4223 matches found
Siemens RUGGEDCOM APE1808
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SIMATIC RTLS Gateways
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Red Lion Crimson
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Red Lion Equipment : FlexEdge Gateway, DA50A, DA70A running Crimson Vulnerability : Improper Neutralization of Null Byte or NUL Character 2. RISK EVALUATION Successful exploitation of this...
Siemens Parasolid Installer
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...
Sensormatic Electronics VideoEdge
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc. Equipment: VideoEdge Vulnerability: Acceptance of Extraneous Untrusted Data with Trusted Data 2. RISK EVALUATION Successful exploitation of this...
Rockwell Automation Kinetix 5700 DC Bus Power Supply
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Kinetix 5700 Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service attack...
SUBNET PowerSYSTEM Center
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: SUBNET Solutions Inc. Equipment: PowerSYSTEM Center Vulnerabilities: Cross-site Scripting, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Siemens SICAM Q200 Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Snap One Wattbox WB-300-IP-3
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Snap One Equipment: Wattbox WB-300-IP -3 Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Heap-based Buffer Overflow, Plaintext Storage of a Password, Insufficient Verificatio...
Mitsubishi Electric MELFA SD/SQ series and F-series Robot Controllers
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELFA SD/SQ series and F-series Robot Controllers Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...
Siemens Mendix Workflow Commons
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Mitsubishi Electric MELSEC iQ-R Series
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker...
Hitachi Energy IED Connectivity Packages and PCM600 Products (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Low attack complexity Vendor : Hitachi Energy Equipment : PCM600 Vulnerability : Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive...
Cradlepoint IBR600
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Cradlepoint Equipment: IBR600 Vulnerabilities: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code and native system commands. 3. TECHNICAL DETAILS 3.1...
Delta Industrial Automation DIALink
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Industrial Automation Equipment: DIALink Vulnerability: Path traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to place malicious code on the...
Siemens JT Open Toolkit and Simcenter Femap
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT Open Toolkit and Simcenter Femap Vulnerability: Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the application or lead to arbitrary code...
Daikin Holdings Singapore
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Daikin Holdings Singapore Pte Ltd. Equipment: SVMPC1, SVMPC2 Vulnerabilities: Use of Hard-coded Password, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Delta Industrial Automation DRAS
1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: Delta Robot Automation Studio DRAS Vulnerability: Improper Restriction of XML External Entity Reference. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...
Siemens SCALANCE X Switch Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Hillrom Medical Device Management
1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hillrom Medical. Welch Allyn, and ELI are registered trademarks of Baxter International, Inc., or its subsidiaries. Equipment: Welch Allyn medical devices Vulnerabilities: Use of Hard-coded Password,...
Siemens Teamcenter Active Workspace
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Active Workspace Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remove code execution...
BlackMatter Ransomware
Summary Actions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Usestrong, unique passwords. • Usemulti-factor authentication. • Implement network segmentation and traversal monitoring. Note: this advisory uses t...
Johnson Controls Metasys
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Metasys Servers, Engines, and Tools Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could give an authenticated...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a non-administrative user to gain administrative...
Siemens TIA Administrator (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: TIA Portal and PCS neo Vulnerability: Improper Access Control 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-040-05 Siemens TIA Administrator that was...
Delta Electronics TPEditor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: TPEditor Vulnerabilities: Untrusted Pointer Dereference, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute...
Siemens SIMATIC HMI Products (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC HMI Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Authentication Bypass by Primary Weakness 2. UPDATE INFORMATION This updated advisory is a...
Siemens SICAM A8000 RTUs
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SICAM A8000 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the confidentiality, integrity, and availability of the web application...
Philips IntelliBridge Enterprise IBE
1. EXECUTIVE SUMMARY CVSS v3 2.0 Vendor: Philips Equipment: IntelliBridge Enterprise IBE Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access credentials to the hospital’s clinical...
DNP3 Implementation Vulnerability (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-13-291-01A DNP3 Implementation Vulnerability that was published November 21, 2013, on the NCCIC/ICS-CERT web site. Adam Crain of Automatak and Chris Sistrunk, Sr. Consultant for Mandiant, reported an improper input...
Moxa MXview
CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: Moxa Equipment: MXview Vulnerability: Unquoted Search Path or Element. AFFECTED PRODUCTS The following versions of MXview, network management software, are affected: MXview v2.8 and prior. IMPACT Successful exploitation of this...
Moxa SoftCMS Live Viewer
CVSS v3 9.8 AFFECTED PRODUCTS The following versions of SoftCMS Live Viewer, a video surveillance software designed for industrial automation systems, are affected: SoftCMS Live Viewer, Version 1.6 and prior versions. IMPACT Successful exploitation of this vulnerability could allow an...
