Lucene search
K
IcsMost viewed

4255 matches found

ICS
ICS
added 2023/01/26 12:0 a.m.42 views

Landis+Gyr E850

1. EXECUTIVE SUMMARY CVSS v3 3.9 ATTENTION: Low attack complexity Vendor: Landis+Gyr Equipment: E850 ZMQ200 Vulnerability: Reliance on Cookies without Validation and Integrity 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition for the end...

5.4CVSS4.8AI score0.00353EPSS
Exploits0References3
ICS
ICS
added 2023/01/10 12:0 a.m.42 views

Siemens Mendix SAML Module

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.3CVSS7.7AI score0.0047EPSS
Exploits0References11
ICS
ICS
added 2023/01/05 12:0 a.m.42 views

Hitachi Energy Lumada Asset Performance Management

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Lumada Asset Performance Management APM Vulnerabilities: Classic Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

9.8CVSS10AI score0.92488EPSS
Exploits7References3
ICS
ICS
added 2023/01/05 12:0 a.m.42 views

Hitachi Energy FOXMAN-UN

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: FOXMAN-UN Vulnerabilities: Inadequate Encryption Strength, Use of Default Cryptographic Key, Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive...

9.8CVSS7.4AI score0.00569EPSS
Exploits0References3
ICS
ICS
added 2022/12/20 12:0 a.m.42 views

ARC Informatique PcVue

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: ARC Informatique Equipment: PcVue Vulnerabilities: Cleartext Storage of Sensitive Information, Insertion of Sensitive Information into Log File 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the...

6.5CVSS6.4AI score0.00329EPSS
Exploits0References4
ICS
ICS
added 2022/09/06 12:0 a.m.42 views

Hitachi Energy TXpert Hub CoreTec 4

1. EXECUTIVE SUMMARY CVSS v3 6.0 Vendor: Hitachi Energy Equipment: TXpert Hub CoreTec 4 Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Improper Input Validation, Download of Code Without Integrity Check 2. RISK EVALUATION Successful exploitation of these...

7.2CVSS7.6AI score0.00253EPSS
Exploits0References5
ICS
ICS
added 2022/08/23 12:0 a.m.42 views

Hitachi Energy RTU500

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted...

7.5CVSS8AI score0.00636EPSS
Exploits0References5
ICS
ICS
added 2022/07/12 12:0 a.m.42 views

Siemens RUGGEDCOM ROX

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROX Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative privileges to gain root...

10CVSS7.9AI score0.01595EPSS
Exploits0References11
ICS
ICS
added 2022/06/14 12:0 a.m.42 views

Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Improperly Implemented Security Check for Standard 2. RISK EVALUATION The affected application is missing general HTTP security headers in the web servers...

4.3CVSS5.2AI score0.00631EPSS
Exploits0References11
ICS
ICS
added 2021/12/21 12:0 a.m.42 views

Horner Automation Cscape EnvisionRV

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape EnvisionRV Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could execute arbitrary code in the context of the current process...

7.8CVSS7.3AI score0.00685EPSS
Exploits0References5
ICS
ICS
added 2021/12/14 12:0 a.m.42 views

Siemens SIMATIC eaSie PCS 7 Skill Package

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC eaSie PCS 7 Skill Package Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated remote attacker to read...

6.5CVSS6.6AI score0.0091EPSS
Exploits0References11
ICS
ICS
added 2021/12/09 12:0 a.m.42 views

Hillrom Welch Allyn Cardio Products

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Hillrom Equipment: Welch Allyn Cardio Products Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access...

9.8CVSS9.2AI score0.01076EPSS
Exploits0References5
ICS
ICS
added 2021/10/21 12:0 a.m.42 views

B. Braun Infusomat Space Large Volume Pump

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: B. Braun Melsungen AG Equipment: Infusomat Space Large Volume Pump Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Cleartext Transmission of Sensitive Information, Missing...

10CVSS9.7AI score0.0558EPSS
Exploits4References5
ICS
ICS
added 2021/10/21 12:0 a.m.42 views

ICONICS GENESIS64 and Mitsubishi Electric MC Works64

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64, Mitsubishi Electric MC Works64 Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...

7.8CVSS5.4AI score0.02743EPSS
Exploits0References5
ICS
ICS
added 2021/09/14 12:0 a.m.43 views

Siemens APOGEE and TALON

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: APOGEE and TALON Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the...

