Sierra Wireless ACEmanager Information Exposure Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified an exposure of sensitive information vulnerability in the Sierra Wireless ACEmanager application. Sierra Wireless has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS...

Siemens SCALANCE X-300/X408 Switch Family DOS Vulnerabilities

OVERVIEW Siemens has identified denial-of-service DoS vulnerabilities in the SCALANCE X-300/X408 switch family. These vulnerabilities were reported directly to Siemens by Déjà vu Security. Siemens has produced a firmware update that mitigates these vulnerabilities. These vulnerabilities could be...

CodeWrights GmbH HART DTM Vulnerability (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-012-01A CodeWrights GmbH HART DTM Vulnerability that was published January 13, 2015, on the NCCIC/ICS-CERT web site. Alexander Bolshev of Digital Security has identified an improper input validation vulnerability...

OSIsoft PI Data Archive Server Vulnerabilities

OVERVIEW OSIsoft has identified 56 vulnerabilities in its own PI System software. OSIsoft has produced a new version of Data Archive Version 3.4.395.64 to mitigate these issues. Some of these vulnerabilities could be exploited remotely. AFFECTED PRODUCTS OSIsoft reports that the vulnerabilities...

Schneider Electric Modicon PLC Vulnerabilities

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-15-224-02 Schneider Electric Modicon M340 PLC Station P34 Module VulnerabilitiesICS-CERT ALERT, https://ics-cert.us-cert.gov/alerts/ICS-ALERT-15-224-02, web site last accessed September 3, 2015. that was published August 12, 2015...

Moxa SoftCMS Buffer Overflow Vulnerability

OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning a buffer overflow vulnerability in Moxa’s SoftCMS software package. This vulnerability was reported to ZDI by security researcher Ariele Caltabiano. Moxa has produced a new version that mitigates this...

Opto 22 Multiple Product Vulnerabilities

OVERVIEW Ivan Sanchez from Nullcode Team has identified two buffer overflow vulnerabilities that are present in Opto 22’s PAC Project Professional, PAC Project Basic, OptoOPCServer, OptoDataLink, PAC Display Basic, and PAC Display Professional products. Opto 22 has released new versions that...

Siemens SIMATIC S7-1200 Improper Input Validation Vulnerabilities

OVERVIEW Siemens has reported two improper input validation vulnerabilities discovered separately by Prof. Dr. Hartmut Pohl of softScheck GmbH and Arne Vidström of Swedish Defence Research Agency FOI in Siemens’ SIMATIC S7-1200 PLC. Siemens has produced a new version that mitigates these...

Schneider Electric StruxureWare SCADA Expert ClearSCADA Parsing Vulnerability

OVERVIEW Andrew Brooks identified and reported to The Zero Day Initiative ZDI a File Parsing Vulnerability: Schneider Electric StruxureWare SCADA Expert ClearSCADA ServerMain.exe OPF File Parsing Vulnerability. Schneider Electric has prepared workarounds and helped develop security upgrades for a...

AMTELCO miSecure Vulnerabilities

OVERVIEW Researcher Jared Bird of Allina Health reported multiple vulnerabilities in the AMTELCO miSecureMessage MSM medical messaging system. AMTELCO has an update available to all customers that mitigates the vulnerabilities. The vulnerabilities were discovered during cooperative testing betwee...

Siemens SINEMA Vulnerabilities

OVERVIEW Siemens has identified vulnerabilities in SINEMA server. Siemens has produced a software update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens product is affected: SINEMA server: all versions prior to V12 S...

InduSoft Advantech Studio Directory Traversal

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-004-01—Advantech Studio Directory Traversal that was published January 4, 2013, on the ICS-CERT Web page. Independent researcher Nin3 released proof-of-concept PoC exploit code for a directory traversal vulnerability in Induso...

ICONICS GENESIS32 Multiple Memory Corruption

Overview Independent security researchers Billy Rios and Terry McCorkle have identified eight memory corruption vulnerabilities affecting the ICONICS GENESIS32 product. GENESIS32 is a web-deployable human-machine interface HMI supervisory control and data acquisition SCADA product. These...

WellinTech KingView ActiveX Vulnerabilities

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-256-01 WellinTech KingView ActiveX VulnerabilitiesICS-ALERT-13-256-01 WellinTech KingView ActiveX Vulnerabilities, http://ics-cert.us-cert.gov/alerts/ICS-ALERT-13-256-01, Web site last accessed October 22, 2013. that was...

