Integration Objects OPC UA Server Toolkit (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Integration Objects Equipment : OPC UA Server Toolkit Vulnerability : Improper Output Neutralization for Logs 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

Siemens SICAM A8000

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

QNAP VioStor NVR

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : QNAP Equipment : VioStor NVR Vulnerability : OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability...

Siemens SIMATIC MV500

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Hitachi Energy eSOMS

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : eSOMS Vulnerabilities : Generation of Error Message Containing Sensitive Information, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2...

Santesoft Sante DICOM Viewer Pro

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Santesoft Equipment : Sante DICOM Viewer Pro Vulnerabilities : Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

#StopRansomware: AvosLocker Ransomware (Update)

Actions to take today to mitigate cyber threats from AvosLocker ransomware: 1. Securing remote access tools 2. Restricting RDP and other remote desktop services 3. Securing PowerShell and/or restrict usage 4. Update software to latest version and apply patching updates regularly...

Siemens SIMATIC, SIPLUS Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Softneta MedDream PACS Premium

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Softneta ​Equipment: MedDream PACS ​Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could...

CODESYS Development System

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Insufficient Verification of Data Authenticity. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...

Siemens SCALANCE X-200IRT Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens RADIUS Client of SIPROTEC 5 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

LS ELECTRIC XBC-DN32U

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: LS ELECTRIC, LS Industrial Systems LSIS Co. Ltd Equipment: XBC-DN32U Vulnerabilities: Missing Authentication for Critical Function, Improper Access Control, Cleartext Transmission of Sensitive...

Control By Web X-400, X-600M

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Control By Web Equipment: X-400, X-600M Vulnerabilities: Cross-Site Scripting, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject...

SOCOMEC MODULYS GP (UPDATE A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : SOCOMEC Equipment : MODULYS GP Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive...

Siemens SINEC INS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Nucleus RTOS FTP Server

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC HMI Panels

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Human Machine Interface HMI Panels Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

BD Totalys MultiProcessor

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Totalys MultiProcessor Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or...

Rockwell Automation MicroLogix

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100/1400 Vulnerability: Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

Siemens SIMATIC STEP 7 (TIA Portal)

1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Siemens Equipment: STEP 7 TIA Portal Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve privilege escalation on the web server of certain devices configured by SIMATIC...

Mitsubishi Electric MELSEC-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Lack of Administrator Control Over Security 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a...

Delta Electronics CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Hitachi Energy Relion 670/650/SAM600-IO

SUMMARY Hitachi Energy is aware of a vulnerability report from U.S. Department of Energy CyTRICS researcher of a vulnerability in the Relion® 670/650/SAM600-IO series versions listed below. Remediation is available for some versions. Recommended actions for each affected version are listed in...

CODESYS Control V2 Linux SysFile library

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS V2 Runtime Toolkit Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow the control programmer to call...

Delta Electronics CNCSoft ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS...

Mitsubishi Electric MELSEC iQ-R Series

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition for the affected...

Phishing Emails Used to Deploy KONNI Malware

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency CISA has observed cyber actors using emails containi...

Change Healthcare PeerVue Web Server

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable on an adjacent network/low skill level to exploit Vendor: Change Healthcare Equipment: PeerVue Web Server Vulnerability: Information Exposure Through an Error Message 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-329-02A Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities that was published December 2, 2014, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities within products using the Siemen...

Siemens SIMATIC S7-400 CPU (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : SINAMIC S7-400 CPU Vulnerability : Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-137-03 Siemens...

Philips Alice 6 Vulnerabilities (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: Philips Alice 6 System product Vulnerabilities: Improper Authentication, Missing Encryption of Sensitive Data 2. UPDATE INFORMATION This updated...

Siemens Desigo PXC

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Desigo PXC Vulnerability: Improper Authentication AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of Desigo PXC: Desigo Automation Controllers Compact...

Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers

CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Rockwell Automation Equipment: Allen-Bradley MicroLogix 1400 Controllers Vulnerability: Buffer Overflow AFFECTED PRODUCTS The following versions of MicroLogix 1400 Controllers, a PLC, are affected: MicroLogix 1400...

