Omron CX-Programmer

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-Programmer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution or loss of sensitive information if a user opens a...

Rockwell Automation GuardLogix and ControlLogix controllers

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: GuardLogix, ControlLogix, Compact Logix, and Compact GaurdLogix controllers Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this...

Siemens SIMATIC WinCC OA Ultralight Client

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Mitsubishi Electric GOT2000

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT2000 Series Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition by...

Siemens LOGO! 8 BM Devices

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment : LOGO! 8 BM Devices Vulnerabilities: Buffer Copy without Checking Size of Input; Improper Input Validation; Improper Validation of Specified Index, Position, or Offset in Input. 2...

Delta Electronics CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure or an application crash. 3. TECHNICAL DETAILS 3.1...

Siemens Siveillance Identity

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siveillance Identity Vulnerabilities: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote...

Siemens SiPass Integrated

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SiPass Integrated Vulnerabilities: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote...

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

Siemens SCALANCE W780 and W740

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE W780 and W740 Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Siemens SIMATIC Controller Web Servers

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Controller Web Servers Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security...

Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Summary The Cybersecurity and Infrastructure Security Agency CISA is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration SBA COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that th...

Inductive Automation Ignition 8

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition 8 Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive...

ABB Relion 670 Series

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Relion 670 Series Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to read and delete files on the device. 3...

ICSA-19-190-04 Siemens Spectrum Power (Update A)

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power Vulnerability: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-190-04 Siemens Spectrum...

Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update F)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low skill level to exploit/public exploits are available. Vendor : Siemens Equipment : SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products Vulnerabilities : Security Features 2. UPDATE INFORMATION This updated advisory is a...

Delta Industrial Automation CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: Delta Industrial Automation CNCSoft Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition that may...

AVEVA InduSoft Web Studio and InTouch Machine Edition

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: AVEVA Software, LLC AVEVA Equipment: InduSoft Web Studio and InTouch Machine Edition Vulnerabilities: Stack-based buffer overflow 2. RISK EVALUATION The listed products are vulnerable only if the...

Medtronic N'Vision Clinician Programmer (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 5 -------- CVSS v3 6.3 --------- End Update A Part 1 of 5 ----------- ATTENTION: Low skill level to exploit Vendor: Medtronic Equipment: N’Vision Clinician Programmer --------- Begin Update A Part 2 of 5 ----------- Vulnerabilities:...

Solar Controls WATTConfig M Software

CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: Solar Controls Equipment: WATTConfig M Software Vulnerability: Uncontrolled Search Path Element AFFECTED PRODUCTS The following versions of Solar Controls’ WATTConfig M Software for Windows 2.5.10 for M SSR/MAX PLCs are affected: WATTConf...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update K)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerabilities: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update I)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...

Emerson Liebert SiteScan XML External Entity Vulnerability

OVERVIEW Researcher Evgeny Ermakov from Kaspersky Lab has identified an XML External Entity XXE vulnerability affecting Emerson’s Liebert SiteScan application. Emerson has produced patches to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The...

Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities (Update C)

OVERVIEW This updated advisory is a follow-up to the advisory update titled ICSA-16-208-01B Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities that was published October 4, 2016, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities in SIMATIC WinCC,...

OSIsoft PI AF Server Input Validation Vulnerability

OVERVIEW OSIsoft has identified an input validation vulnerability in its own PI AF Server. OSIsoft has produced a new version of PI AF Server 2016 to address this issue. This vulnerability could be exploited remotely. AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following...

Moxa MiiNePort Vulnerabilities

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-145-01 Moxa MiiNePort Vulnerabilities that was published May 24, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified weak credential management, sensitive information not...

Network Vision IntraVue Code Injection Vulnerability

OVERVIEW Researcher Jürgen Bilberger from Daimler TSS GmbH has identified a code injection vulnerability in Network Vision’s IntraVue software. Network Vision has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The...

CodeWrights GmbH HART DTM Vulnerability

OVERVIEW Independent researcher Alexander Bolshev has identified an improper input validation vulnerability in CodeWrights GmbH HART Device Type Manager DTM libraries. CodeWrights GmbH produces DTM libraries for vendors of HART DTM products. CodeWrights GmbH has updated the libraries that mitigat...

IniNet Solutions embeddedWebServer Cleartext Storage Vulnerability

OVERVIEW Aleksandr Timorin of Positive Technologies has identified a cleartext storage of sensitive information vulnerability in IniNet Solutions GmbH’s embeddedWebServer eWebServer. IniNet Solutions GmbH has produced a new version that mitigates this vulnerability. AFFECTED PRODUCTS The followin...