10CVSS10AI score0.03369EPSS
Exploits0References11
ICS
ICS
added 2021/08/24 12:0 a.m.42 views

Hitachi ABB Power Grids Retail Operations and CSB Products

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: Hitachi ABB Power Grids Equipment: Retail Operations and Counterparty Settlement Billing CSB Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

7.7CVSS7.4AI score0.01258EPSS
Exploits0References5
ICS
ICS
added 2021/06/08 12:0 a.m.42 views

Siemens SIMATIC RFID (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC RF Products Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-159-13 Siemens SIMATIC RFID Readers...

7.5CVSS7.7AI score0.00988EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.42 views

Siemens SIMATIC NET CP343-1

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP343-1 devices Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition...

7.8CVSS7.6AI score0.01269EPSS
Exploits0References11
ICS
ICS
added 2021/04/13 12:0 a.m.42 views

Siemens and PKE Control Center Server

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens/PKE Equipment: Control Center Server CCS Vulnerabilities: Cleartext Storage of Sensitive Information in GUI, Improper Authentication, Relative Path Traversal, Use of a Broken or Risky...

9.9CVSS9.8AI score0.02647EPSS
Exploits0References8
ICS
ICS
added 2021/04/13 12:0 a.m.42 views

JTEKT TOYOPUC products

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: JTEKT Corporation Equipment: TOYOPUC products Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to...

7.5CVSS7.8AI score0.01105EPSS
Exploits0References5
ICS
ICS
added 2020/12/08 12:0 a.m.42 views

Medtronic MyCareLink Smart

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink MCL Smart Model 25000 Patient Reader Vulnerabilities: Improper Authentication, Heap-based Buffer Overflow, Time-of-check Time-of-use Race Condition 2...

10CVSS9.1AI score0.03768EPSS
Exploits0References4
ICS
ICS
added 2020/06/23 12:0 a.m.42 views

Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L and FX Series CPU Modules (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

9.8CVSS9.5AI score0.01296EPSS
Exploits0References5
ICS
ICS
added 2018/12/04 12:0 a.m.42 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow, Use After Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of...

7.8CVSS8.6AI score0.01754EPSS
Exploits0References6
ICS
ICS
added 2018/08/07 12:0 a.m.42 views

Delta Electronics CNCSoft and ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft and ScreenEditor Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

9.3CVSS9.3AI score0.09536EPSS
Exploits0References5
ICS
ICS
added 2018/07/31 12:0 a.m.42 views

Davolink DVW-3200N

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Davolink Equipment: DVW-3200N Vulnerability: Use of Password Hash With Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability may result in a remote...

9.8CVSS10AI score0.10123EPSS
Exploits1References5
ICS
ICS
added 2017/11/30 12:0 a.m.42 views

GEOVAP Reliance SCADA

CVSS v3 6.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GEOVAP Equipment: Reliance SCADA Vulnerability: Cross-site Scripting AFFECTED PRODUCTS The following versions of Reliance SCADA, a software management platform, are affected: Reliance SCADA Version 4.7.3 Update 2 and...

6.1CVSS6.6AI score0.00887EPSS
Exploits0References3
ICS
ICS
added 2017/11/09 12:0 a.m.42 views

AutomationDirect CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO (Update A)

CVSS v3 6.7 Vendor: AutomationDirect --------- Begin Update A Part 1 of 3 -------- Equipment: CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO --------- End Update A Part 1 of 3 ---------- Vulnerability: Uncontrolled Search Path Element UPDATE INFORMATION This updated...

9.3CVSS8.3AI score0.01135EPSS
Exploits0References32
ICS
ICS
added 2017/10/19 12:0 a.m.42 views

ICSMA-17-292-01_Boston Scientific ZOOM LATITUDE PRM Vulnerabilities

OVERVIEW Researchers Jonathan Butts and Billy Rios of Whitescope have identified two vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor PRM – Model 3120. Boston Scientific has provided compensating controls to reduce the risk of exploitation. AFFECTED PRODUCTS The...

4.6CVSS4.8AI score0.00398EPSS
Exploits0References2
ICS
ICS
added 2017/09/21 12:0 a.m.42 views

Digium Asterisk GUI

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Digium Equipment: Asterisk GUI Vulnerability: Improper Neutralization of Special Elements used in an OS Command AFFECTED PRODUCTS The following versions of Asterisk GUI, a framework for configuring graphical user...

