4255 matches found
Landis+Gyr E850
1. EXECUTIVE SUMMARY CVSS v3 3.9 ATTENTION: Low attack complexity Vendor: Landis+Gyr Equipment: E850 ZMQ200 Vulnerability: Reliance on Cookies without Validation and Integrity 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition for the end...
Siemens Mendix SAML Module
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Hitachi Energy Lumada Asset Performance Management
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Lumada Asset Performance Management APM Vulnerabilities: Classic Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Hitachi Energy FOXMAN-UN
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: FOXMAN-UN Vulnerabilities: Inadequate Encryption Strength, Use of Default Cryptographic Key, Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive...
ARC Informatique PcVue
1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: ARC Informatique Equipment: PcVue Vulnerabilities: Cleartext Storage of Sensitive Information, Insertion of Sensitive Information into Log File 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the...
Hitachi Energy TXpert Hub CoreTec 4
1. EXECUTIVE SUMMARY CVSS v3 6.0 Vendor: Hitachi Energy Equipment: TXpert Hub CoreTec 4 Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Improper Input Validation, Download of Code Without Integrity Check 2. RISK EVALUATION Successful exploitation of these...
Hitachi Energy RTU500
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted...
Siemens RUGGEDCOM ROX
1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROX Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative privileges to gain root...
Siemens SINEMA Remote Connect Server
1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Improperly Implemented Security Check for Standard 2. RISK EVALUATION The affected application is missing general HTTP security headers in the web servers...
Horner Automation Cscape EnvisionRV
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape EnvisionRV Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could execute arbitrary code in the context of the current process...
Siemens SIMATIC eaSie PCS 7 Skill Package
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC eaSie PCS 7 Skill Package Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated remote attacker to read...
Hillrom Welch Allyn Cardio Products
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Hillrom Equipment: Welch Allyn Cardio Products Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access...
B. Braun Infusomat Space Large Volume Pump
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: B. Braun Melsungen AG Equipment: Infusomat Space Large Volume Pump Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Cleartext Transmission of Sensitive Information, Missing...
ICONICS GENESIS64 and Mitsubishi Electric MC Works64
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64, Mitsubishi Electric MC Works64 Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...
Siemens APOGEE and TALON
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: APOGEE and TALON Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the...
Hitachi ABB Power Grids Retail Operations and CSB Products
1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: Hitachi ABB Power Grids Equipment: Retail Operations and Counterparty Settlement Billing CSB Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Siemens SIMATIC RFID (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC RF Products Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-159-13 Siemens SIMATIC RFID Readers...
Siemens SIMATIC NET CP343-1
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP343-1 devices Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition...
Siemens and PKE Control Center Server
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens/PKE Equipment: Control Center Server CCS Vulnerabilities: Cleartext Storage of Sensitive Information in GUI, Improper Authentication, Relative Path Traversal, Use of a Broken or Risky...
JTEKT TOYOPUC products
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: JTEKT Corporation Equipment: TOYOPUC products Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to...
Medtronic MyCareLink Smart
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink MCL Smart Model 25000 Patient Reader Vulnerabilities: Improper Authentication, Heap-based Buffer Overflow, Time-of-check Time-of-use Race Condition 2...
Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L and FX Series CPU Modules (Update A)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
Omron CX-One
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow, Use After Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of...
Delta Electronics CNCSoft and ScreenEditor
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft and ScreenEditor Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Davolink DVW-3200N
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Davolink Equipment: DVW-3200N Vulnerability: Use of Password Hash With Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability may result in a remote...
GEOVAP Reliance SCADA
CVSS v3 6.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GEOVAP Equipment: Reliance SCADA Vulnerability: Cross-site Scripting AFFECTED PRODUCTS The following versions of Reliance SCADA, a software management platform, are affected: Reliance SCADA Version 4.7.3 Update 2 and...
AutomationDirect CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO (Update A)
CVSS v3 6.7 Vendor: AutomationDirect --------- Begin Update A Part 1 of 3 -------- Equipment: CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO --------- End Update A Part 1 of 3 ---------- Vulnerability: Uncontrolled Search Path Element UPDATE INFORMATION This updated...
ICSMA-17-292-01_Boston Scientific ZOOM LATITUDE PRM Vulnerabilities
OVERVIEW Researchers Jonathan Butts and Billy Rios of Whitescope have identified two vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor PRM – Model 3120. Boston Scientific has provided compensating controls to reduce the risk of exploitation. AFFECTED PRODUCTS The...
Digium Asterisk GUI
CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Digium Equipment: Asterisk GUI Vulnerability: Improper Neutralization of Special Elements used in an OS Command AFFECTED PRODUCTS The following versions of Asterisk GUI, a framework for configuring graphical user...
AzeoTech DAQFactory
CVSS v3 7.1 ATTENTION: Local access and user-level privileges are required to exploit these vulnerabilities Vendor: AzeoTech Equipment: DAQFactory Vulnerabilities: Incorrect Default Permissions, Uncontrolled Search Path Element AFFECTED PRODUCTS AzeoTech reports that the vulnerabilities affect th...
Moxa SoftNVR-IA Live Viewer
CVSS v3 7.2 Vendor: Moxa Equipment: SoftNVR-IA Live Viewer Vulnerability: Uncontrolled Search Path Element AFFECTED PRODUCTS The following versions of SoftNVR-IA Live Viewer, a video surveillance software designed for industrial automation systems, are affected: SoftNVR-IA Live Viewer, Version...
Fuji Electric V-Server
CVSS v3 7.3 ATTENTION: Remotely exploitable Vendor: Fuji Electric Equipment: V-Server Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUCTS The following versions of V-Server, a data collection and management service, are affected: V-Server Versi...
Ecava IntegraXor
CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerability: SQL Injection AFFECTED PRODUCTS The following versions of IntegraXor, a web SCADA/HMI solution, are affected: IntegraXor Versions 5.2.1231.0 and prior. IMPACT Successful...
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update E)
CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...
Moxa ioLogik E1200 Series Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-287-05 Moxa ioLogik E1200 Series Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 4 -------- Alexandru Ariciu of Applied Risk has identified...
ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-077-01 ABB Panel Builder 800 DLL Hijacking Vulnerability that was published March 17, 2016, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in the ABB...
Eaton Lighting Systems EG2 Web Control Authentication Bypass Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on March 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Eaton Lighting Systems’ EG2 Web Control application. Eaton Lighting Systems...
Vanderbilt Industries Siemens IP CCTV Cameras Vulnerability
OVERVIEW Siemens reports that there is a vulnerability in Siemens-branded IP cameras from Vanderbilt Industries. Vanderbilt has released updates to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the...
Eaton's Cooper Devices Improper Ethernet Frame Padding Vulnerability
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 22, 2015, and is being released to the ICS-CERT web site. David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers IEEE...
GE MDS PulseNET Vulnerabilities
OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning two vulnerabilities in GE’s MDS PulseNET and MDS PulseNET Enterprise Network Management Software. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi. GE has produced a new versio...
Mitsubishi Electric Automation MC-WorX Suite Unsecure ActiveX Control
OVERVIEW This advisory is a follow-up to the original alert, titled ICS-ALERT-13-259-01 Mitsubishi MC-WorX Suite Unsecure ActiveX Control,ICS-ALERT-13-259-01 Mitsubishi MC-WorkX Suite Insecure ActiveX Control, http://ics-cert.us-cert.gov/alerts/ICS-ALERT-13-259-01, web site last accessed February...
Innominate mGuard Privilege Escalation Vulnerability
OVERVIEW Innominate Security Technologies has identified a privilege escalation vulnerability affecting all mGuard devices. Innominate has produced a firmware patch that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following Innominate mGuard...
Nordex NC2 XSS Vulnerability
OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-304-01 Nordex NC2 – Cross-Site Scripting Vulnerability that was published October 31, 2013, on the NCCIC/ICS-CERT web site. Independent researcher Darius Freamon identified a cross-site scripting vulnerability in the Nordex...
GE Proficy HMI/SCADA DNP3 Driver Input Validation
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 14, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Adam Crain of Automatak has identified an improper input validation in the DNP3 driver provided by Catapult Software...
CSWorks Software SQL Injection Vulnerability
OVERVIEW Researcher John Leitch, working with HP’s Zero Day Initiative ZDI, has identified an SQL injection vulnerability in CSWorks’ CSWorks software framework. CSWorks has produced an updated version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED...
Siemens COMOS Privilege Escalation Vulnerability
OVERVIEW Siemens has notified ICS-CERT of a privilege escalation vulnerability in the Siemens COMOS database application. Siemens has produced a patch that mitigates this vulnerability. AFFECTED PRODUCTS The following Siemens COMOS versions are affected: All COMOS versions prior to 9.1 COMOS 9.1:...
QNX Multiple Vulnerabilities
OVERVIEW Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to...
TURCK BL20 and BL67 Programmable Gateway Hard-Coded User Accounts
OVERVIEW Researcher Rubén Santamarta of IOActive has identified hard-coded user accounts in TURCK’s BL20 and BL67 Programmable Gateways. Exploitation of this vulnerability would allow an attacker to have remote administrative access to the device. This vulnerability affects programmable gateways...
Arbiter Systems Power Sentinel Denial-of-Service Vulnerability
Overview Arbiter Systems reported to ICS-CERT that a vulnerability that causes a denial of service DoS has been identified in Arbiter Systems Power Sentinel Phasor Measurement Unit. The vulnerability can be exploited remotely. Arbiter Systems has produced a patch that mitigates this vulnerability...
Siemens Scalance X Buffer Overflow Vulnerability
Overview ICS-CERT has received a report from Siemens regarding a buffer overflow vulnerability in the web interface of the Scalance X Industrial Ethernet switch. This vulnerability was reported to Siemens by Jürgen Bilberger from Daimler TSS GmbH. This vulnerability leaves the affected devices...