4223 matches found
Johnson Controls Metasys
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Metasys Servers, Engines, and Tools Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could give an authenticated...
Siemens Solid Edge
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to an application crash or arbitrary code execution on the target host...
Weintek EasyWeb cMT
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Weintek Equipment: cMT Vulnerabilities: Code Injection, Improper Access Control, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
LCDS LAquis SCADA
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute...
Siemens LOGO! Web Server
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Web Server Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS...
Siemens LOGO! (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Vulnerability: Missing Authentication for Critical Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-161-03...
Rockwell Automation PanelView 5510
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: PanelView 5510 Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated user to gain root privileges on the...
BD FACSLyric (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: FACSLyric Vulnerability: Improper Access Control 2. UPDATE INFORMATION This updated medical device advisory is a follow-up to the original advisory titled ICSMA-19-029-02 BD...
Philips iSite and IntelliSpace PACS
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerability: Weak Password Requirements 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker with local network access to impact...
RealFlex RealWin Vulnerabilities
Overview This ICS-CERT Advisory is a follow-up to the ICS-CERT Alert titled, “ICS-ALERT-11-080-04—Multiple Vulnerabilities in RealFlex RealWin.” An independent researcher has published exploit code for seven vulnerabilities identified in RealFlex Technologies’ RealWin 2.1.10 Demo Supervisory...
Siemens Medium Voltage SINAMICS Products (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : Medium Voltage SINAMICS Products Vulnerabilities : Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
Omron CX-Supervisor (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low skill level to exploit Vendor : Omron Equipment : CX-Supervisor Vulnerabilities : Stack-based Buffer Overflow, Use After Free, Access of Uninitialized Pointer, Double Free, Out-of-bounds Write, Untrusted Pointer Dereference, Heap-based Buffer...
Philips IntelliSpace Cardiovascular System and Xcelera System Vulnerability
OVERVIEW Philips reported a vulnerability in the Philips’ IntelliSpace Cardiovascular and Xcelera cardiac image and information management systems. Philips has produced updates that mitigate this vulnerability in the affected products. This vulnerability could be exploited remotely. AFFECTED...
SIMPlight SCADA Software
CVSS v3 7.0 ATTENTION: Low skill level to exploit. Vendor: SIMPlight Equipment: SCADA Software Vulnerability: Uncontrolled Search Path Element AFFECTED PRODUCTS The following versions of SIMPlight SCADA software, software for building management systems and automated facilities, are affected: SCA...
Schneider Electric PowerLogic PM8ECC Cross-site Scripting Vulnerability
OVERVIEW Schneider Electric has notified NCCIC/ICS-CERT of a Cross-site Scripting XSS vulnerability in Schneider Electric’s PowerLogic PM8ECC communications add-on module for the Series 800 PowerMeter. Schneider Electric has produced a firmware update to mitigate this vulnerability. This...
Siemens SCALANCE X-200IRT Switch Family User Impersonation Vulnerability
OVERVIEW Siemens has identified a user impersonation vulnerability in its SCALANCE X-200IRT Switch Family. Siemens has produced a firmware update that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the...
CodeWrights GmbH HART DTM Vulnerability
OVERVIEW Independent researcher Alexander Bolshev has identified an improper input validation vulnerability in CodeWrights GmbH HART Device Type Manager DTM libraries. CodeWrights GmbH produces DTM libraries for vendors of HART DTM products. CodeWrights GmbH has updated the libraries that mitigat...
SearchBlox File Exfiltration Vulnerability
OVERVIEW Oana Murarasu of Ixia has identified a file exfiltration vulnerability in SearchBlox’s web-based proprietary search engine application. SearchBlox has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...
Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-169-01A Wind River VxWorks TCP Predictability Vulnerability in ICS Devices that was published November 5, 2015, on the NCCIC/ICS-CERT web site. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a...
3S CoDeSys Runtime Toolkit NULL Pointer Dereference
OVERVIEW Independent researcher Nicholas Miles has identified a NULL pointer dereference vulnerability in Smart Software Solutions 3S CoDeSys Runtime Toolkit application. 3S has produced an update that mitigates this vulnerability. Nicholas Miles has tested the update to validate that it resolves...
Arbiter Systems 1094B GPS Clock Spoofing Vulnerability
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on December 11, 2014, and is being released to the NCCIC/ICS-CERT web site. Arbiter Systems has identified a GPS clock spoofing vulnerability in its 1094B clock. Arbiter Systems has produced a new product that is no...
Meinberg Radio Clocks LANTIME M-Series XSS
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 2, 2014, and is being released to the ICS-CERT web site. Martem Telecontrol Systems security researcher Aivar Liimets has identified a reflected cross‑site scripting vulnerability in the Meinberg Radio...