OSIsoft PI Coresight
CVSS v3 7.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OSIsoft Equipment: PI Coresight Vulnerability: Cross-Site Request Forgery AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following PI Coresight products: PI Coresight 2016 R2 and earlier versions...
Siemens SIMATIC CP 44x-1 Redundant Network Access Modules
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC CP 44x-1 Redundant Network Access RNA modules Vulnerability: Improper Authentication AFFECTED PRODUCTS The following versions of the SIMATIC CP 44x-1 RNA, which connect SIMATIC S7-400 CPUs t...
Siemens SIMATIC Authentication Bypass (Update A)
CVSS v3 9.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Vulnerability: Authentication Bypass UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-045-03 Siemens SIMATIC Authentication Bypass that was...
Siemens APOGEE Insight Incorrect File Permissions Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-082-01 Siemens APOGEE Insight Incorrect File Permissions Vulnerability that was published March 22, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3 -------- Siemens has identified an...
Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certifica...
XZERES 442SR Wind Turbine Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified a cross-site request forgery CSRF vulnerability in XZERES’s 442SR turbine generator operating system OS. XZERES has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The...
Advantech WebAccess Buffer Overflow Vulnerability
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-251-01 Advantech WebAccess Buffer Overflow Vulnerability that was published September 8, 2015, on the NCCIC/ICS-CERT web site. Security researcher Praveen Darshanam reported a stack-based overflow vulnerability ...
Schneider Electric OFS Buffer Overflow Vulnerability
OVERVIEW Schneider Electric has reported to NCCIC/ICS-CERT a Stack Buffer Overflow vulnerability supplied with the Schneider Electric OPC Factory Server OSF. Independent researcher known as 0x7A240E67 submitted the vulnerability to ZDI, who provided coordination with the vendor and ICS-CERT...
Schneider Electric Telvent SAGE RTU DNP3 Improper Input Validation Vulnerability
OVERVIEW This advisory was originally posted to the US-CERT secure portal library on January 06, 2014, and is now being released to the NCCIC/ICS-CERT Web site. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in the Schneider Electric...
Cogent DataHub Code Injection Vulnerability
OVERVIEW NCCIC/ICS-CERT has become aware of a code injection vulnerability affecting the Cogent DataHub application produced by Cogent Real-Time Systems, Inc. hereafter referred to as Cogent. Security researcher John Leitch reported this vulnerability to the Zero Day Initiative ZDI, who then...
Elecsys Director Gateway Improper Input Validation Vulnerability
OVERVIEW Adam Crain of Automatak and independent researchers Chris Sistrunk and Adam Todorski have identified an improper input validation in the Elecsys Director Gateway application. Elecsys has produced a patch that mitigates this vulnerability. Adam Todorski has tested the patch to validate th...
SUBNET Solutions Inc. SubSTATION Server DNP3 Outstation Improper Input Validation
OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in the SUBNET Solutions Inc. SubSTATION Server software application. SUBNET Solutions Inc. has produced a new version that mitigates this vulnerability. SUBNET Solutions Inc. ha...
MOXA Weak Entropy in DSA Keys Vulnerability
Overview Researcher Nadia Heninger of the University of California, San Diego, and researchers Zakir Durumeric, Eric Wustrow, and J. Alex Halderman of the University of Michigan identified an insufficient entropy vulnerability in MOXA OnCell Gateways. MOA produced and released a firmware upgrade ...
Siemens COMOS Permissions, Privileges, and Access Controls
OVERVIEW This advisory provides mitigation details for vulnerabilities that impact the Siemens COMOS database system. Siemens has identified a permissions, privileges, and access controls vulnerability in the Siemens COMOS database system. Siemens has produced software updates that mitigate this...
InduSoft ISSymbol ActiveX Control Buffer Overflow
Overview ICS-CERT has received a report from independent security researcher Dmitriy Pletnev of Secunia Research about ActiveX control buffer overflow vulnerabilities with proof-of-concept exploit code affecting the InduSoft ISSymbol product. Secunia has coordinated with InduSoft, who has produce...
ICONICS Login ActiveX Vulnerability
Overview ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning a vulnerability that affects ICONICS GENESIS32 and BizViz products. This vulnerability includes a crash in the Security Login controls used by GENESIS32 due to a buffer overflow...
ICONICS GENESIS32 and BizViz ActiveX Trusted Zone Vulnerability
Overview ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning ICONICS GENESIS32 and BizViz products. This vulnerability involves a design issue in a GENESIS32 ActiveX control that can set an arbitrary domain to the trusted zone. ICONICS has...
Siemens Engineering Platforms
SUMMARY Affected products contain a local arbitrary code execution vulnerability that could allow an attacker to perform actions against the operation system of that environment. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet...