4255 matches found
Siemens OPC UA Protocol Stack Discovery Service (Update E)
CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation Vulnerability: Improper Restriction of XML External Entity Reference AFFECTED PRODUCTS Siemens...
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update F)
CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...
Siemens SINUMERIK Integrate and SINUMERIK Operate
CVSS v3 7.4 ATTENTION: Remotely exploitable. Vendor: Siemens Equipment: SINUMERIK Integrate, SINUMERIK Operate Vulnerability: Man-in-the-Middle AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following SINUMERIK Integrate and Operate product suite versions: SINUMERIK Integrat...
BINOM3 Electric Power Quality Meter (Update A)
CVSS v3 10 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: BINOM3 Equipment: Electric Power Quality Meter Vulnerabilities: Cross-site scripting, access control issues, cross-site request forgery CSRF, sensitive information stored in clear-text, and weak credentials management...
MICROSYS PROMOTIC Memory Corruption Vulnerability
OVERVIEW Security researcher Praveen Darshanam of Versa Networks has identified a memory corruption vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application. MICROSYS has produced a new version to mitigate this vulnerability. The researcher has tested the new version to validate that it...
OmniMetrix OmniView Vulnerabilities
OVERVIEW Bill Voltmer of Elation Technologies LLC has identified vulnerabilities in OmniMetrix’s OmniView web application. OmniMetrix has produced a new software version for its web interface that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCT...
Vanderbilt Industries Siemens IP CCTV Cameras Vulnerability
OVERVIEW Siemens reports that there is a vulnerability in Siemens-branded IP cameras from Vanderbilt Industries. Vanderbilt has released updates to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the...
Smiths Medical CADD-Solis Medication Safety Software Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Smiths Medical has reported two vulnerabilities in Smiths Medical’s CADD-Solis Medication Safety Software that were identified by Andrew...
Trihedral Engineering Limited VTScada Vulnerabilities
OVERVIEW An anonymous researcher has identified several vulnerabilities in Trihedral Engineering Ltd.’s Trihedral VTScada and reported them to Zero Day Initiative ZDI, which reported them to NCCIC/ICS-CERT. Trihedral Engineering Ltd. has produced a new version to mitigate these vulnerabilities...
Schneider Electric Pelco DS-NVs Buffer Overflow Vulnerability
OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning a buffer overflow vulnerability in Schneider Electric’s Pelco DS-NVs software package. This vulnerability was reported to ZDI by security researchers Ariele Caltabiano and Andrea Micalizzi. Schneider Electric h...
XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability (Update C)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-342-01B XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability that was published March 21, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update C Part 1 of 2 -------- Independent researchers Karn...
Siemens SIMATIC S7-300 CPU Denial-of-Service Vulnerability
OVERVIEW Johannes Klick, Christian Pfahl, Martin Gebert, and Lucas Jacob from Freie Universität Berlin’s work team SCADACS have identified a Denial-of-Service DoS vulnerability in Siemens SIMATIC S7-300 CPUs. Siemens has developed mitigations for this vulnerability. This vulnerability could be...
GE Multilink Switch Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-013-04 GE MultiLink Switch Vulnerabilities that was published January 13, 2015, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3 -------- Eireann Leverett of IOActive has identified three...
Open Automation Software OPC Systems NET DLL Hijacking Vulnerability
OVERVIEW Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in Open Automation Software’s OPC Systems.NET application. Open Automation Software has reviewed the vulnerability and determined not to patch the issue at this time. This vulnerability could be exploited remote...
Pacom 1000 CCU GMS System Cryptographic Implementation Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on December 3, 2015, and is being released to the ICS-CERT web site. Swedish companies XPD and Assured found several crypto implementation flaws in the Pacom GMS system. Pacom has not produced a patch to mitigate...
Yokogawa Multiple Products Buffer Overflow Vulnerabilities
OVERVIEW Yokogawa Electric Corporation has notified NCCIC/ICS-CERT of stack-based buffer overflow vulnerabilities in multiple Yokogawa products. Yokogawa has released product revisions that mitigate the vulnerabilities for many of the vulnerable products. These vulnerabilities could be exploited...
Moxa Industrial Managed Switch Vulnerabilities
OVERVIEW Erwin Paternotte of Applied RiskApplied Risk Security Advisory AR2015001, Multiple Vulnerabilities in Moxa industrial manages switches, http://applied-risk.com/application/files/3414/4060/7148/AdvisoryMoxaMultipleVulnerabilities.pdf, web site last accessed September 3, 2015. has identifi...
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Password Storage Vulnerability
OVERVIEW Gleb Gritsai, Alisa Esage Shevchenko, Ilya Karpov, and the team from Positive Technologies Security have found sensitive information stored in clear text in the Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 products. Schneider Electric has released new patches t...
Siemens SIPROTEC Denial-of-Service Vulnerability
OVERVIEW Siemens has identified a denial-of-service vulnerability in the SIPROTEC 4 and SIPROTEC Compact devices. This vulnerability was reported directly to Siemens by Victor Nikitin from i‑Grids LLC Russia. Siemens has produced a new firmware update to mitigate this vulnerability. This...
Siemens RuggedCom Uncontrolled Resource Consumption Vulnerability (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-051-03A Siemens RuggedCom Uncontrolled Resource Consumption Vulnerability that was published March 18, 2014, on the NCCIC/ICS-CERT web site. Researchers Ling Toh Koh, Ng Yi Teng, Seyed Dawood Sajjadi Torshizi, Ry...