Solar Magnetic Storm Impact on Control Systems
Overview The sun generates solar flare and coronal mass ejection CME events in an approximate 11-year cycle. The plasma clouds generated from these events have the potential to cause geomagnetic storms that can interfere with terrestrial communications and other electronic systems, posing a risk ...
Canary Labs Inc Trend Link Insecure ActiveX Control Method
Overview This advisory provides mitigation details for a vulnerability in the Canary Labs, Inc. Trend Link software. Researcher Kuang-Chun Hung of Security Research and Service Institute−Information and Communication Security Technology Center ICST has identified an insecure ActiveX control metho...
GE Intelligent Platforms Proficy Real-Time Information Portal Directory Traversal
Overview ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative ZDI. If exploited, this vulnerability could allow an attacker to create or overwrite a file on the system running Real-Time Information Portal. concerning a directory traversal vulnerability in the GE...
Rockwell FactoryTalk Diag Viewer Memory Corruption
Overview Independent security researchers Billy Rios and Terry McCorkle have coordinated with ICS-CERT on a memory corruption vulnerability that affects Rockwell’s Automation FactoryTalk Diagnostics Viewer product. By using a specially crafted FactoryTalk Diagnostics Viewer configuration file, an...
Sunway Force Control
Overview ICS-CERT has received a report from Security researcher Dillon Beresford of NSS Labs concerning vulnerabililities affecting Sunway ForceControl and pNetPower SCADA/HMI applications. The reported vulnerabilities are heap-based buffer overflows that could result in a denial of service or t...
ICONICS GENESIS32 and BizViz ActiveX Stack Overflow
Overview Security researchers Scott Bell and Blair Strang of Security-Assessment.com have released a report detailing a stack overflow vulnerability affecting ICONICS GENESIS32 and BizViz products. The vulnerable ActiveX control, GenVersion.dll, is a component of WebHMI, which is incorporated in...
Rockwell Automation Arena
RISK EVALUATION Successful exploitation of these vulnerabilities could disclose information to an attacker or allow execution of arbitrary code on the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...
Hitachi Energy Service Suite
SUMMARY Hitachi Energy is aware of the multiple vulnerabilities related to open-source Apache Tomcat components that affect the Service Suite product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability...
Delta Electronics DIAEnergie
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve records or...
Baxter Connex Health Portal
View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Baxter Equipment : Connex Health Portal Vulnerabilities : SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to...
Delta Electronics DIAScreen
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : DIAScreen Vulnerability : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a stack-based buffer...
Rockwell Automation FactoryTalk Historian SE
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk Historian SE Vulnerabilities : Missing Release of Resource after Effective Lifetime, Improper Check or Handling of Exceptional Conditions 2. RISK...
Horner Automation Cscape
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Horner Automation Equipment : Cscape Vulnerability : Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL...
EFACEC BCU 500
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : EFACEC Equipment : BCU 500 Vulnerabilities : Uncontrolled Resource Consumption, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
The Russia-based actor is targeting organizations and individuals in the UK and other geographical areas of interest. OVERVIEW The Russia-based actor Star Blizzard formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie continues to successfully use...
Mitsubishi Electric FA Engineering Software Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 Vendor : Mitsubishi Electric Equipment : MELIPC , MELSEC iQ-R, and MELSEC Q Series Vulnerabilities : Processor Optimization Removal or Modification of Security-Critical Code, Observable Discrepancy 2. RISK EVALUATION Successful exploitation of these...
Franklin Electric Fueling Systems Colibri
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Franklin Electric Fueling Systems Equipment : Colibri Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Red Lion Sixnet RTUs
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Red Lion Equipment : Sixnet RTU Vulnerabilities : Authentication Bypass using an Alternative Path or Channel, Exposed Dangerous Method or Function 2. RISK EVALUATION Successful exploitation...
Centralite Pearl Thermostat
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Centralite Equipment : Pearl Thermostat Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this...
Santesoft Sante FFT Imaging
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Santesoft Equipment : Sante FFT Imaging Vulnerability : Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary...
Advantech EKI-1524-CE series
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Advantech Equipment : EKI-1524-CE, EKI-1522-CE, EKI-1521-CE Vulnerabilities : Cross-Site Scripting 2. RISK EVALUATION Successful exploitation of these...
Siemens SIMATIC PCS neo Administration Console
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Mitsubishi Electric GOT2000 and GOT SIMPLE
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT2000 Series and GOT SIMPLE Series Vulnerability: Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...
Siemens SiPass Integrated
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely / low attack complexity Vendor: Siemens Equipment: SiPass Integrated Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to...
Rockwell Automation ThinManager
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ThinManager Vulnerabilities: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to decrypt traffic...
Siemens Adaptec Maxview Application
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Keysight N6845A Geolocation Server
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Keysight Technologies Equipment: N6854A Geolocation Sever Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges in...
Siemens RUGGEDCOM CROSSBOW V5.2
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...