Siemens Scalance X200 IRT Multiple Vulnerabilities

OVERVIEW This advisory provides mitigation details for vulnerabilities that impact the Siemens Scalance X200 IRT. Siemens has identified multiple vulnerabilities in Siemens Scalance X200 IRT. Siemens has produced an update that mitigates these vulnerabilities. Siemens has tested the update to...

Ocean Data Systems Dream Reports XSS and Write Access Violation Vulnerabilities

Overview Independent researchers Billy Rios and Terry McCorkle identified cross-site scripting XSS and write access violation vulnerabilities in Ocean Data Systems Dream Report application. ICS-CERT has coordinated these vulnerabilities with Ocean Data Systems, which has produced a new version th...

GE Intelligent Platforms Proficy Plant Applications Buffer Overflow

Overview ICS CERT originally released Advisory ICSA-11-243-01P on the US-CERT secure Portal on August 31, 2011. This web page release was delayed to allow users time to download and install the update. ICS-CERT has received a report from GE concerning a stack-based buffer overflow vulnerability i...

Johnson Controls PowerG, IQPanel and IQHub (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

Deep Sea Electronics DSE855

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : low attack complexity/public exploits are available Vendor : Deep Sea Electronics Equipment : DSE855 Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : ICONICS, Mitsubishi Electric Equipment : ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Siemens PSS SINCAL

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Hitachi Energy AFS/AFR Series Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : AFS650, AFS660, AFS665, AFS670, AFS675, AFS677, AFR677 Vulnerabilities : Type Confusion, Use After Free, Double Free, Observable Discrepancy 2. RISK EVALUATION...

#StopRansomware: Phobos Ransomware

Actions to take today to mitigate Phobos ransomware activity: 1. Secure RDP ports to prevent threat actors from abusing and leveraging RDP tools. 2. Prioritize remediating known exploited vulnerabilities. 3. Implement EDR solutions to disrupt threat actor memory allocation techniques...

AVEVA Operations Control Logger

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : AVEVA Equipment : Operations Control Logger Vulnerabilities : Execution with Unnecessary Privileges, External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Siemens Mendix Runtime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

PTC Codebeamer

1. EXECUTIVE SUMMARY ​CVSS v3 8.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: PTC ​Equipment: Codebeamer ​Vulnerability: Cross site scripting 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to inject arbitrary JavaScript code, which...

KNX Protocol

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: KNX Association Equipment: KNX devices using KNX Connection Authorization Vulnerability: Overly Restrictive Account Lockout Mechanism 2. RISK EVALUATION Successful exploitation...

Mitsubishi Electric MELSEC WS Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: WS0-GETH00200 Vulnerabilities: Active Debug Code 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-23-138-02...

Rockwell Automation FactoryTalk Vantagepoint

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Vantagepoint Vulnerabilities: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to impersonate...

Scada-LTS Third Party Component

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Scada-LTS Equipment: Scada-LTS Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow loss of sensitive...

Siemens JT Open and JT Utilities

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIPROTEC 5 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

EnOcean SmartServer

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Low attack complexity Vendor: EnOcean Edge Inc, a subsidiary of EnOcean GmbH Equipment: SmartServer with i.LON Vision Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

Hitachi Energy UNEM

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: UNEM Vulnerabilities: Inadequate Encryption Strength, Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive Information. 2. RISK EVALUATION Successful...

Siemens Parasolid

1. EXECUTIVE SUMMARY. CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Parasolid Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code in the context of the...

Bentley Systems MicroStation Connect

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Bentley Systems Equipment: MicroStation Connect Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may crash the device being accessed or...

Siemens SCALANCE and RUGGEDCOM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens RUGGEDCOM ROS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Fuji Electric D300win

1. EXECUTIVE SUMMARY CVSS v3 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fuji Electric Equipment: D300win Vulnerabilities: Out-of-bounds Read, Write-what-where Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in loss of sensitive...

Siemens SICAM A8000

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM A8000 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access files...

Siemens JTTK and JT Utilities

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JTTK and JT Utilities Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause the application to crash or allow arbitrary...

Hitachi Energy RTU500 series BCI

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Bidirectional Communication Interface BCI Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

Siemens Simcenter STAR-CCM+ Viewer

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Viewer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a crash and allow an attacker to execute code in the context of...

Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1...

Siemens Solid Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to an application crash or arbitrary code execution on the target host...

Weintek EasyWeb cMT

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Weintek Equipment: cMT Vulnerabilities: Code Injection, Improper Access Control, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad

Summary The Cybersecurity and Infrastructure Security Agency CISA is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the...

LCDS LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute...

Siemens LOGO! Web Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Web Server Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS...

Siemens LOGO! (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Vulnerability: Missing Authentication for Critical Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-161-03...