9CVSS9.1AI score0.06447EPSS
Exploits0References3
ICS
ICS
added 2017/08/29 12:0 a.m.42 views

AzeoTech DAQFactory

CVSS v3 7.1 ATTENTION: Local access and user-level privileges are required to exploit these vulnerabilities Vendor: AzeoTech Equipment: DAQFactory Vulnerabilities: Incorrect Default Permissions, Uncontrolled Search Path Element AFFECTED PRODUCTS AzeoTech reports that the vulnerabilities affect th...

7.1CVSS6.8AI score0.00337EPSS
Exploits0References3
ICS
ICS
added 2017/08/08 12:0 a.m.42 views

Moxa SoftNVR-IA Live Viewer

CVSS v3 7.2 Vendor: Moxa Equipment: SoftNVR-IA Live Viewer Vulnerability: Uncontrolled Search Path Element AFFECTED PRODUCTS The following versions of SoftNVR-IA Live Viewer, a video surveillance software designed for industrial automation systems, are affected: SoftNVR-IA Live Viewer, Version...

7.2CVSS7.3AI score0.01481EPSS
Exploits0References3
ICS
ICS
added 2017/07/11 12:0 a.m.42 views

Fuji Electric V-Server

CVSS v3 7.3 ATTENTION: Remotely exploitable Vendor: Fuji Electric Equipment: V-Server Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUCTS The following versions of V-Server, a data collection and management service, are affected: V-Server Versi...

7.5CVSS7.8AI score0.02042EPSS
Exploits0References3
ICS
ICS
added 2017/06/20 12:0 a.m.42 views

Ecava IntegraXor

CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerability: SQL Injection AFFECTED PRODUCTS The following versions of IntegraXor, a web SCADA/HMI solution, are affected: IntegraXor Versions 5.2.1231.0 and prior. IMPACT Successful...

9.8CVSS10AI score0.03536EPSS
Exploits0References3
ICS
ICS
added 2017/05/09 12:0 a.m.42 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update E)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

7.1CVSS0.3AI score0.01149EPSS
Exploits0References69
ICS
ICS
added 2017/01/31 12:0 p.m.42 views

Moxa ioLogik E1200 Series Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-287-05 Moxa ioLogik E1200 Series Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 4 -------- Alexandru Ariciu of Applied Risk has identified...

8.1CVSS8.3AI score0.01702EPSS
Exploits0References34
ICS
ICS
added 2016/12/19 7:0 a.m.42 views

ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-077-01 ABB Panel Builder 800 DLL Hijacking Vulnerability that was published March 17, 2016, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in the ABB...

7.2CVSS7.3AI score0.00305EPSS
Exploits0References10
ICS
ICS
added 2016/12/03 7:0 a.m.42 views

Eaton Lighting Systems EG2 Web Control Authentication Bypass Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on March 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Eaton Lighting Systems’ EG2 Web Control application. Eaton Lighting Systems...

8.1AI score
Exploits0References10
ICS
ICS
added 2016/08/21 6:0 a.m.42 views

Vanderbilt Industries Siemens IP CCTV Cameras Vulnerability

OVERVIEW Siemens reports that there is a vulnerability in Siemens-branded IP cameras from Vanderbilt Industries. Vanderbilt has released updates to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the...

9.8CVSS9.9AI score0.02331EPSS
Exploits0References10
ICS
ICS
added 2015/07/25 6:0 a.m.42 views

Eaton's Cooper Devices Improper Ethernet Frame Padding Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 22, 2015, and is being released to the ICS-CERT web site. David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers IEEE...

5.3CVSS5.5AI score0.01113EPSS
Exploits0References10
ICS
ICS
added 2015/06/18 6:0 a.m.42 views

GE MDS PulseNET Vulnerabilities

OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning two vulnerabilities in GE’s MDS PulseNET and MDS PulseNET Enterprise Network Management Software. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi. GE has produced a new versio...

