4255 matches found
Siemens SCALANCE W1750D Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Teamcenter Visualization and JT2Go
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION...
Nokia ASIK AirScale System Module
1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Nokia Equipment: ASIK AirScale 5G Common System Module Vulnerabilities: Improper Access Control for Volatile Memory Containing Boot Code, Assumed-Immutable Data is Stored in Writable Memory 2. RISK EVALUATION Successful...
Rockwell Automation FactoryTalk VantagePoint
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk VantagePoint software Vulnerabilities: Improper Access Control, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
Contec Health CMS8000 Patient Monitor (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Contec Health Equipment: CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor Vulnerabilities: Improper Access Control, Uncontrolled Resource Consumption, Use of Hard-Coded Credentials, Active Debug Code 2. RISK EVALUATION...
Siemens Teamcenter Active Workspace
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Active Workspace Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for malicious code execution. 3...
Mitsubishi Electric MELSOFT GT OPC UA
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT GT OPC UA Client Vulnerabilities: Out-of-bounds Read, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Aethon TUG Home Base Server
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Aethon owned by ST Engineering Equipment: TUG Home Base Server Vulnerabilities: Missing Authorization, Channel Accessible by Non-endpoint, Cross-site Scripting 2. RISK EVALUATION Successful exploitation...
Siemens PROFINET Stack Integrated on Interniche Stack
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
ABB OPC Server for AC 800M
1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: OPC Server for AC 800M Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low privileged authenticated...
Siemens SINUMERIK MC
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SINUMERIK MC Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow local attackers to escalate privileges to root. 3. TECHNICAL DETAILS...
Siemens SIMATIC ITC
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC ITC Products Vulnerabilities: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of these LibVNC vulnerabilities could allow remote code...
Advantech WebAccess
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess Vulnerabilities: Heap-based Buffer Overflow, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...
Thales Sentinel LDK Run-Time Environment
1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Thales Equipment: Thales Sentinel LDK Run-Time Environment RTE Vulnerability: Incomplete Cleanup 2. RISK EVALUATION Products that have uninstalled software using the Sentinel LDK Run-Time Environment,...
Delta Electronics CNCSoft-B
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft-B Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to arbitrary code execution. 3. TECHNICAL...
AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts among the Federal Bureau of Investigation FBI,...
Delta Electronics ISPSoft
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: ISPSoft Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application...
Advanced Persistent Threat Actors Targeting U.S. Think Tanks
Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FB...
Fuji Electric V-Server Lite
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for remote code execution on the device. 3. TECHNICAL DETAILS 3.1...
WECON PLC Editor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Equipment: PLC Editor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the...
SHUN HU Technology JUUKO Industrial Radio Remote Control
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: SHUN HU Technology Co., Ltd Equipment: JUUKO Industrial Radio Remote Control Vulnerabilities: Authentication Bypass by Capture-replay, Command Injection 2. RISK EVALUATION...
Siemens SIPORT MP
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPORT MP Vulnerability : Use of client-side authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to impersonate...
Tridium Niagara
1. EXECUTIVE SUMMARY CVSS v3 4,3 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: Tridium Equipment: Niagara Vulnerability: Synchronous Access of Remote Resource without Timeout 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a...
Insulet Omnipod
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit/public exploits are known for this vulnerability Vendor: Insulet Equipment: Omnipod Insulin Management System Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...
WAGO I/O-CHECK
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: I/O-CHECK Series PFC100 and Series PFC200 Vulnerabilities: Information Exposure Through Sent Data, Buffer Access with Incorrect Length Value, Missing Authentication for Critical...
Honeywell INNCOM INNControl 3
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Honeywell Equipment: INNCOM INNControl 3 Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate user privileges within the...
GE CARESCAPE, ApexPro, and Clinical Information Center systems
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station CSCS and Clinical Information Center CIC systems, CARESCAPE B450, B650, B850 Monitors Vulnerabilities:...
Siemens SCALANCE Privilege Escalation Vulnerabilities (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely; low skill level to exploit Vendor: Siemens Equipment: SCALANCE X-200 switch family and SCALANCE X-200IRT switch family Vulnerabilities: Privilege Escalation, Improper Authentication 2. UPDATE INFORMATION This updated advisory is a...
Advantech WebAccess HMI Designer
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low skill level to exploit Vendor : Advantech Equipment : Advantech WebAccess HMI Designer Vulnerability : Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to remotely execute arbitrary code...
ICSA-19-134-02 Siemens SIMATIC WinCC and SIMATIC PCS 7
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS 7 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Rockwell Automation Allen-Bradley CompactLogix and Compact GuardLogix (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley CompactLogix and Compact GuardLogix Vulnerability: Improper Input Validation 2 UPDATE INFORMATION This updated advisory is a follow-up to the original...
