ICSNPP - Ethercat Zeek Plugin

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : CISA Equipment : Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Plugin for Zeek Vulnerabilities : Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful...

Siemens Polarion ALM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SCALANCE W1750D

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Open Design Alliance Drawing SDK

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Open Design Alliance ODA Equipment : Drawing SDK Vulnerabilities : Use after Free, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to...

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

Actions to take today to mitigate malicious activity: 1. Implement multifactor authentication. 2. Use strong, unique passwords. 3. Check PLCs for default passwords...

Rockwell Automation FactoryTalk Services Platform

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely Vendor : Rockwell Automation Equipment : FactoryTalk Services Platform Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could use a token to log into the system. 3...

Hitachi Energy AFS65x,AFF66x, AFS67x, and AFR67x Series Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : AFS65x, AFF66x, AFS67x, AFR67x Series Vulnerabilities : Incorrect Calculation, Integer Overflow or Wraparound, Improper Encoding or Escaping of Output, Exposure of...

Dover Fueling Solutions MAGLINK LX Console

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dover Fueling Solutions Equipment : MAGLINK LX - Web Console Configuration Vulnerabilities : Authentication Bypass using an Alternate Path or Channel, Authentication Bypass by Primary Weakness, Path...

Digi RealPort Protocol

1. EXECUTIVE SUMMARY ​CVSS v3 9.0 ​ATTENTION: Exploitable remotely ​Vendor: Digi International, Inc. ​Equipment: Digi RealPort Protocol ​Vulnerability: Use of Password Hash Instead of Password for Authentication 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow the...

GE Digital CIMPLICITY

1. EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: GE Digital ​Equipment: CIMPLICITY ​Vulnerability: Process Control 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3...

Rockwell Automation ThinManager ThinServer

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ThinManager ThinServer Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely...

Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers Vulnerabilities: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION...

ICONICS and Mitsubishi Electric Products

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write arbitrary files. 3. TECHNICAL...

Siemens Teamcenter Visualization and JT2Go

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION...

Siemens PLM Help Server

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: PLM Help Server Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code after tricking users into...

mySCADA myPRO

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Technologies Equipment: mySCADA myPRO Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to run commands directly in the...

Pyramid Solutions EtherNet/IP Adapter Development Kit

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely, low attack complexity Vendor: Pyramid Solutions, Inc. Equipment: EtherNet/IP Adapter Development Kit Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with...

AutomationDirect C-More EA9 HMI

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: C-more EA9 HMI Vulnerabilities: Uncontrolled Search Path Element, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these...

Siemens Teamcenter Active Workspace

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Active Workspace Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for malicious code execution. 3...

Delta Electronics DMARS

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DMARS Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain sensitive information...

Siemens Mendix

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

Siemens PROFINET Stack Integrated on Interniche Stack

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Rockwell Automation ISaGRAF

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: ISaGRAF Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1...

American Auto-Matrix Front-End Solutions Vulnerabilities

OVERVIEW Independent researcher Maxim Rupp has identified a local file inclusion and a plain text storage of password vulnerabilities in American Auto-Matrix’s Building Automation Front-End Solutions application. The Aspect-Matrix hardware platform was made end of life in 2015 and will no longer...

Siemens SICAM TOOLBOX II (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM TOOLBOX II Vulnerability: Use of Hard-coded Credentials 2. UPDATE INFORMATION This advisory update is a follow-up to the original advisory titled ICSA-22-041-05 SICAM TOOLBOX II...

Johnson Controls VideoEdge

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: VideoEdge Vulnerability: Improper Handling of Syntactically Invalid Structure= 2. RISK EVALUATION Running a vulnerability...

Mitsubishi Electric GX Works2

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/high attack complexity Vendor: Mitsubishi Electric Equipment: GX Works2 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a...

Mitsubishi Electric GOT products

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 series, GOT SIMPLE series, GT SoftGOT2000 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the...

Siemens SENTRON powermanager

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SENTRON powermanager Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local attacker to...