WECON Technology Co., Ltd. LeviStudio HMI Editor

CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: WECON Technology Co., Ltd. WECON Equipment: LeviStudio HMI editor Vulnerability: Heap-based Buffer Overflow AFFECTED PRODUCTS All versions of LeviStudio HMI, an HMI editor, are affected. IMPACT Successful exploitation...

GE CIMPLICITY

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: CIMPLICITY Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS The following versions of CIMPLICITY, an HMI/SCADA management platform, are affected: CIMPLICITY Versions 9.0 and prior. IMPACT...

mySCADA myPRO

CVSS v3 7.8 ATTENTION: Low skill level to exploit. Public exploits are available. Vendor: mySCADA Equipment: myPRO Vulnerability: Unquoted Search Path AFFECTED PRODUCTS The following versions of myPRO, an HMI/SCADA management platform, are affected: myPRO Versions 7.0.26 and prior. IMPACT...

Advantech B+B SmartWorx MESR901

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech B+B SmartWorx Equipment: MESR901 Vulnerability: Use of Client-Side Authentication AFFECTED PRODUCTS The following versions of MESR901, a Modbus gateway, are affected: MESR901 firmware versions 1.5.2 and prio...

Advantech WebAccess

CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerability: DLL Hijacking AFFECTED PRODUCTS The following WebAccess, an HMI, versions are affected: Advantech WebAccess Versions 8.1 and prior. IMPACT Successful exploitation of this vulnerability could...

OSIsoft PI Coresight and PI Web API (Update A)

CVSS V3 6.1 Vendor: OSIsoft Equipment: PI Coresight, PI Web API Vulnerability: Information Exposure Through Server Log Files UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-010-01 OSIsoft PI Coresight and PI Web API that was published January 10,...

CAREL PlantVisor Enhanced Authentication Bypass Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified an authorization bypass vulnerability in CAREL’s PlantVisor application. CAREL has confirmed that this vulnerability refers to the phased-out CAREL product PlantVisorEnhanced and is no longer supported. This vulnerability could be exploite...

OSIsoft PI Web API 2015 R2 Service Account Permissions Vulnerability

OVERVIEW OSIsoft has identified a permissions vulnerability in its own PI Web API. OSIsoft has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following versions of PI Web...

Advantech WebAccess ActiveX Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-173-01 Advantech WebAccess ActiveX Vulnerabilities that was published June 21, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- Zhou Yu of Acorn Network Security and ZDI Zero...

Siemens SIMATIC WinCC Flexible Weakly Protected Credentials Vulnerability

OVERVIEW Siemens has identified a weakly protected credentials vulnerability in SIMATIC WinCC flexible. Gleb Gritsai and Roman Ilin from Positive Technologies reported this issue directly to Siemens. Siemens has produced an update to mitigate this vulnerability. This vulnerability could be...

GE MultiLink Series Hard-coded Credential Vulnerability

OVERVIEW GE has identified a hard-coded credential vulnerability in GE’s MultiLink series managed switches. GE has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following MultiLink products are affected: GE ML8...

ICONICS WebHMI Directory Traversal Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified a directory traversal vulnerability in the ICONICS WebHMI V9 application. ICONICS has produced recommendations to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following ICONICS product ...

Cimon CmnView DLL Hijacking Vulnerability

OVERVIEW Ivan Sanchez of Wise Security has identified a DLL Hijacking vulnerability in the CIMON CmnView.exe application. CIMON, Inc. has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely with social engineering and requires local user input...

Schneider Electric Wonderware InTouch Access Anywhere Server Buffer Overflow Vulnerability

OVERVIEW Schneider Electric Wonderware has identified a stack-based buffer overflow vulnerability in the Wonderware InTouch Access Anywhere Server product. Schneider Electric has produced a security update that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED...

EasyIO-30P-SF Hard-Coded Credential Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on August 25, 2015, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified a hard-coded credential vulnerability in the EasyIO-30P-SF controller. EasyIO has produced a...