4223 matches found
SpiderControl SCADA Web Server
CVSS v3 5.3 ATTENTION: Low skill level to exploit Vendor: SpiderControl Equipment: SCADA Web Server Vulnerability: Improper Privilege Management AFFECTED PRODUCTS The following versions of SCADA Web Server, a software management platform, are affected: SCADA Web Server Version 2.02.0007 and prior...
SpiderControl SCADA Web Server
CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: SpiderControl Equipment: SCADA Web Server Vulnerability: Directory Traversal AFFECTED PRODUCTS The following versions of SpiderControl SCADA Web Server, a software management platform, are affected: SCADA Web Server...
OSIsoft PI Web API 2017
CVSS v3 7.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OSIsoft Equipment: PI Web API 2017 Vulnerability: Cross-Site Request Forgery AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following PI Web API products: PI Web API versions prior to 2017 1.9.0...
ICSA-17-129-01 Siemens devices using the PROFINET Discovery and Configuration Protocol (Update K)
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a...
VideoInsight Web Client
CVSS V3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: VideoInsight Equipment: Web Client Vulnerability: SQL Injection AFFECTED PRODUCTS The following Web Client versions are affected: Web Client Version 6.3.5.11 and previous versions. IMPACT A successful exploit of this...
Schneider Electric Building Operation Automation Server Vulnerability
OVERVIEW Independent researcher Karn Ganeshen has identified a vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software. Schneider Electric has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely...
Schneider Electric Multiple Products Buffer Overflow Vulnerability
OVERVIEW NCCIC/ICS-CERT received a report from Ariele Caltabiano kimiya with HP’s Zero Day Initiative ZDI concerning a buffer overflow vulnerability in Schneider Electric’s SoMove Lite software package. While addressing this vulnerability, Schneider Electric identified multiple vulnerable Schneid...
LOYTEC Router Information Exposure Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified a password file vulnerability in LOYTEC’s LIP-3ECTB routers. LOYTEC has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following LOYTEC routers are affected:...
Schneider Electric OFS Server Vulnerability (Update A)
OVERVIEW --------- Begin Update A Part 1 of 4 -------- This updated advisory is a follow-up to the original advisory titled ICSA-15-141-01 Schneider Electric OFS Server Vulnerability that was published May 21, 2015, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified tw...
Sierra Wireless AirLink Raven X EV-DO Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the advisory titled ICSA-14-007-01A Sierra Wireless AirLink Raven X EV-DO Multiple Vulnerabilities that was published January 16, 2014, on the NCCIC/ICS‑CERT web site. A researcher at Cimation has identified multiple vulnerabilities in the Sierra...
Rockwell Automation Connected Components Workbench ActiveX Component Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 6, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi working through ZDI has identified two custom ActiveX Component vulnerabilities in Rockwell...
Honeywell FALCON XLWeb Controllers Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 24, 2014, and is being released to the NCCIC/ICS-CERT web site. Martin Jartelius of Outpost24 has identified an authentication bypass vulnerability in Honeywell FALCON XLWeb controllers. Juan Francisco Boliv...
Triangle MicroWorks Uncontrolled Resource Consumption
OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified an uncontrolled resource consumption vulnerability in Triangle MicroWorks products and third-party components. Triangle MicroWorks has produced an update that mitigates this vulnerability. This vulnerability could be...
MOXA EDR-G903 Series Multiple Vulnerabilities
OVERVIEW This advisory provides mitigation details for vulnerabilities that impact Moxa EDR-G903 Series Routers. Independent researcher Neil Smith identified a hard-coded user account vulnerability and an insufficient entropy vulnerability in Moxa’s EDR-G903 series routers. By impersonating the...
Siemens COMOS Privilege Escalation
OVERVIEW Siemens notified NCCIC/ICS-CERT of a privilege escalation vulnerability in the Siemens COMOS database application. An update has been produced by Siemens and is available to resolve the vulnerability. The client application used for accessing the database system might allow authenticated...
WellinTech KingView History Server Buffer Overflow
Overview ICS-CERT has received a report from the Zero Day Initiative ZDI concerning a heap-based buffer overflow vulnerability in WellinTech’s Kingview HistoryServer.exe, which may allow a remote, unauthenticated attacker to execute arbitrary code. This vulnerability was reported to ZDI by...
Rockwell Automation CompactLogix
ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for...
