4255 matches found
Belden Hirschmann GECKO (Update A)
CVSS v3 7.1 ATTENTION: Remotely Exploitable/low skill level to exploit. Vendor: Belden Equipment: Hirschmann GECKO --------- Begin Update A Part 1 of 5 -------- Vulnerabilities: Path Traversal, Server-Side Request Forgery, Cross-Site Request Forgery, Information Exposure --------- End Update A...
Schneider Electric SoMachine HVAC Unsafe ActiveX Control Vulnerability
OVERVIEW Andrea Micalizzi discovered an unsafe ActiveX control vulnerability in Schneider Electric’s SoMachine software. He reported this vulnerability to ZDI who then reported it to NCCIC/ICS‑CERT. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could b...
Eaton ELCSoft Programming Software Memory Vulnerabilities
OVERVIEW Ariele Calgaviano working with Zero Day Initiative has identified a heap-based memory corruption vulnerability and a stack buffer overflow vulnerability in Eaton’s ELCSoft programming software. Eaton has released a revision to mitigate these vulnerabilities. These vulnerabilities could b...
Elipse E3 Process Control Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-069-04 Elipse E3 Process Control Vulnerability that was published March 10, 2015, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a process control vulnerability in the Elipse E3...
LOYTEC Router Information Exposure Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified a password file vulnerability in LOYTEC’s LIP-3ECTB routers. LOYTEC has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following LOYTEC routers are affected:...
Tridium NiagaraAX Directory Traversal Vulnerability
Overview This advisory provides mitigation details for a vulnerability in the Tridium NiagaraAX software. Independent researchers Billy Rios and Terry McCorkle discovered a directory traversal vulnerability in the Tridium NiagaraAX software product. They demonstrated that with a valid user accoun...
MOXA EDR-G903 Series Multiple Vulnerabilities
OVERVIEW This advisory provides mitigation details for vulnerabilities that impact Moxa EDR-G903 Series Routers. Independent researcher Neil Smith identified a hard-coded user account vulnerability and an insufficient entropy vulnerability in Moxa’s EDR-G903 series routers. By impersonating the...
Schneider Electric Trio J-Series Radio Encryption
OVERVIEW Schneider Electric has self-reported a hard-coded encryption key vulnerability in Schneider Electric’s J-Series Radios. Schneider Electric has produced a patch that mitigates this vulnerability and has published a customer security notification.Schneider Electric Cybersecurity...
ScadaTEC ScadaPhone & Modbus TagServer Buffer Overflow Vulnerability
OVERVIEW This advisory is a follow-up to the ICS-CERT alert titled ICS-ALERT-11-255-01—ScadaTEC ScadaPhone/ModbusTagServer Buffer Overflow, which was published September 12, 2011, on the ICS‑CERT Web page. On September 12, 2011, independent security researcher Steven Seeley publicly released a...
WellinTech KingView History Server Buffer Overflow
Overview ICS-CERT has received a report from the Zero Day Initiative ZDI concerning a heap-based buffer overflow vulnerability in WellinTech’s Kingview HistoryServer.exe, which may allow a remote, unauthenticated attacker to execute arbitrary code. This vulnerability was reported to ZDI by...
Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dover Fueling Solutions DFS Equipment : ProGauge MAGLINK LX CONSOLE Vulnerabilities : Command Injection, Improper Privilege Management, Use of Hard-coded Password, Cross-site Scripting,...
Rockwell Automation FactoryTalk Remote Access
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : Rockwell Automation Equipment : Factory Talk Remote Access Vulnerability : Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enter a...
Mitsubishi Electric MELSEC-Q/L Series (Update B)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC-Q/L Series Vulnerabilities : Incorrect Pointer Scaling, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these...
Mitsubishi Electric FA products (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : MELSEC Series Vulnerability : Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability may...
Mitsubishi Electric MELSEC iQ-F/iQ-R Series CPU Module (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Equipment : MELSEC iQ-F/iQ-R Series Vulnerability : Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...
INEA ME RTU
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : INEA Equipment : ME RTU Vulnerabilities : OS Command Injection, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution...
Siemens SIMATIC CP products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Rockwell Automation Select Logix Communication Modules
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR,...
WellinTech KingHistorian
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: WellinTech Equipment: KingHistorian Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Signed to Unsigned Conversion Error 2. RISK EVALUATION...
Siemens SIMATIC STEP 7 and Derived Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Mitsubishi Electric MELSEC iQ-F Series (Update B)
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-139-01...