10CVSS7.1AI score0.03784EPSS
Exploits0References10
ICS
ICS
added 2014/11/23 7:0 a.m.42 views

Mitsubishi Electric Automation MC-WorX Suite Unsecure ActiveX Control

OVERVIEW This advisory is a follow-up to the original alert, titled ICS-ALERT-13-259-01 Mitsubishi MC-WorX Suite Unsecure ActiveX Control,ICS-ALERT-13-259-01 Mitsubishi MC-WorkX Suite Insecure ActiveX Control, http://ics-cert.us-cert.gov/alerts/ICS-ALERT-13-259-01, web site last accessed February...

9.3CVSS6.6AI score0.0593EPSS
Exploits0References10
ICS
ICS
added 2014/09/20 6:0 a.m.42 views

Innominate mGuard Privilege Escalation Vulnerability

OVERVIEW Innominate Security Technologies has identified a privilege escalation vulnerability affecting all mGuard devices. Innominate has produced a firmware patch that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following Innominate mGuard...

9CVSS7.8AI score0.03141EPSS
Exploits0References10
ICS
ICS
added 2014/08/02 6:0 a.m.42 views

Nordex NC2 XSS Vulnerability

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-304-01 Nordex NC2 – Cross-Site Scripting Vulnerability that was published October 31, 2013, on the NCCIC/ICS-CERT web site. Independent researcher Darius Freamon identified a cross-site scripting vulnerability in the Nordex...

7.5CVSS6.2AI score0.01671EPSS
Exploits0References10
ICS
ICS
added 2014/07/17 6:0 a.m.42 views

GE Proficy HMI/SCADA DNP3 Driver Input Validation

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 14, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Adam Crain of Automatak has identified an improper input validation in the DNP3 driver provided by Catapult Software...

7.1CVSS6.6AI score0.01846EPSS
Exploits0References10
ICS
ICS
added 2014/02/15 7:0 a.m.42 views

CSWorks Software SQL Injection Vulnerability

OVERVIEW Researcher John Leitch, working with HP’s Zero Day Initiative ZDI, has identified an SQL injection vulnerability in CSWorks’ CSWorks software framework. CSWorks has produced an updated version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED...

7.5CVSS7.6AI score0.02505EPSS
Exploits0References10
ICS
ICS
added 2013/05/24 6:0 a.m.42 views

Siemens COMOS Privilege Escalation Vulnerability

OVERVIEW Siemens has notified ICS-CERT of a privilege escalation vulnerability in the Siemens COMOS database application. Siemens has produced a patch that mitigates this vulnerability. AFFECTED PRODUCTS The following Siemens COMOS versions are affected: All COMOS versions prior to 9.1 COMOS 9.1:...

7.2CVSS6.8AI score0.00432EPSS
Exploits0References10
ICS
ICS
added 2013/04/10 6:0 a.m.42 views

QNX Multiple Vulnerabilities

OVERVIEW Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to...

7.8CVSS7.9AI score0.08221EPSS
Exploits2References10
ICS
ICS
added 2013/02/17 7:0 a.m.42 views

TURCK BL20 and BL67 Programmable Gateway Hard-Coded User Accounts

OVERVIEW Researcher Rubén Santamarta of IOActive has identified hard-coded user accounts in TURCK’s BL20 and BL67 Programmable Gateways. Exploitation of this vulnerability would allow an attacker to have remote administrative access to the device. This vulnerability affects programmable gateways...

10CVSS6.7AI score0.02251EPSS
Exploits0References10
ICS
ICS
added 2012/06/09 6:0 a.m.42 views

Arbiter Systems Power Sentinel Denial-of-Service Vulnerability

Overview Arbiter Systems reported to ICS-CERT that a vulnerability that causes a denial of service DoS has been identified in Arbiter Systems Power Sentinel Phasor Measurement Unit. The vulnerability can be exploited remotely. Arbiter Systems has produced a patch that mitigates this vulnerability...

7.8CVSS6.8AI score0.0147EPSS
Exploits0References10
ICS
ICS
added 2012/01/13 7:0 a.m.42 views

Siemens Scalance X Buffer Overflow Vulnerability

Overview ICS-CERT has received a report from Siemens regarding a buffer overflow vulnerability in the web interface of the Scalance X Industrial Ethernet switch. This vulnerability was reported to Siemens by Jürgen Bilberger from Daimler TSS GmbH. This vulnerability leaves the affected devices...

7.8CVSS8.1AI score0.0612EPSS
Exploits0References10
Total number of security vulnerabilities4255