4235 matches found
Siemens SCALANCE LPE9403
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Mitsubishi Electric GOC35 Series
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric India Equipment: GC-ENET-COM Vulnerability: Signal Handler Race Condition 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a communication error and may...
Siemens JT Open, JT Utilities, and Parasolid
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Johnson Controls System Configuration Tool (SCT)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: System Configuration Tool Vulnerabilities: Sensitive Cookie Without ‘HttpOnly’ Flag, Sensitive Cookie in HTTPS Session Without 'Secure' Attribute 2. RISK EVALUATION Successful exploitation of...
Control By Web X-400, X-600M
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Control By Web Equipment: X-400, X-600M Vulnerabilities: Cross-Site Scripting, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject...
SOCOMEC MODULYS GP (UPDATE A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : SOCOMEC Equipment : MODULYS GP Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive...
Johnson Controls Metasys
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Johnson Controls Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposed credentials in plain text...
Siemens SINEC INS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Delta 4G Router DX-3021
1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor : Delta Industrial Automation Equipment: 4G Router DX-3021 Vulnerabilities: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated user to...
Siemens SICAM PAS
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM PAS Vulnerabilities: Uncontrolled Search Path Element, Improper Validation of Specified Type of Input, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION...
Omron NJ/NX-series Machine Automation Controllers
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely, public exploits are available Vendor: Omron Equipment: NJ/NX-series Machine Automation Controllers Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain...
Honeywell ControlEdge
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: ControlEdge Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report known as “OT:ICEFALL” that details vulnerabilities found in multiple...
Siemens Simcenter STAR-CCM+
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Simcenter STAR-CCM+ contains an information disclosure vulnerability...
Rockwell Automation MicroLogix
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100/1400 Vulnerability: Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...
Delta Electronics CNCSoft
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure or an application crash. 3. TECHNICAL DETAILS 3.1...
Hitachi Energy RTU500 OpenLDAP
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerabilities: Type Confusion, Reachable Assertion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service condition...
Hitachi Energy Relion 670/650/SAM600-IO
1. EXECUTIVE SUMMARY CVSS v3 8.1 Vendor: Hitachi Energy Equipment: Relion 670/650/SAM600-IO Vulnerability: Insecure Default Initialization of Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could hijack existing TCP sessions to inject packets of their choosing or cause...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users bypass write permissions to attributes of...
Siemens SIMATIC TIM libcurl
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC TIM libcurl Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of these...
Siemens SCALANCE XM-400 and XR-500 Devices
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE XM-400, XR-500 Vulnerability: Incorrect Calculation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to create...
JTEKT TOYOPUC products
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: JTEKT Corporation Equipment: TOYOPUC products Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to...
Advantech WebAccessSCADA
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
Delta Electronics CNCSoft ScreenEditor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS...
Hetronic Nova-M
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit Vendor: Hetronic Equipment: Nova-M Vulnerability: Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands,...
SamSam Ransomware
Summary The Department of Homeland Security DHS National Cybersecurity and Communications Integration Center NCCIC and the Federal Bureau of Investigation FBI are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, th...
gpsd Open Source Project
1. EXECUTIVE SUMMARY CVSS v3 8.3 Vendor: gpsd Open Source Project Equipment: gpsd, microjson Vulnerability: Stack-based Buffer Overflow 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on November 6, 2018, and is being released to the NCCIC/ICS-CERT...
Moxa MXview
CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: Moxa Equipment: MXview Vulnerability: Unquoted Search Path or Element. AFFECTED PRODUCTS The following versions of MXview, network management software, are affected: MXview v2.8 and prior. IMPACT Successful exploitation of this...
BLF-Tech LLC VisualView HMI
CVSS v3 7.0 ATTENTION: Low skill level to exploit Vendor: BLF-Tech LLC Equipment: VisualView HMI Vulnerability: Uncontrolled Search Path Element AFFECTED PRODUCTS The following VisualView HMI versions are affected: VisualView HMI Version 9.9.14.0 and prior. IMPACT Successful exploitation of this...
Advantech WebAccess
CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerability: DLL Hijacking AFFECTED PRODUCTS The following WebAccess, an HMI, versions are affected: Advantech WebAccess Versions 8.1 and prior. IMPACT Successful exploitation of this vulnerability could...
CA Unified Infrastructure Management Directory Traversal Vulnerability (Update B)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-315-01A CA Unified Infrastructure Management Directory Traversal Vulnerability that was published November 15, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi, working with Zero Day...
ABB DataManagerPro Credential Management Vulnerability
OVERVIEW NCCIC/ICS-CERT received a report from Trend Micro’s Zero Day Initiative ZDI concerning a credential management vulnerability in ABB’s DataManagerPro application. Security researcher Andrea Micalizzi reported this vulnerability to ZDI. ABB has produced a new version to mitigate this...
OSIsoft PI SQL Data Access Server Input Validation Vulnerability
OVERVIEW OSIsoft has identified an input validation vulnerability in its own PI SQL Data Access Server. OSIsoft has produced a new version of PI SQL Data Access Server OLE DB 2016 1.5 to address this issue. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Affected versions of PI...
Siemens SIMATIC S7-300 Denial-of-Service Vulnerability
OVERVIEW Siemens has identified a denial-of-service vulnerability in the SIMATIC S7-300 CPU family. The vulnerability was reported directly to Siemens by Mate J. Csorba of DNV GL, Marine Cybernetics Services, and Amund Sole of Norwegian University of Science and Technology. Siemens has produced a...
N-Tron 702W Hard-Coded SSH and HTTPS Encryption Keys (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-160-01 N-Tron 702W Hard-Coded SSH and HTTPS Encryption Keys that was published June 9, 2015, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified hard-coded SSH and HTTPS encryption...
Moxa SoftCMS Buffer Overflow Vulnerabilities
OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning buffer overflow vulnerabilities in Moxa’s SoftCMS software package. These vulnerabilities were reported to ZDI by security researcher Carsten Eiram of Risk Based Security, who identified seven vulnerabilities,...
PACTware Exceptional Conditions Vulnerability
OVERVIEW Ivan Sanchez from Nullcode Team has identified a handling of exceptional conditions vulnerability in PACTware Consortium’s PACTware application. PACTware Consortium has produced a new service pack that mitigates this vulnerability. Ivan Sanchez has tested the new version to validate that...
ICONICS GENESIS32 Insecure ActiveX Control
OVERVIEW NCCIC/ICS-CERT discovered a vulnerability in the ICONICS GENESIS32 application during resolution of unrelated products. ICONICS has produced a patch for all vulnerable versions of its GENESIS32 product. ICONICS GENESIS32 Version 9.0 and newer are not vulnerable to this ActiveX...
Schneider Electric IGSS Buffer Overflow
Overview Independent researcher Aaron Portnoy of Exodus Intelligence has identified a buffer overflow vulnerability in Schneider Electric’s Interactive Graphical SCADA System IGSS application. Schneider Electric has produced a patch that fully resolves this vulnerability. Aaron Portnoy has...
ProSoft Technology RadioLinx ControlScape PRNG Vulnerability
OVERVIEW Lucas Apa and Carlos Mario Penagos Hollman, security researchers with IOActive, have identified a weak pseudo-random number generator PRNG seed in the ProSoft Technology RadioLinx ControlScape application software. ProSoft Technology has produced a new firmware patch that mitigates this...
Siemens WinCC TIA Portal Vulnerabilities
OVERVIEW Researchers Timur Yunusov and Sergey Bobrov of Positive Technologies have identified several vulnerabilities in the Siemens WinCC TIA Portal. A software update has been produced by Siemens that mitigates these vulnerabilities. Siemens has tested the software update to validate that it...
Ecava IntegraXor ActiveX Directory Traversal
Overview Independent researchers Billy Rios and Terry McCorkle have identified a Path Traversal vulnerability in the Ecava IntegraXor application. Ecava has produced an update that mitigates this vulnerability. The researchers have validated that the patch fixes this vulnerability. Affected...
Wonderware Information Server Multiple Vulnerabilities
Overview ICS-CERT originally released Advisory “ICSA-12-062-01PInvensys Wonderware Information Server Multiple Vulnerabilities” on the US-CERT secure portal on March 02, 2012. This web page release was delayed to allow users time to download and install the update. Independent security researche...
Post Oak Bluetooth Traffic Systems Insufficient Entropy Vulnerability
Overview This advisory provides mitigation details for a vulnerability that impacts Post Oak Traffic AWAM Bluetooth Reader Systems. An independent research group composed of Nadia Heninger University of California at San Diego, J. Alex Halderman, Zakir Durumeric, and Eric Wustrow all from the...
OSIsoft PI OPC DA Interface Buffer Overflow
Overview ICS-CERT has received a report from OSIsoft concerning a stack-based buffer overflow in the PI OPC DA Interface software that could cause the software to crash or allow a remote attacker to execute arbitrary code. This vulnerability was discovered during a software assessment requested b...
ZF Roll Stability Support Plus (RSSPlus)
RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely proximal/adjacent with RF equipment call diagnostic functions which could impact both the availability and integrity. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...
Deep Sea Electronics DSE855
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : low attack complexity/public exploits are available Vendor : Deep Sea Electronics Equipment : DSE855 Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Subnet Solutions Inc. PowerSYSTEM Center
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerabilities: Server-Side Request Forgery SSRF, Inefficient Regular Expression Complexity, Cross-Site Request Forgery CSRF 2. RISK...
IDEC Products (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low Attack Complexity Vendor : IDEC Corporation Equipment : IDEC PLCs Vulnerabilities : Cleartext Transmission of Sensitive Information, Generation of Predictable Identifiers 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Siemens SINEMA
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Rockwell Automation ThinManager ThinServer
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ThinManager ThinServer Vulnerabilities : Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...