4255 matches found
ABB Relion 650 and 670 Series
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Relion 650 and 670 Series Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to reboot the device,...
Philips IntelliSpace Cardiovascular Vulnerabilities
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Philips’ IntelliSpace Cardiovascular ISCV products Vulnerabilities: Improper Privilege Management, Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Saia Burgess Controls PCD Controllers
CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Saia Burgess Controls Equipment: PCD Controllers Vulnerability: Information Exposure REPOSTED INFORMATION This advisory was originally posted to the NCCIC Portal on August 22, 2017, and is being released to the...
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update J)
CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...
FATEK Automation PLC WinProladder Stack-Based Buffer Overflow Vulnerability
OVERVIEW A researcher working with Trend Micro’s Zero Day Initiative ZDI has identified a stack-based buffer overflow vulnerability in FATEK Automation's PLC WinProladder application. Fatek Automation Fatek has not produced an update to mitigate this vulnerability. ZDI has coordinated with...
Siemens SICAM PAS Information Disclosure Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-182-02A Siemens SICAM PAS Vulnerabilities that was published November 29, 2016, on the NCCIC/ICS-CERT web site. Positive Technologies’ Ilya Karpov and Dmitry Sklyarov have identified two vulnerabilities in the...
Siemens SIPROTEC 4 and SIPROTEC Compact Vulnerabilities
OVERVIEW Siemens reports that they have released a firmware update for SIPROTEC 4 and SIPROTEC Compact devices to mitigate authentication bypass and resource exhaustion vulnerabilities. Kirill Nesterov and Anatoly Katushin from Kaspersky Lab reported some of these vulnerabilities directly to...
Navis WebAccess SQL Injection Vulnerability
OVERVIEW This advisory is a follow-up to the original alert, titled ICS-ALERT-16-230-01 Navis WebAccess SQL Injection Vulnerability,ICS-ALERT-16-230-01, Navis WebAccess SQL Injection Vulnerability, https://ics-cert.us-cert.gov/alerts/ICS-ALERT-16-230-01, web site last accessed August 18, 2016...
WECON LeviStudio Buffer Overflow Vulnerabilities
OVERVIEW Independent security researchers Rocco Calvi and Brian Gorenc, working with Trend Micro’s Zero Day Initiative, have identified buffer overflow vulnerabilities in WECON’s LeviStudio software. WECON has not released a product fix to addresses the buffer overflow vulnerabilities in the...
Rockwell Automation FactoryTalk EnergyMetrix Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 21, 2016, and is being released to the NCCIC/ICS-CERT web site. Rockwell Automation has identified authentication vulnerabilities in the FactoryTalk EnergyMetrix application. Rockwell Automation has produced...
Sixnet BT Series Hard-coded Credentials Vulnerability
OVERVIEW Independent researcher Neil Smith has identified a hard-coded credential vulnerability in Sixnet’s BT series routers. Sixnet has produced patches and new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are...
Schneider Electric IMT25 DTM Vulnerability
OVERVIEW Alexander Bolshev, Gleb Cherbov, and Svetlana Cherkasova of Digital Security have identified a memory corruption vulnerability in Schneider Electric IMT25 DTM component. Schneider Electric has produced a patch that mitigates this vulnerability. Digital Security has tested this patch to...
Yokogawa Centum Buffer Overflow Vulnerability
OVERVIEW Researcher group Rapid7 has identified a buffer overflow vulnerability in Yokogawa CENTUM products. Yokogawa has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Yokogawa reports that the vulnerability affects the...
Schweitzer Engineering Laboratories Improper Input Validation
Overview Adam Crain of Automatak and independent researcher Chris Sistrunk have identified improper DNP3 input validation in Schweitzer Engineering Laboratories’ real-time automation controllers RTAC. Schweitzer Engineering Laboratories SEL has produced updated firmware that mitigates this...
Siemens S7-1200 Web Application Cross Site Scripting
Overview This advisory provides mitigation details provided by Siemens for a vulnerability that impacts the Siemens S7-1200 Web Application Module. Siemens has reportedSSA-279823, http://www.siemens.com/corporate-technology/en/research-areas/siemens-cert-security-advisories.htm, Web site last...
ORing Industrial Networking IDS-5042/5042+ Hard-Coded Credential Vulnerability
Overview Independent researcher Reid Wightman of Digital BondKorenix and ORing Use Crypto, http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity/, Web site last accessed September 19, 2012. identified hard-coded credentials in the operating system of the ORing Industrial DIN-Rail...
Siemens SIMATIC S7-400 PN CPU DoS
Overview Siemens has reported to ICS-CERT that denial-of-service DoS vulnerabilities exist in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. Siemens has produced a firmware update that mitigates the vulnerability affecting the S7-400 V6. Siemens will not fix the vulnerability that...
InduSoft Web Studio Vulnerabilities
Overview ICS-CERT has become aware of a report from the Zero Day Initiative concerning two vulnerabilities in the InduSoft Web Studio software. This information was reported to Zero Day Initiative by independent security researcher Luigi Auriemma. These vulnerabilities exploit unauthenticated...