Delta Electronics PMSoft
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Low skill level to exploit. Vendor : Delta Electronics Equipment : PMSoft Vulnerabilities : Multiple Stack-Based Buffer Overflow vulnerabilities 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause the application to crash;...
Advantech WebAccess
CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech Equipment: WebAccess Vulnerabilities: Stack-based Buffer Overflow, Untrusted Pointer Dereference AFFECTED PRODUCTS The following versions of WebAccess, an HMI platform, are affected: WebAccess versions prior...
Rockwell Automation Integrated Architecture Builder Access Violation Memory Error
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on February 25, 2016, and is being released to the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified an access violation memory error in Rockwell Automation’s Integrated Architecture Builder IA...
Emerson DeltaV Easy Security Management Application Vulnerability
OVERVIEW Emerson has released a publication to inform its users of a vulnerability that affects DeltaV Easy Security Management. Emerson is terminating support for the DeltaV Easy Security Management application and highly recommends all users uninstall it from all DeltaV and non-DeltaV...
Ecava IntegraXor Vulnerabilities
OVERVIEW Independent security researcher Marcus Richerson and Steven Seeley of Source Incite, working with Trend Micro’s Zero Day Initiative, independently identified vulnerabilities in Ecava’s IntegraXor application. Ecava has produced a new version to mitigate these vulnerabilities. Marcus...
Siemens SIMATIC WinCC TIA Portal Vulnerabilities
OVERVIEW Gleb Gritsai, Roman Ilin, Aleksandr Tlyapov, and Sergey Gordeychik from Positive Technologies have identified authentication vulnerabilities in the Siemens SIMATIC WinCC TIA Portal application. Siemens has produced a service pack that mitigates these vulnerabilities. These vulnerabilitie...
Schneider Electric ProClima ActiveX Control Vulnerabilities
OVERVIEW Ariele Caltabiano, working with HP’s Zero Day Initiative, has identified 11 remote code execution vulnerabilities in Schneider Electric’s ProClima F1 Bookview ActiveX control application. Schneider Electric has produced an update to mitigate these vulnerabilities. These vulnerabilities...
IniNet Solutions SCADA Web Server Vulnerabilities
OVERVIEW Kirill Nesterov and Aleksandr Timorin of Positive Technologies have identified three vulnerabilities in IniNet Solutions GmbH’s SCADA Web Server. IniNet Solutions GmbH has produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely...
Baxter SIGMA Spectrum Infusion System Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 30, 2015, and is being released to the NCCIC/ICS-CERT web site. Researcher Jared Bird with Allina IS Security identified four vulnerabilities in Baxter’s SIGMA Spectrum Infusion System. Baxter has released a...
Fox DataDiode Proxy Server CSRF Vulnerability
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on September 26, 2014, and is being released to the ICS-CERT web site. Tudor Enache of HelpAG identified a Cross-Site Request Forgery CSRF in the proxy server web administration interface for the Fox DataDiode...
Schneider Electric SCADA Expert ClearSCADA Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-259-01 Schneider Electric SCADA Expert ClearSCADA Vulnerabilities that was published September 16, 2014, on the NCCIC/ICS-CERT web site. Independent researcher Aditya Sood has identified a weak hashing algorithm...
Sixnet Universal Protocol Undocumented Function Codes (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-13-231-01A Sixnet Universal Protocol Undocumented Function Codes that was published August 26, 2013, on the ICS-CERT Web page. --------- Begin Update B Part 1 of 1 -------- Researchers Kyle Stone and Mehdi Sabraoui...
GE Intelligent Platforms Proficy Plant Applications Memory Corruption Vulnerabilities
Overview ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative ZDI concerning multiple memory corruption vulnerabilities in the GE Intelligent Platforms Proficy Plant Applications. These vulnerabilities were reported to ZDI by independent security researcher Luigi...
goTenna Pro X and Pro X2 (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Low attack complexity Vendor : goTenna Equipment : Pro series Vulnerabilities : Weak Password Requirements, Insecure Storage of Sensitive Information, Missing Support for Integrity Check, Cleartext Transmission of Sensitive Information,...
Uniview NVR301-04S2-P4 (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Exploitable remotely/low attack complexity/public exploits available Vendor : Uniview Equipment : NVR301-04S2-P4 Vulnerability : Cross-site Scripting 2. RISK EVALUATION An attacker could send a user a URL that if clicked on could execute...
Siemens SCALANCE W1750D
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Tecnomatix Plant Simulation
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Dover Fueling Solutions MAGLINK LX Console
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dover Fueling Solutions Equipment : MAGLINK LX - Web Console Configuration Vulnerabilities : Authentication Bypass using an Alternate Path or Channel, Authentication Bypass by Primary Weakness, Path...
Siemens SIMATIC CN 4100
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CN 4100 Vulnerabilities: Improper Access Control, Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...