulnerabilities: Out-of-bounds Read, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

7.5CVSS8.6AI score0.50732EPSS
Exploits0References5
ICS
ICS
added 2022/04/12 12:0 a.m.49 views

Siemens PROFINET Stack Integrated on Interniche Stack

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS6.6AI score0.00849EPSS
Exploits0References10
ICS
ICS
added 2022/04/12 12:0 a.m.49 views

Aethon TUG Home Base Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Aethon owned by ST Engineering Equipment: TUG Home Base Server Vulnerabilities: Missing Authorization, Channel Accessible by Non-endpoint, Cross-site Scripting 2. RISK EVALUATION Successful exploitation...

8.2CVSS8.3AI score0.0069EPSS
Exploits0References5
Total number of security vulnerabilities4255