4255 matches found
Siemens Scalance X Buffer Overflow Vulnerability
Overview ICS-CERT has received a report from Siemens regarding a buffer overflow vulnerability in the web interface of the Scalance X Industrial Ethernet switch. This vulnerability was reported to Siemens by Jürgen Bilberger from Daimler TSS GmbH. This vulnerability leaves the affected devices...
Schneider Electric UnitelWay Buffer Overflow
Overview ICS-CERT originally released Advisory ICSA-11-277-01P on the US-CERT secure Portal on October 04, 2011. This web page release was delayed to allow users sufficient time to download and install the update. Researcher Kuang-Chun Hung of Security Research and Service Institute—Information a...
Viessmann Climate Solutions SE Vitogate 300
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Viessmann Climate Solutions SE Equipment : Vitogate 300 Vulnerabilities : Use of Hard-coded Credentials, Forced Browsing, Command Injection 2. RISK EVALUATION...
Siemens COMOS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Rockwell Automation ControlLogix, GuardLogix, and CompactLogix
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION : Low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix, CompactLogix Vulnerability : Always-Incorrect Control Flow Implementation 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Siemens SCALANCE XM-400, XR-500
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
LenelS2 NetBox
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : LenelS2 Equipment : NetBox Vulnerabilities : Use of Hard-coded Password, OS Command Injection, Argument Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Siemens SICAM Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SIMATIC WinCC
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Rockwell Automation FactoryTalk Service Platform
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION : Exploitable remotely Vendor : Rockwell Automation Equipment : FactoryTalk Service Platform Vulnerability : Incorrect Execution-Assigned Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious users...
Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Vulnerability : Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this...
Emerson Rosemount GC370XA, GC700XA, GC1500XA
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely Vendor : Emerson Equipment : Rosemount GC370XA, GC700XA, GC1500XA Vulnerabilities : Command Injection, Improper Authentication, Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Integration Objects OPC UA Server Toolkit (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Integration Objects Equipment : OPC UA Server Toolkit Vulnerability : Improper Output Neutralization for Logs 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...
Unitronics Vision and Samba Series (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : Unitronics Equipment : Vision Series, Samba Series Vulnerability : Initialization of a Resource with an Insecure Default 2. RISK...
Franklin Fueling System TS-550
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Franklin Fueling System Equipment : TS-550 Vulnerability : Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful...
Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...
Hitachi Energy RTU500 series
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a buffer overflow and reboot of...
TEL-STER TelWin SCADA WebInterface
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: TEL-STER Sp. z o. o. Equipment: TelWin SCADA WebInterface Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to read...
Siemens Siveillance
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Step Tools Third-Party
1. EXECUTIVE SUMMARY CVSS v3 2.2 ATTENTION: Low attack complexity Vendor: Step Tools, Inc Equipment: STEPTools ifcmesh library Vulnerability: Null Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to deny application usage when reading a...
Baicells Nova
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baicells Equipment: Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 Vulnerability: Command injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow commands performed...
Siemens SCALANCE X200 IRT
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Horner Automation Cscape Envision RV
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Envision RV Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to an attacker executing arbitrary code...
Siemens SINEC INS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Priva TopControl Suite
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Priva Equipment: TopControl Suite Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
Siemens Simcenter STAR-CCM+
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...
SAUTER Controls moduWeb
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: moduWeb Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to trick users into clicking on malicious...
Johnson Controls Metasys ADX Server
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: Metasys ADX Extended Application and Data Server Server running MVE Metasys for Validated Environments Vulnerability: Improper Authentication 2. RISK EVALUATION...
Honeywell ControlEdge
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: ControlEdge Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report known as “OT:ICEFALL” that details vulnerabilities found in multiple...
Rockwell Automation MicroLogix
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100/1400 Vulnerability: Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...
Yokogawa CAMS for HIS
1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: High attack complexity Vendor: Yokogawa Equipment: Consolidation Alarm Management Software for Human Interface Station CAMS for HIS Vulnerability: Violation of Secure Design Principles 2. RISK EVALUATION If a computer using CAMS for HIS software is...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to extract information from a database protected field...
Moxa MGate Protocol Gateways
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MGate MB3180/MB3280/MB3480 Series Protocol Gateways Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Siemens Industrial Edge
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Edge Management Vulnerability: Authorization Bypass Through User-controlled Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users bypass write permissions to attributes of...
Siemens SIMATIC TIM libcurl
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC TIM libcurl Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of these...
Siemens Mendix Excel Importer Module
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mendix, a subsidiary of Siemens Equipment: Mendix Excel Importer Module Vulnerability: Generation of Error Message Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this...
Siemens Tecnomatix RobotExpert
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Tecnomatix RobotExpert Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS 3.1...
Advantech WebAccessSCADA
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
Siemens DIGSI 4
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: DIGSI 4 Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low privileged attacker to execute arbitrary code with SYSTEM...
B. Braun OnlineSuite
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low and high skill level to exploit Vendor: B. Braun Melsungen AG Equipment: OnlineSuite Vulnerabilities: Relative Path Traversal, Uncontrolled Search Path Element, Improper Neutralization of Formula Elements in a CSV File 2. RISK...
Advantech WebAccess Node
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the application being accessed; a buffer...
Quest KACE Systems Management Appliance
1. EXECUTIVE SUMMARY CVSS v3 2.7 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Quest Equipment : KACE Systems Management Appliance SMA Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an administrative...
BD Alaris Gateway Workstation
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: BD Becton, Dickinson and Company Equipment: Alaris Gateway Workstation Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Exploitation of...
gpsd Open Source Project
1. EXECUTIVE SUMMARY CVSS v3 8.3 Vendor: gpsd Open Source Project Equipment: gpsd, microjson Vulnerability: Stack-based Buffer Overflow 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on November 6, 2018, and is being released to the NCCIC/ICS-CERT...
Medtronic MyCareLink Patient Monitor
1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Medtronic Equipment: MyCareLink Patient Monitor Vulnerabilities: Use of Hard-coded Password, Exposed Dangerous Method or Function 2. RISK EVALUATION If exploited, these vulnerabilities may allow privileged access to the monitor’s operating system. However,...
Vyaire Medical CareFusion Upgrade Utility Vulnerability
OVERVIEW Independent researcher Mark Cross @xerubus has identified an uncontrolled search path element vulnerability in Vyaire Medical’s CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability. AFFECTED PRODUCTS The following versions of...
Siemens Industrial Products (Update D)
CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01C Siemens Industrial Products that w...
ICSA-17-306-01 Siemens SIMATIC PCS 7 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC PCS 7 Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-306-01 Siemens SIMATIC...
Siemens industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation (Update B)
CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation Vulnerability: Improper Restriction of XML External Entity Reference UPDATE INFORMATION This update...