4255 matches found
Philips EncoreAnywhere
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely/public exploits are available Vendor : Philips Equipment : EncoreAnywhere product used in the Asia-Pacific APAC Region Vulnerability : Information Exposure 2. RISK EVALUATION Successful exploitation of this vulnerability can result...
GE Communicator
CVSS v3 7.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: Communicator Vulnerability: Heap-Based Buffer Overflow AFFECTED PRODUCTS The following versions of Communicator, an application for programming and monitoring supported metering devices, are affected:...
Moxa SoftCMS SQL Injection Vulnerability
OVERVIEW Zhou Yu of Acorn Network Security has identified a SQL injection vulnerability in Moxa's SoftCMS. ZDI reported this vulnerability to ICS-CERT. Moxa has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Moxa reports that t...
RLE Nova-Wind Turbine HMI Unsecure Credentials Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-162-01 RLE Nova‑Wind Turbine HMI Unsecure Credentials Vulnerability that was published June 11, 2015, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified an unsecure credential...
Hospira LifeCare PCA Infusion System Vulnerabilities
OVERVIEW Independent researcher Billy Rios has identified an improper authorization vulnerability and an insufficient verification of data authenticity vulnerability in Hospira’s LifeCare PCA Infusion System, which NCCIC/ICS-CERT has been coordinating with Hospira since May 2014. This advisory is...
Bash Command Injection Vulnerability (Supplement)
OVERVIEW This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-269-01 Bash Command Injection Vulnerability and all following updates that were originally published September 26, 2014, on the ICS-CERT web site and posted to the US-CERT secure Portal library. Please...
Progea Movicon SCADA Information Disclosure Vulnerability
OVERVIEW Celil Ünüver of SignalSEC Ltd. has identified an information disclosure vulnerability in the Progea Movicon application. Progea has produced a new version that mitigates this vulnerability. The researcher has tested the new version to validate that it resolves the vulnerability. This...
Schneider Electric PLCs Vulnerabilities
OVERVIEW --------- Begin Update B Part 1 of 2 -------- This updated advisory is a follow-up to the previous advisory update titled ICSA-13-077-01A Schneider Electric PLCs Vulnerabilities Update A that was published March 20, 2013, on the ICS-CERT Web page. It is also a follow-up to the updated...
Cooper Power Systems Improper Input Validation Vulnerability
OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the Cooper Power Systems SMP Gateway DNP3 protocol components. Cooper Power Systems has produced a new firmware version that mitigates this vulnerability. Coope...
Invensys Wonderware HMI Reports XSS and Write Access Violation Vulnerabilities
Overview Independent security researchers Billy Rios and Terry McCorkle have identified cross-site scripting XSS and write access violation vulnerabilities in the Invensys Wonderware HMI reports product. ICS-CERT has coordinated these two vulnerabilities with Invensys, which has produced a new...
Progea Movicon Power HMI Vulnerabilities
Overview This advisory is a follow-up to the Alert titled “ICS-ALERT-11-256-01 – Progea Movicon PowerHMI Vulnerabilities” that was published September 13, 2011, on the ICS-CERT web page. Two buffer overflow and one memory corruption vulnerability were disclosed affecting the Progea Movicon’s...
Advantech Studio Test Web Server Buffer Overflow
Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the test web server bundled with Advantech Studio Version 6.1. This web server is intended to be used for testing purposes and should not be us...
ABB Automation Builder (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to overrule the Automation Builder's user management. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...
Hitachi Energy PCU400
SUMMARY Hitachi Energy is aware of the multiple vulnerabilities related to various versions of OpenSSL library components used in PCU400 versions listed in this document below for IEC62351-3 secure for IEC104/DNP3 or PCULogger tool. These vulnerabilities if exploited, can cause confidentiality...
Siemens RUGGEDCOM APE1808
SUMMARY Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications. 2. GENERAL...
Contec Health CMS8000 Patient Monitor (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely send specially formatted UDP requests or connect to an unknown external network that would allow them to write arbitrary data, resulting in remote code execution. The device may also leak patient...
Franklin Fueling Systems TS-550 EVO
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Franklin Fueling Systems Equipment : TS-550 EVO Automatic Tank Gauge Vulnerability : Absolute Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability allow an...
OPW Fuel Management Systems SiteSentinel
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : OPW Fuel Managements Systems Equipment : SiteSentinel Vulnerability : Missing Authentication For Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Rockwell Automation ThinManager ThinServer
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Rockwell Automation Equipment : ThinManager ThinServer Vulnerabilities : Improper Privilege Management, Incorrect Permission Assignment for Critical Resource, Improper Input Validation 2...
Johnson Controls Illustra Essentials Gen 4 (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Johnson Controls, Inc. Equipment : Illustra Essentials Gen 4 Vulnerability : Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability may...
Johnson Controls Illustra Essentials Gen 4 (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Johnson Controls, Inc. Equipment : Illustra Essentials Gen 4 Vulnerability : Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability...
RoboDK RoboDK
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low attack complexity Vendor: RoboDK Equipment: RoboDK Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker crashing the program through heap-based buffer...
Santesoft Sante FFT Imaging
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Santesoft Equipment : Sante FFT Imaging Vulnerability : Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code once a user...
Johnson Controls Metasys and Facility Explorer (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Johnson Controls Equipment : Metasys and Facility Explorer Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Rockwell Automation FactoryTalk View Site Edition
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View Site Edition Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the...
Fujitsu Limited Real-time Video Transmission Gear "IP series"
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Fujitsu Limited Equipment: Real-time Video Transmission Gear "IP series" Vulnerability: Use Of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker logging into...
CODESYS Development System
1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Improper Restriction of Excessive Authentication Attempts. 2. RISK EVALUATION Successful exploitation of this vulnerability could provide a local attacker...
AXIS A1001
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Exploitable from adjacent network Vendor : Axis Communications Equipment : AXIS A1001 Vulnerability : Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3...
SpiderControl SCADAWebServer
1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: SpiderControl Equipment: SCADAWebServer Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition 3. TECHNICAL DETAILS...
Siemens Industrial Edge Management
1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Industrial Edge Management Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject malicious maintenance requests...
Siemens Solid Edge
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the current process. 3...
North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of the Treasury Treasury are releasing this joint Cybersecurity Advisory CSA to provide information on Maui ransomware, which has been used by North Korean state-sponsored...
Strengthening Cybersecurity of SATCOM Network Providers and Customers
Summary Updated May 10, 2022: The U.S. government attributes this threat activity to Russian state-sponsored malicious cyber actors. Additional information may be found in a statement from the State Department . For more information on Russian malicious cyber activity, refer to...
Siemens Spectrum Power 4
1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Spectrum Power 4 Vulnerability: Cross-site scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the confidentiality and integrity of the...
Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise IOCs,...
Siemens Mendix SAML Module
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate...
Panasonic FPWIN Pro
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Panasonic Equipment: FPWIN Pro Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an out-of-bounds read, which may allow remote code execution. 3...
ENTTEC Lighting Controllers
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ENTTEC Equipment: Datagate MK2, Storm 24, Pixelator Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could reboot this...
Advantech WebAccess/SCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Improper Authentication, Authentication Bypass, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...
Siemens SIMATIC Authentication Bypass (Update B)
CVSS v3 9.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Vulnerability: Authentication Bypass UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-045-03A Siemens SIMATIC Authentication Bypass that was...
Siemens SIMATIC S7-1500 CPU Vulnerabilities
OVERVIEW Siemens has identified two vulnerabilities in the Siemens SIMATIC S7-1500 CPU family. Siemens has produced a firmware update to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens SIMATIC S7-1500 CPU versions are...
CA Unified Infrastructure Management Directory Traversal Vulnerability (Update B)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-315-01A CA Unified Infrastructure Management Directory Traversal Vulnerability that was published November 15, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi, working with Zero Day...
American Auto-Matrix Front-End Solutions Vulnerabilities
OVERVIEW Independent researcher Maxim Rupp has identified a local file inclusion and a plain text storage of password vulnerabilities in American Auto-Matrix’s Building Automation Front-End Solutions application. The Aspect-Matrix hardware platform was made end of life in 2015 and will no longer...
Moxa Active OPC Server Unquoted Service Path Escalation Vulnerability
OVERVIEW Independent researcher Zhou Yu has identified an unquoted service path escalation vulnerability in Moxa’s Active OPC Server application. Moxa has produced a new version to mitigate this vulnerability. Zhou Yu has tested the new version to validate that it resolves the vulnerability...
Siemens SINEMA Server Privilege Escalation Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-215-02 Siemens SINEMA Server Privilege Escalation Vulnerability that was published August 2, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- Security researcher rgod working...
Schneider Electric Invensys Positioner Buffer Overflow Vulnerability
OVERVIEW Ivan Sanchez from Nullcode Team has identified a buffer overflow security vulnerability in the DTM Device Type Manager software for Schneider Electric’s Invensys SRD Control Valve Positioner product line. Schneider Electric has produced a new version that mitigates this vulnerability...
Supplement to ICSA-15-237-02 EasyIO-30P-SF Hard-Coded Credential Vulnerability
OVERVIEW This advisory supplement was originally posted to the US-CERT secure Portal library on August 25, 2015, and is being released to the NCCIC/ICS-CERT web site. This advisory supplement is to accompany the ICS-CERT advisory titled ICSA‑15‑237‑02 EasyIO-30PF-SF Hard-Coded Credential...
Catapult Software DNP3 Driver Improper Input Validation
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 24, 2013, and is now being released to the NCCIC/ICS-CERT Web site. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in Catapult Software’s DN...
Optimalog Optima PLC Multiple Vulnerabilities
Overview Independent researcher Luigi Auriemma identified a NULL Pointer Dereference and an Infinite Loop and released proof-of-concept exploit code for Optimalog’s Optima PLC application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. Optimalog...
ScadaBR
ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...