Siemens Questa and ModelSim
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dover Fueling Solutions DFS Equipment : ProGauge MAGLINK LX CONSOLE Vulnerabilities : Command Injection, Improper Privilege Management, Use of Hard-coded Password, Cross-site Scripting,...
Siemens Teamcenter Visualization and JT2Go
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures TTPs of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes, or Cozy Bear. The UK National...
Orthanc Osimis DICOM Web Viewer
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Orthanc Equipment : Osimis Web Viewer Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...
Siemens Solid Edge
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Cambium ePMP 5GHz Force 300-25 Radio (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Cambium Equipment : ePMP Force 300-25 Vulnerability : Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform code execution on the affected product...
INEA ME RTU
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : INEA Equipment : ME RTU Vulnerabilities : OS Command Injection, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution...
WellinTech KingHistorian
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: WellinTech Equipment: KingHistorian Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Signed to Unsigned Conversion Error 2. RISK EVALUATION...
Siemens Teamcenter Visualization and JT2Go
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...
Siemens SCALANCE W1750D
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Rittal CMC III Access systems
1. EXECUTIVE SUMMARY CVSS v3 4.8 Vendor: Rittal Equipment: CMC III Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to open control cabinets secured with Rittal locks. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rittal...
Siemens Multiple Denial of Service Vulnerabilities in Industrial Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
AVEVA Edge
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: Edge Vulnerabilities: Uncontrolled Search Path Element, Exposure of Sensitive Information to an Unauthorized Actor, Uncontrolled Resource Consumption, Improper Access Control, Windows...
Horner Automation Cscape
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Out-of-bounds Write, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow local attackers to execute arbitrary...
Hitachi Energy TXpert Hub CoreTec 4 Sudo Vulnerability
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: TXpert Hub CoreTec 4 Vulnerability: Off-by-one Error 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take control of the system node and its information...
Sensormatic Electronics iSTAR
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, a subsidiary of Johnson Controls Inc. Equipment: iSTAR Ultra Vulnerability: Command Injection 2. RISK EVALUATION An unauthenticated user could use a malicious request to run...
Siemens SICAM A8000 Web Server Module
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM A8000 CP-8000, CP-8021, CP-8022 Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated access to the...
Siemens Datalogics File Parsing Vulnerability
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerability: Heap-based buffer Overflow 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-195-07 Siemens Datalogics file Parsing...
Siemens SIMATIC Energy Manager
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Energy Manager Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Uncontrolled Search Path Element, Deserialization of Untrusted Data 2. RISK EVALUATION...
Siemens Questa and ModelSim
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Questa Simulation and ModelSim Simulation Vulnerability: Insufficiently Protected Credentials 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled...
Siemens Climatix POL909 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: Exploitable remotely Vendor: Siemens --------- Begin Update A Part 1 of 3 --------- Equipment: Climatix POL909 AWM and AWB modules --------- End Update A Part 1 of 3 --------- Vulnerability: Missing Encryption of Sensitive Data 2. RISK EVALUATION...
Advantech WebAccess SCADA
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess SCADA Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access project names and paths. 3...
Siemens RUGGEDCOM ROX Devices
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROX Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to cause a...
Rockwell Automation MicroLogix 1100
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to create a...
Johnson Controls Exacq Technologies exacqVision
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls Equipment: exacqVision Vulnerability: Information Exposure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
WAGO Series 750-88x and 750-352 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: 750-88x and 750-352 Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-308-01 WAGO...
Siemens Automation License Manager
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Automation License Manager ALM Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to locally escalate privileges and modify...
Siemens TIM 3V-IE and 4R-IE Family Devices
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: TIM 3V-IE and 4R-IE Family Devices Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker with network access to gain full...
Certec Atvise Server Remote DOS
Overview Independent researcher Luigi Auriemma has identified a denial of service DoS vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability. Affected Products Atvise...
Philips IntelliSpace Cardiovascular Vulnerabilities
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Philips’ IntelliSpace Cardiovascular ISCV products Vulnerabilities: Improper Privilege Management, Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Universal Robots Robot Controllers
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Universal Robots Equipment: Robot Controllers Vulnerabilities: Use of Hard-coded Credentials, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these...
ABB FOX515T
CVSS v3 6.2 ATTENTION: Low skill level to exploit. Vendor: ABB Equipment: FOX515T Vulnerability: Improper Input Validation AFFECTED PRODUCTS The following versions of FOX515T, a communication interface, are affected: FOX515T release 1.0 IMPACT Successful exploitation of this vulnerability could...