Protecting Against Malicious Use of Remote Monitoring and Management Software
Summary The Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, and Multi-State Information Sharing and Analysis Center MS-ISAC hereafter referred to as the “authoring organizations” are releasing this joint Cybersecurity Advisory CSA to warn network defenders abo...
AVEVA Edge
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: Edge Vulnerabilities: Uncontrolled Search Path Element, Exposure of Sensitive Information to an Unauthorized Actor, Uncontrolled Resource Consumption, Improper Access Control, Windows...
Horner Automation Cscape
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Out-of-bounds Write, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow local attackers to execute arbitrary...
Baxter Sigma Spectrum Infusion Pump (Update A)
1. EXECUTIVE SUMMARY --------- Begin Update A part 1 of 3 --------- CVSS v3 7.5 --------- End Update A part 1 of 3 --------- ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Sigma and Baxter Spectrum Infusion Pumps Vulnerabilities: Missing Encryption of Sensitive Data, Use of Externally...
Siemens CPC80 Firmware of SICAM A8000
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: CPC80 Firmware of SICAM A8000 Vulnerability: Missing Release of Resource after Effective Lifetime 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the...
Siemens Mendix Applications
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Applications Vulnerability: Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious user to leak sensitive information if the...
Siemens Mendix SAML Module
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix SAML Module Vulnerabilities: Improper Restriction of XML External Entity Reference, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...
Johnson Controls Metasys
1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Unverified Password Change 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user...
Johnson Controls Metasys SCT Pro
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Metasys Vulnerability: Server-side Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to...
Siemens SIMATIC Energy Manager
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Energy Manager Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Uncontrolled Search Path Element, Deserialization of Untrusted Data 2. RISK EVALUATION...
GE Proficy CIMPLICITY-IPM
1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve both code execution and local privilege escalation. 3. TECHNICAL DETAILS 3.1...
Ransomware Awareness for Holidays and Weekends
Summary Immediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and software. • Use strong passwords. • Usemulti-factor authentication. The Federal Bureau ...
Siemens Questa and ModelSim
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Questa Simulation and ModelSim Simulation Vulnerability: Insufficiently Protected Credentials 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled...
Trane HVAC Systems Controls
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Trane Equipment: Building Automation Controllers Tracer SC Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to redirect a user...
Advantech WebAccess SCADA
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess SCADA Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access project names and paths. 3...
Mitsubishi Electric MELSEC iQ-R Series C Controller Module (Update B)
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series C Controller Module R12CCPU-V Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
Siemens SIPROTEC 5 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIPROTEC 5 Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-257-16 Siemens SIPROTEC 5 that...
Rockwell Automation MicroLogix 1100
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to create a...
Open Design Alliance Drawings SDK
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Open Design Alliance Equipment: Drawings SDK Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper check for Unusual or Exceptional Conditions, Use After Free 2. RISK EVALUATION Successful exploitation of these...
Johnson Controls Exacq Technologies exacqVision
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls Equipment: exacqVision Vulnerability: Information Exposure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Delta Electronics DOPSoft
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: DOPSoft Vulnerabilities: Out-of-bounds Write, Untrusted Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution. 3...
Siemens Automation License Manager
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Automation License Manager ALM Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to locally escalate privileges and modify...
ABB System 800xA Information Manager
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: System 800xA Information Manager Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject and execute...
Siemens TIM 3V-IE and 4R-IE Family Devices
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: TIM 3V-IE and 4R-IE Family Devices Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker with network access to gain full...
Geutebrück GmbH E2 Series IP Cameras
1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Geutebrück GmbH Equipment : E2 Camera Series Vulnerability : OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to inject OS...
GE Proficy GDS
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: General Electric GE Equipment: Proficy GDS Vulnerability: XXE 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to initiate an OPC UA session and retrieve an...
Certec Atvise Server Remote DOS
Overview Independent researcher Luigi Auriemma has identified a denial of service DoS vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability. Affected Products Atvise...
Universal Robots Robot Controllers
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Universal Robots Equipment: Robot Controllers Vulnerabilities: Use of Hard-coded Credentials, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these...
Philips' IntelliVue Patient and Avalon Fetal Monitors
1. EXECUTIVE SUMMARY CVSS v3 8.3 Vendor: Philips Equipment: IntelliVue Patient Monitors, Avalon Fetal/Maternal Monitors Vulnerabilities: Improper Authentication, Information Exposure, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation may allow an attacker to read/write...