Siemens SICAM AK3/BC/TM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : CC-Link IE TSN Industrial Managed Switch Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of...

Siemens Siveillance Control

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Schneider Electric Easy UPS Online Monitoring Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Vendor : Schneider Electric Equipment : Easy UPS Online Monitoring Software Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow elevation of privileges which could result in arbitrary...

Mitsubishi Electric GX Works2

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 2.5 ATTENTION : Exploitable locally Vendor : Mitsubishi Electric Corporation Equipment : GX Works2 Vulnerability : Denial-of-Service 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a Denial-of-service DoS due to improper input...

Hitachi Energy Asset Suite 9

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : Asset Suite 9 Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to enter...

Siemens Polarion ALM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Mendix

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Sewio RTLS Studio

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sewio Equipment: RTLS Studio Vulnerabilities: Use of Hard-coded Password, OS Command Injection, Out-of-bounds Write, Cross-Site Request Forgery, Improper Input Validation, Cross-site Scripting 2. RISK...

Weak Security Controls and Practices Routinely Exploited for Initial Access

Summary Best Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber...

Eaton Intelligent Power Manager

1. EXECUTIVE SUMMARY CVSS v3 5.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Manager IPM v1 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

Hitachi Energy Retail Operations and CSB Software

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: High attack complexity Vendor: Hitachi Energy Equipment: Retail Operations and Counterparty Settlement and Billing CSB Product Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

Schneider Electric CNM

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: ConneXium Network Manager CNM Software Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: TPEditor Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow for arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Defending Against Malicious Cyber Activity Originating from Tor

Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This advisory—written by the Cybersecurity Security and Infrastructure...

Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation

Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK™ and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. Attributing malicious cyber activity that uses network tunneli...

Siemens Spectrum Power

1. EXECUTIVE SUMMARY CVSS v3 3.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Spectrum Power Vulnerabilities: Cleartext Storage of Sensitive Information, Exposure of Information Through Directory Listing 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

Abbott Laboratories Defibrillator

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely Vendor : Abbott Laboratories Equipment : Implantable Cardioverter Defibrillator and Cardiac Synchronization Therapy Defibrillator Vulnerabilities : Improper Authentication and Improper Restriction of Power Consumption MedSec...

Philips IntelliSpace Cardiovascular System Vulnerability

OVERVIEW Philips reported an insufficient session expiration vulnerability in the Philips’ IntelliSpace Cardiovascular cardiac image and information management systems. Philips is creating a software update to mitigate this vulnerability in the affected products. AFFECTED PRODUCTS Philips reports...

Siemens APOGEE Insight Incorrect File Permissions Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-082-01 Siemens APOGEE Insight Incorrect File Permissions Vulnerability that was published March 22, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3 -------- Siemens has identified an...

Honeywell Uniformance PHD Denial Of Service (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-070-02 Honeywell Uniformance PHD Denial of Service that was published April 12, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 5 -------- Honeywell has identified a buffer overflow...

Advantech WebAccess Stack-based Buffer Overflow

OVERVIEW Ricardo Narvaja from Core Security Consulting Services discovered and disclosed information regarding a buffer overflow vulnerabilityCore Security Advantech WebAccess Stack-based Buffer Overflow, http://www.coresecurity.com/advisories/advantech-webaccess-stack-based-buffer-overflow web...

Schneider Electric Accutech Manager Heap Overflow

Overview This advisory provides mitigation details for a vulnerability that impacts the Schneider Electric Accutech Manager. Independent researcher Aaron Portnoy of Exodus Intelligence has identified a heap-based buffer overflow vulnerability in Schneider Electric’s Accutech Manager application...

Siemens SINAMICS S/G Authentication Bypass Vulnerability

OVERVIEW Siemens has identified an authentication bypass vulnerability in the SINAMICS S/G product family. Siemens has produced a firmware update that mitigates this vulnerability and has tested the update to validate that it resolves the vulnerability. Exploitation of this vulnerability could...

Fultek WinTr Directory Traversal

Overview Researcher Daiki Fukumori of Cyber Defense Institute has identified a directory traversal vulnerability in Fultek’s WinTr SCADA application. Fultek was unable to validate this vulnerability and has not offered any mitigation plans. ICS-CERT has validated the vulnerability. This...

Sielco Sistemi WinLog Stack Overflow

Overview Independent researcher Luigi Auriemma reported a stack overflow vulnerability in Version 2.07.00 of the Sielco Sistemi WinLog Lite and Winlog Pro HMI software. Sielco Sistemi has developed an update Version 2.07.01 to address this vulnerability. The researcher has verified that the updat...

Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

Hitachi Energy RTU500 Series (Update B)

SUMMARY Hitachi Energy is aware of the vulnerabilities, CVE-2024-10037, CVE-2024-11499, CVE-2024-12169, and CVE-2025-1445 in the RTU500 Web server component, the IEC 60870-5-104 controlled station implementation and IEC 61850 implementation, that affects the RTU500 versions that are listed...

Siemens InterMesh Subscriber Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Schneider Electric Zelio Soft 2

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : Zelio Soft 2 Vulnerabilities : Use After Free, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

Rockwell Automation ControlLogix, GuardLogix 5580, CompactLogix, Compact GuardLogix 5380

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix 5580, CompactLogix, Compact GuardLogix 5380 Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of...

SDG Technologies PnPSCADA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : SDG Technologies Equipment : PnPSCADA Vulnerability : Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to attach various...

Fuji Electric Tellus Lite V-Simulator

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : Tellus Lite V-Simulator Vulnerabilities : Out-of-Bound Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local...

Siemens CP343-1 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC CN 4100

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Johnson Controls Kantech Gen1 ioSmart

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable from adjacent network Vendor : Sensormatic Electronics, LLC, an affiliate of Johnson Controls Inc. Equipment : Kantech Gen1 ioSmart card reader Vulnerability : Missing Release of Memory after Effective Lifetime 2. RISK EVALUATION...

Schneider Electric Easy UPS Online Monitoring Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Vendor: Schneider Electric Equipment: Easy UPS Online Monitoring Software Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow elevation of privileges which could result in arbitrary file...

Siemens SIMATIC STEP 7 (TIA Portal)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Hitachi Energy MACH System Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : MACH System Software Vulnerabilities : Path Traversal, Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

PTC KEPServerEX

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: KEPServerEX Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the affected device crashing. 3. TECHNICAL...

ETIC Telecom RAS Authentication

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable with adjacent access/low attack complexity Vendor: ETIC Telecom Equipment: Remote Access Server RAS Vulnerability: Insecure Default Initialization of Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Rockwell Automation Enhanced HIM

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Enhanced HIM Vulnerability: Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to sensitive information disclosure and...

Rockwell Automation PanelView 800

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PanelView 800 Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code...

Siemens SIMATIC Cloud Connect 7

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

INEA ME RTU

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: INEA Equipment: ME RTU Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Siemens Teamcenter Visualization and JT2Go

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Baicells Nova

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baicells Technologies Equipment: Nova Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands. 3...

Hitachi Energy Lumada APM

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Lumada APM Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to any...

Siemens Automation License Manager

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens APOGEE, TALON and Desigo PXC/PXM Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: FTP Server of Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products Vulnerabilities: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these...