Siemens SIMATIC Process Historian

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Process Historian Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could enable the execution of...

Siemens RUGGEDCOM ROS

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : RUGGEDCOM ROS Vulnerability : Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network access to an affected device to cause a remote...

Mitsubishi Electric Air Conditioning System

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Multiple Air Conditioning Systems Vulnerability: Incorrect Implementation of Authentication Algorithm 2. RISK EVALUATION An attacker could exploit this vulnerability by impersonating...

Rockwell Automation Allen-Bradley Micrologix 1100

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley MicroLogix 1100 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability...

Delta Electronics ISPSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: ISPSoft Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application...

Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FB...

WECON PLC Editor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Equipment: PLC Editor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the...

Siemens SIMATIC S7-300 and S7-400 CPUs (Update C)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-300 and S7-400 CPUs Vulnerability: Insufficiently Protected Credentials 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-252-02 Siemens...

Siemens SCALANCE, RUGGEDCOM

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE, RUGGEDCOM Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthenticated access...

Critical Vulnerabilities in Microsoft Windows Operating Systems

Summary New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to...

Johnson Controls exacqVision Server

1. EXECUTIVE SUMMARY CVSS v3 6.7 Vendor : Exacq Technologies, Inc., a subsidiary of Johnson Controls Equipment : exacqVision Server Vulnerability : Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated user to elevate their...

ICSA-19-134-02 Siemens SIMATIC WinCC and SIMATIC PCS 7

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS 7 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

SpiderControl SCADA WebServer

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SpiderControl Equipment: SCADA WebServer Vulnerability: Reflected Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute JavaScript...

ATI Systems Emergency Mass Notification Systems

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely. Vendor : Acoustic Technology, Inc. ATI Systems Equipment : ATI Emergency Mass Notification Systems Vulnerabilities : Improper Authentication, Missing Encryption of Sensitive Data. 2. RISK EVALUATION Successful exploitation of...

Advantech WebOP

CVSS v3 4.8 ATTENTION: Low skill level to exploit. Public exploits are available. Vendor: Advantech Equipment: WebOP Vulnerability: Heap-Based Buffer Overflow AFFECTED PRODUCTS Researchers report that all versions of Advantech WebOP operator panels are affected. IMPACT Successful exploitation of...

Moxa OnCell

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Moxa Equipment: OnCell Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Plaintext Storage of a Password, and Cross-Site Request Forgery AFFECTED PRODUCTS The following versions of OnCell, a...

Rockwell Automation FactoryTalk Activation

CVSS v3 8.8 REPOSTED INFORMATION This advisory was originally posted to the NCCIC Portal on February 16, 2017, and is being released to the ICS-CERT web site. AFFECTED PRODUCTS The following versions of FactoryTalk Activation, a component of FactoryTalk Services Platform, are affected: FactoryTal...

Rockwell Automation Integrated Architecture Builder Access Violation Memory Error

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on February 25, 2016, and is being released to the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified an access violation memory error in Rockwell Automation’s Integrated Architecture Builder IA...

Moxa OnCell Security Vulnerabilities

OVERVIEW Independent researcher Maxim Rupp has identified authorization bypass and disclosed OS commanding vulnerabilities in Moxa’s OnCell Security Software. Moxa has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Th...

IniNet Solutions SCADA Web Server Vulnerabilities

OVERVIEW Kirill Nesterov and Aleksandr Timorin of Positive Technologies have identified three vulnerabilities in IniNet Solutions GmbH’s SCADA Web Server. IniNet Solutions GmbH has produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely...

Harman-Kardon Uconnect Vulnerability

OVERVIEW This advisory is a follow-up to the ICS-ALERT titled ICS-ALERT-15-203-01 FCA Uconnect VulnerabilityICS-CERT ALERT, https://ics-cert.us-cert.gov/alerts/ICS-ALERT-15-203-01, web site last accessed September 17, 2015. that was published July 22, 2015, on the NCCIC/ICS-CERT web site. Chris...