Siemens SCALANCE XM-400, XR-500

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Emerson PACSystem and Fanuc

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.6 ATTENTION : Low attack complexity Vendor : Emerson Equipment : PACSystem, Fanuc Vulnerabilities : Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity Insufficiently Protected Credentials, Download of Code...

Emerson Ovation

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Emerson Equipment : Ovation Vulnerabilities : Missing Authentication for Critical Function, Insufficient Verification of Data Authenticity CISA is aware of a public report, known as...

Johnson Controls Software House C●CURE 9000

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION : Low attack complexity Vendor : Johnson Controls Equipment : Software House C●CURE 9000 Vulnerability : Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to...

Siemens Sinteso EN Cerberus PRO EN Fire Protection Systems

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Gessler GmbH WEB-MASTER

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable Remotely/Low attack complexity Vendor : Gessler GmbH Equipment : WEB-MASTER Vulnerabilities : Use of Weak Credentials, Use of Weak Hash 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a user to take...

Lantronix XPort

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Low attack complexity Vendor : Lantronix Equipment : XPort Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain credentials. 3. TECHNICAL DETAILS 3.1...

Rockwell Automation SIS Workstation and ISaGRAF Workbench

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Rockwell Automation Equipment : SIS Workstation and ISaGRAF Workbench Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unprivileged local...

Santesoft Sante DICOM Viewer Pro

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Santesoft Equipment : Sante DICOM Viewer Pro Vulnerabilities : Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

#StopRansomware: AvosLocker Ransomware (Update)

Actions to take today to mitigate cyber threats from AvosLocker ransomware: 1. Securing remote access tools 2. Restricting RDP and other remote desktop services 3. Securing PowerShell and/or restrict usage 4. Update software to latest version and apply patching updates regularly...

Softneta MedDream PACS Premium

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Softneta ​Equipment: MedDream PACS ​Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could...

Rockwell Automation ThinManager ThinServer

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ThinManager ThinServer Vulnerability : Relative Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote actor to leverage...

Enphase Envoy

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Enphase Equipment: Envoy Vulnerability: OS Command Injection 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-23-171-01 Enphase Envoy that was...

HID Global SAFE

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: HID Global Equipment: SAFE Vulnerabilities: Modification of Assumed-Immutable Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposure of personal data or create a...

Sierra Wireless AirVantage

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sierra Wireless Equipment: AirVantage Vulnerabilities: Improper Authentication, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these...

Siemens SCALANCE XCM332

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Nexx Smart Home Device

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Nexx Equipment: Garage Door Controller, Smart Plug, Smart Alarm Vulnerabilities: Use of Hard-coded Credentials, Authorization Bypass through User-controlled Key, Improper Input Validation, Improper...

RoboDK

1. EXECUTIVE SUMMARY CVSS v3 7.9 ATTENTION: Low attack complexity Vendor: RoboDK Equipment: RoboDK Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges, which could...

Siemens SIMATIC Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

GE Digital Proficy Historian

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Digital Equipment: Proficy Historian Vulnerabilities: Authentication Bypass using an Alternate Path or Channel, Unrestricted Upload of File with Dangerous Type, Improper Access Control, Weak Encoding...

SAUTER Controls moduWeb

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: moduWeb Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to trick users into clicking on malicious...

Siemens Nucleus RTOS FTP Server

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Sensormatic Electronics C-CURE 9000

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc. Equipment: C-CURE 9000 Vulnerability: Observable Response Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

BD Totalys MultiProcessor

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Totalys MultiProcessor Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or...

Siemens Simcenter STAR-CCM+

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Simcenter STAR-CCM+ contains an information disclosure vulnerability...

Inductive Automation Ignition

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Inductive Automation Equipment: Ignition Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker with network access to...

Ricon Mobile Industrial Cellular Router

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Ricon Mobile, Inc. Equipment: Industrial Cellular Router Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Johnson Controls Entrapass

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: Entrapass Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this...

Philips IntelliBridge EC 40 and EC 80 Hub

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: Philips Equipment: IntelliBridge EC 40 and EC 80 Hub Vulnerabilities: Use of Hard-coded Credentials, Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of these...

FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for arbitrary code execution. 3...

Siemens Siveillance Video DLNA Server

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siveillance Video DLNA Server Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to sensitive information on the DLNA...

mySCADA myDESIGNER

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity Vendor: mySCADA Equipment: myDESIGNER Vulnerability: Relative Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

Hitachi Energy Relion 670/650/SAM600-IO

SUMMARY Hitachi Energy is aware of a vulnerability report from U.S. Department of Energy CyTRICS researcher of a vulnerability in the Relion® 670/650/SAM600-IO series versions listed below. Remediation is available for some versions. Recommended actions for each affected version are listed in...

Advantech WISE-PaaS RMM

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WISE-PaaS/RMM Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information...

Weintek EasyWeb cMT

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Weintek Equipment: cMT Vulnerabilities: Code Injection, Improper Access Control, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

Delta Electronics CNCSoft ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS...

Advantech R-SeeNet

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: R-SeeNet Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to retrieve sensitive information from the...

HMS Networks Ewon Flexy and Cosy

1. EXECUTIVE SUMMARY CVSS v3 2.3 ATTENTION: Low skill level to exploit Vendor: HMS Networks Equipment: Ewon Flexy and Cosy Vulnerability: Permissive Cross-domain Policy with Untrusted Domains 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to retrieve...

Baxter Phoenix Hemodialysis Delivery System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: Phoenix Hemodialysis Delivery System Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

Baxter PrismaFlex and PrisMax (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: PrismaFlex and PrisMax Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Authentication, Use of Hard-Coded Password 2. UPDATE INFORMATION This updated...

ICONICS GENESIS64, GENESIS32

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely Vendor: ICONICS Equipment: GENESIS64, GENESIS32 Vulnerabilities: Out-of-Bounds Write, Deserialization of Untrusted Data, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code...

ICSA-18-128-03 Siemens Siveillance VMS Video Mobile App

1. EXECUTIVE SUMMARY CVSS v3 4.8 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : Siveillance VMS Video Mobile App Vulnerability : Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker in a privileged network position...

Siemens Desigo PXC

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Desigo PXC Vulnerability: Improper Authentication AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of Desigo PXC: Desigo Automation Controllers Compact...

Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers

CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Rockwell Automation Equipment: Allen-Bradley MicroLogix 1400 Controllers Vulnerability: Buffer Overflow AFFECTED PRODUCTS The following versions of MicroLogix 1400 Controllers, a PLC, are affected: MicroLogix 1400...

Siemens Industrial Products (Update C)

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01B Siemens Industrial Products that w...

Progea Movicon SCADA/HMI

CVSS v3 6.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Progea Equipment: Movicon SCADA/HMI Vulnerability: Uncontrolled Search Path Element, Unquoted Search Path or Element AFFECTED PRODUCTS The following versions of Movicon HMI, an HMI software platform, are affected:...

Siemens 7KM PAC Switched Ethernet

CVSS v3 4.3 ATTENTION: Low skill level to exploit. Vendor: Siemens Equipment: 7KM PAC Switched Ethernet Vulnerability: Resource Exhaustion AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following 7KM PAC Switched Ethernet PROFINET expansion modules: 7KM PAC Switched Ethernet...

ABB SREA-01 and SREA-50

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: ABB Equipment: SREA-01 and SREA-50 Vulnerability: Relative Path Traversal AFFECTED PRODUCTS ABB reports that the vulnerability affects the following SREA-01 and SREA-50 legacy remote...

Moxa ioLogik E1200 Series Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-287-05 Moxa ioLogik E1200 Series Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 4 -------- Alexandru Ariciu of Applied Risk has identified...

Black Box AlertWerks ServSensor Credential Management Vulnerability

OVERVIEW Independent researcher Lee Ryman has identified a credential management vulnerability in Black Box’s AlertWerks ServSensor devices. ICS-CERT and CERT Australia have coordinated with Black Box that has produced a new firmware version to mitigate this vulnerability. Lee Ryman has tested th...