Resource Data Management Privilege Escalation Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified two vulnerabilities in Resource Data Management’s Data Manager application. Resource Data Management has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Resourc...

Cogent DataHub Code Injection Vulnerability

OVERVIEW NCCIC/ICS-CERT has become aware of a code injection vulnerability affecting the Cogent DataHub application produced by Cogent Real-Time Systems, Inc. An anonymous security researcher reported this vulnerability to HP’s Zero Day Initiative ZDI. A patch to mitigate this issue was released ...

Accuenergy Acuvim II Authentication Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 2, 2014, and is being released to the ICS-CERT web site. Independent researcher Laisvis Lingvevicius has identified two authentication vulnerabilities within the Accuenergy AXM-NET Ethernet module’s web...

Siemens SIMATIC WinCC Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-205-02 Siemens SIMATIC WinCC Vulnerabilities that was published July 24, 2014, on the NCCIC/ICS-CERT web site. Researchers Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai of Positive...

Ecava IntegraXor Guest Account Information Disclosure Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on April 1, 2014, and is now being released to the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi, aka rgod, has identified an information disclosure vulnerability in the Ecava IntegraXor...

Schweitzer Engineering Laboratories AcSELerator Improper Authorization Vulnerability

Overview This advisory provides mitigation details for a vulnerability affecting the Schweitzer Engineering Laboratories SEL AcSELerator QuickSet software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the SEL AcSELerator...

RuggedCom ROS Multiple Vulnerabilities

OVERVIEW Siemens has reported to NCCIC/ICS-CERT multiple vulnerabilities in the RuggedCom Rugged OS ROS. Siemens has produced a firmware update that mitigates these vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to hijack an active Web session and access...

Siemens SCALANCE X-200 Authentication Bypass Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 01, 2013, and is now being released to the ICS-CERT-Web page. Siemens has identified an authentication bypass vulnerability in the SCALANCE X-200 switch product family. Researcher Eireann Leverett of...

Top Server OPC Improper Input Validation Vulnerability

OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the Software Toolbox TOP Server DNP Master OPC product. Software Toolbox has produced a new version that mitigates this vulnerability. The researchers have test...

MatrikonOPC SCADA DNP3 Master Station Improper Input Validation

OVERVIEW This updated advisory was originally posted to the US-CERT secure Portal library on August 02, 2013, and is now being released to the ICS-CERT Web page. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in...

Siemens WinCC Flexible Runtime Heap Overflow

Overview ICS-CERT originally released Advisory ICSA-11-244-01P on the US-CERT secure Portal on September 01, 2011. This web page release was delayed to allow users sufficient time to download and install the update. Independent security researchers Billy Rios and Terry McCorkle have reported a...

ICONICS Login ActiveX Vulnerability

Overview ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning a vulnerability that affects ICONICS GENESIS32 and BizViz products. This vulnerability includes a crash in the Security Login controls used by GENESIS32 due to a buffer overflow...

Rockwell FactoryTalk Diag Viewer Memory Corruption

Overview Independent security researchers Billy Rios and Terry McCorkle have coordinated with ICS-CERT on a memory corruption vulnerability that affects Rockwell’s Automation FactoryTalk Diagnostics Viewer product. By using a specially crafted FactoryTalk Diagnostics Viewer configuration file, an...

Siemens SINEC INS

SUMMARY SINEC INS before V1.0 SP2 Update 3 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC INS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network access to...

Delta Electronics DTN Soft

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : DTN Soft Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution...

HMS Industrial Networks Anybus-CompactCom 30

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: HMS Industrial Networks Equipment: Anybus-CompactCom 30 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

Inosoft VisiWin

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity/public exploits are available Vendor : Inosoft Equipment : VisiWin Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain SYSTEM...

Rockwell Automation FactoryTalk View SE

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View SE Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Mitsubishi Electric Multiple FA Engineering Software Products (Update E)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.0 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : Multiple FA Engineering Software Products Vulnerabilities : Improper Privilege Management, Uncontrolled Resource Consumption, Out-of-bounds Write, Improper Privilege Management 2...

SUBNET PowerSYSTEM Server and Substation Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Low attack complexity Vendor : SUBNET Solutions Inc. Equipment : PowerSYSTEM Server, Substation Server 2021 Vulnerabilities : Reliance on Insufficiently Trustworthy Component 2. RISK EVALUATION Successful exploitation of the vulnerabilities...