ICONICS GENESIS32 Insecure ActiveX Control
OVERVIEW NCCIC/ICS-CERT discovered a vulnerability in the ICONICS GENESIS32 application during resolution of unrelated products. ICONICS has produced a patch for all vulnerable versions of its GENESIS32 product. ICONICS GENESIS32 Version 9.0 and newer are not vulnerable to this ActiveX...
Ecava IntegraXor Buffer Overflow Vulnerability
OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-14-015-01 Ecava IntegraXor Buffer Overflow Vulnerability that was published January 15, 2014, on the NCCIC/ICS-CERT Web site. Independent researcher Luigi Auriemma identified a buffer overflow vulnerability in the Ecava IntegraXo...
IOServer DNP3 Improper Input Validation
OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified improper input validation in IOServer’s DNP3 driver software. IOServer has produced an updated software version that mitigates this vulnerability. Adam Crain and Chris Sistrunk updated and tested this versi...
Siemens S7-1200 Insecure Storage of HTTPS CA Certificate
Overview Siemens has reportedSSA-240718, http://www.siemens.com/corporate-technology/en/research-areas/siemens-cert-security-advisories.htm, Web site last accessed September 19, 2012 an insecure HTTPS certificate storage vulnerability in Siemens’ S7-1200 v2.x. Siemens has provided guidance to...
Siemens COMOS Database Privilege Escalation Vulnerability
Overview Siemens has reported a privilege escalation vulnerability in the Siemens COMOS database application. Siemens has produced an update that fixes this vulnerability. This vulnerability could be exploited remotely. Affected Products Siemens reports that the vulnerability affects the followin...
Siemens Scalance S Multiple Security Vulnerabilities
Overview ICS-CERT has received a report from Siemens regarding two security vulnerabilities in the Scalance S Security Module firewall. This vulnerability was reported to Siemens by Adam Hahn and Manimaran Govindarasu for coordinated disclosure. The first issue is a brute-force credential guessin...
Rockwell RSLogix Overflow Vulnerability
Overview This updated advisory is a follow-up to the Alert titled “ICS-ALERT-11-256-05A—Rockwell RSLogix Overflow Vulnerability” that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team ICS-CERT web page. ICS-CERT is aware of a public report of an...
RSLinx Classic Third-Party Vulnerability
ADVISORY SUMMARY Successful exploitation of this vulnerability can lead to a denial of service, where the application will become unresponsive and will not recover on its own. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Siemens Tecnomatix Plant Simulation
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
AVTECH IP camera
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : AVTECH SECURITY Corporation Equipment : IP camera Vulnerability : Command Injection 2. RISK EVALUATION Successful exploitation of this...
PTC Creo Elements/Direct License Server (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : Creo Elements/Direct License Server Vulnerability : Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated remote...
Motorola Solutions Vigilant License Plate Readers
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Motorola Solutions Equipment : Vigilant Fixed LPR Coms Box BCAV1F2-C600 Vulnerabilities : Authentication Bypass Using an Alternate Path or Channel, Cleartext Storage in a File or on Disk, Us...
Siemens RUGGEDCOM APE1808
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Franklin Fueling System EVO 550/5000
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Franklin Fueling System Equipment : EVO 550, EVO 5000 Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read...
Rockwell Automation ControlLogix and GuardLogix
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...
BD FACSChorus
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION : Low attack complexity Vendor : Becton, Dickinson and Company BD Equipment : FACSChorus Vulnerabilities : Missing Protection Mechanism for Alternate Hardware Interface, Missing Authentication for Critical Function, Improper Authentication, Use...
Hitachi Energy eSOMS
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : eSOMS Vulnerabilities : Generation of Error Message Containing Sensitive Information, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2...
Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : CC-Link IE TSN Industrial Managed Switch Vulnerabilities : Observable Timing Discrepancy, Double Free 2. RISK EVALUATION Successful exploitation of these...
Omron CJ/CS/CP Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Omron Equipment : Sysmac CJ/CS/CP Series Vulnerability : Improper Control of Interaction Frequency 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
Rockwell Automation Select Communication Modules
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR, 1756-EN3TRK,...
Panasonic Control FPWin Pro7
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Panasonic Equipment: Control FPWIN Pro7 Vulnerabilities: Type Confusion, Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...
Enphase Installer Toolkit Android App
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Enphase Equipment: Enphase Installer Toolkit Vulnerability: Use of Hard-coded Credentials 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled...
Siemens SIMATIC WinCC
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Delta Electronics CNCSoft-B DOPSoft
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-B DOPSoft Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...
Moxa MXsecurity Series
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXsecurity Series Vulnerabilities: Command Injection and Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthorized...
Rockwell Automation Arena Simulation Software
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Simulation Software Vulnerabilities: Incorrect Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Siemens Solid Edge
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Nexx Smart Home Device
1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Nexx Equipment: Garage Door Controller, Smart Plug, Smart Alarm Vulnerabilities: Use of Hard-coded Credentials, Authorization Bypass through User-controlled Key, Improper Input Validation, Improper...
SAUTER EY-modulo 5 Building Automation Stations
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Equipment: EY-modulo 5 Building Automation Stations Vulnerabilities: Cross-site Scripting, Cleartext Transmission of Sensitive Information, and Unrestricted Upload of File with Dangerous Type 2...
Hitachi Energy IEC 61850 MMS-Server (Update B)
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: IEC 61850 MMS-Server Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could cause products using the IEC 61850 MMS-server...