Advantech OPC Server Buffer Overflow
Overview ICS-CERT originally released Advisory ICSA-11-279-01P on the US-CERT secure Portal on October 06, 2011. This web page release was delayed to allow users time to download and install the update. Security research and service institute Information and Communication Security Technology Cent...
RSLinx Classic Third-Party Vulnerability
ADVISORY SUMMARY Successful exploitation of this vulnerability can lead to a denial of service, where the application will become unresponsive and will not recover on its own. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Mitsubishi Electric MELSEC iQ-F FX5-OPC
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-F FX5-OPC Vulnerability : NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to...
Hitachi Energy AFS/AFR Series Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : AFS650, AFS660, AFS665, AFS670, AFS675, AFS677, AFR677 Vulnerabilities : Type Confusion, Use After Free, Double Free, Observable Discrepancy 2. RISK EVALUATION...
Siemens SIMATIC RTLS Locating Manager
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Commend WS203VICM
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity Vendor : Commend Equipment : WS203VICM Vulnerabilities : Argument Injection, Improper Access Control, Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Siemens SICAM Q100 Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Rockwell Automation Arena
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Rockwell Automation Equipment : Arena Vulnerabilities : Out-of-Bounds Read, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute...
Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : CC-Link IE TSN Industrial Managed Switch Vulnerabilities : Observable Timing Discrepancy, Double Free 2. RISK EVALUATION Successful exploitation of these...
Rockwell Automation Connected Components Workbench
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : Rockwell Automation Equipment : Connected Components Workbench Vulnerabilities : Use After Free, Out-of-bounds Write 2. RISK...
Omron Engineering Software Zip-Slip
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION : Low attack complexity Vendor : Omron Equipment : Sysmac Studio, NX-IO Configurator Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to overwrite files on a system. 3...
Siemens SIMATIC CN 4100
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CN 4100 Vulnerabilities: Improper Access Control, Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...
Hitachi Energy Gateway Station
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Vulnerabilities: NULL Pointer Dereference, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause affected modules to...
Weintek EasyBuilder Pro cMT Series
1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Weintek Equipment: EasyBuilder Pro Vulnerability: Path Traversal: '\..\filename' 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain control of the user’s...
Delta Electronics DIAScreen
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DIAScreen Vulnerabilities: Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of...
Phoenix Contact Automation Worx
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these...
HEIDENHAIN Controller TNC (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: HEIDENHAIN Equipment: HEIDENHAIN TNC 640 controlling a HARTFORD 5A-65E CNC machine Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a loss of sensitive data,...
Honeywell SoftMaster
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: SoftMaster Vulnerabilities: Uncontrolled Search Path Element, Incorrect Permission Assignment for Critical Resource. 2. RISK EVALUATION Successful exploitation of these...
Honeywell Trend Controls Inter-Controller Protocol
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Honeywell Equipment: Trend Controls IQ Series that utilize Inter-Controller IC protocol Vulnerability: Cleartext Transmission of Sensitive Information CISA is aware of a public report, known as “OT:ICEFALL” that details...
LS ELECTRIC PLC and XG5000 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor : LS ELECTRIC, LS Industrial Systems LSIS Co. Ltd Equipment: LS ELEC PLC and XG5000 Vulnerability: Inadequate Encryption Strength 2. UPDATE This updated advisory is a follow-up to the original advisory...
Simcenter Femap and Parasolid
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap and Parasolid Vulnerability: Out-of-bounds Read 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-195-09 Simcenter Femap and Parasolid Update A that...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to change the user’s password bypassing password...
Exemys RME1
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exemys Equipment: RME1 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network access to bypass authentication and...
APT Cyber Tools Targeting ICS/SCADA Devices
Summary Actions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-uniqu...
Sensormatic Electronics victor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: victor Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Trane Symbio (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Trane Equipment: Symbio 700 and Symbio 800 controllers Vulnerability: Code Injection 2. UPDATE INFORMATION The updated advisory is a follow-up to the original advisory titled ICSA-21-266-01 Trane Symbio that was published...
Siemens Automation License Manager
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Automation License Manager Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition, preventing legitimate...
Siemens SINUMERIK Integrate Operate Client
1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : SINUMERIK Integrate Operate Client Vulnerability : Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to spoof any SSL server...
Ransomware Activity Targeting the Healthcare and Public Health Sector
Summary This advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® version 7 framework. See the ATT&CK for Enterprise version 7 f...
Delta Industrial Automation DOPSoft
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Electronics Equipment: Delta Industrial Automation DOPSoft Vulnerabilities: Out-of-bounds read, Use after free 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...
ABB CP651 HMI
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: ABB Equipment: CP651 HMI Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to prevent legitimate...
GE Mark VIe, EX2100e, EX2100e
1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe, EX2100e, EX2100eReg, and LS2100e Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access system data, which could result...