4214 matches found
Johnson Controls exacqVision Web Service
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Johnson Controls, Inc. Equipment : Web Service Vulnerability : Use of GET Request Method With Sensitive Query Strings 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Siemens SIMATIC STEP 7 (TIA Portal)
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
MicroDicom DICOM Viewer
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : MicroDicom Equipment : DICOM Viewer Vulnerabilities : Improper Authorization in Handler for Custom URL Scheme, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these...
Siemens SIMATIC S7-200 SMART Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
SUBNET PowerSYSTEM Center
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Low attack complexity Vendor : Subnet Solutions Inc. Equipment : PowerSYSTEM Center Vulnerabilities : Reliance on Insufficiently Trustworthy Component 2. RISK EVALUATION Successful exploitation of the vulnerabilities in components used by...
Siemens SENTRON
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Solid Edge
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Parasolid
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Location Intelligence
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens LOGO! and SIPLUS LOGO!
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Hitachi Energy RTU500 series
SUMMARY Hitachi Energy is aware of the vulnerabilities CVE-2023-5767, CVE-2023-5768 and CVE-2023-5769 in the Web server and HCI IEC 60870-5-104 component, that affects the RTU500 versions that are listed below. An at- tacker successfully exploiting these vulnerabilities could perform cross-site...
Siemens RUGGEDCOM APE1808 Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens CPCI85 Firmware of SICAM A8000 Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Moxa UC Series
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low attack complexity Vendor: Moxa Equipment: UC Series Vulnerability: Improper Physical Access Control 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-333-04 Moxa UC Series that was published November...
Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Summary This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the Multi-State Information Sharing and Analysis Center MS-ISAC. The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeti...
McAfee Night Dragon Report (Update A)
Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain...
Progea Movicon TCPUploadServer (Update A)
Overview ICS-CERT has received a report from independent security researcher Jeremy Brown of a data leakage and denial-of-service vulnerability in Progea’s Movicon 11 human machine interface HMI product. Progea has verified the vulnerability and has developed a patch to address the issue. ICS-CER...
MOXA Device Manager Buffer Overflow (Update A)
Overview --------- Begin Update A Part 1 of 2 ---------- On October 20, 2010, an independent security researcher postedRubén Santamarta, http://www.reversemode.com/index.php?option=comcontent&task=view&id=70&Itemid=1, website last visited October 28, 2010. information regarding a vulnerability in...
Honeywell ScanServer ActiveX Control (Update A)
Overview --------- Begin Update A Part 1 of 3 ---------- This ICS-CERT Advisory is an update to ICSA-11-103-01 – Honeywell ScanServer ActiveX Control, which was originally released on April 13, 2011. A security research company, Secunia, has released a report of a use-after-free...
7-Technologies IGSS 8 ODBC Server Remote Heap Corruption
Overview ICS-CERT has received a report from independent security researcher Jeremy Brown that a remote heap corruption vulnerability exists in IGSS Interactive Graphical SCADA System Version 8 from 7-Technologies 7T. 7T has verified the vulnerability and has developed a patch. Affected Products...
Unitronics UNIOPC Server Input Handling Vulnerability
Overview Independent security researchers Billy Rios and Terry McCorkle have identified a vulnerability in Unitronics’ UniOPC Server product. --------- Begin Update A Part 1 of 3 -------- This vulnerability is a result of improper handling of input by a third-party component, https50.ocx, which i...
Siemens SIMATIC
SUMMARY SIMATIC HMI Unified Comfort Panels before V21.0 are affected by a vulnerability that allows an unauthenticated attacker to access the web browser via the help link. This vulnerability allows an attacker to access the web browser through the Control Panel if it is not protected by the...
Siemens APOGEE PXC and TALON TC Series
SUMMARY APOGEE PXC and TALON TC Series BACnet Devices devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a...
ABB Automation Builder (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to overrule the Automation Builder's user management. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...
Schneider Electric Trio Q Licensed Data Radio
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Edimax IC-7100 IP Camera
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send specially crafted requests to achieve remote code execution on the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Siemens Solid Edge
SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as PAR or PSM format, and by a DLL hijacking vulnerability. This could allow an attacker to crash the application or execute...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance CSA Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...
Rockwell Automation AADvance Standalone OPC-DA Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : AADvance Standalone OPC-DA Server Vulnerabilities : Improper Input Validation, Use of Externally Controlled Format String 2. RISK EVALUATION Successful...
Mitsubishi Electric MELSOFT MaiLab and MELSOFT VIXIO (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Corporation Equipment : MELSOFT MaiLab Vulnerability : Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...
Johnson Controls Inc. Software House C●CURE 9000 (Update B)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Johnson Controls Inc. Equipment : Software House C●CURE 9000 Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...
Siemens TIA Portal and SIMATIC STEP 7
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SIMATIC WinCC
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Johnson Controls Illustra Essentials Gen 4 (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely Vendor : Johnson Controls, Inc. Equipment : Illustra Essentials Gen 4 Vulnerability : Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated...
Siemens SENTRON 7KM PAC3x20
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
Actions to take today to mitigate malicious cyber activity: 1. Continuously remove and disable accounts and groups from the enterprise that are no longer needed, especially privileged accounts. 2. Enable and enforce multifactor authentication with strong passwords. 3. Store credentials in a secur...
Siemens Simantic S7-1500 CPU family
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SINUMERIK
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Hitachi Energy Relion 670/650/SAM600-IO Series (Update C)
SUMMARY Hitachi Energy is aware of the vulnerability CVE-2023-4518 that affects the Relion 670/650/SAM600-IO series that are listed below. An attacker successfully exploiting this vulnerability could cause operational disruptions of the devices. For immediate mitigation/workaround information,...
Schneider Electric IGSS
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : low attack complexity Vendor : Schneider Electric Equipment : IGSS Interactive Graphical SCADA System Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
Advantech WebAccess
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Advantech Equipment : WebAccess Vulnerability : Debug Messages Revealing Unnecessary Information 2. RISK EVALUATION Successful exploitation of this vulnerability could leak user credentials...
Siemens Mendix Forgot Password Module
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
#StopRansomware: Snatch Ransomware
Actions to take today to mitigate malicious cyber activity: 1. Secure and closely monitor Remote Desktop Protocol RDP. 2. Maintain offline backups of data. 3. Enable and enforce phishing-resistant multifactor authentication MFA...
Rockwell Automation FactoryTalk Transaction Manager
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Transaction Manager Vulnerability: Uncontrolled Resource Consumption. 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the...
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
Actions to take today to harden your local environment: 1. Establish a security baseline of normal network activity; tune network and host-based appliances to detect anomalous behavior. 2. Conduct regular assessments to ensure appropriate procedures are created and can be followed by security sta...
RONDS Equipment Predictive Maintenance Solution
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: RONDS Equipment: Equipment Predictive Maintenance EPM Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal 2. RISK EVALUATION Successful exploitation of these...
North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of the Treasury Treasury are releasing this joint Cybersecurity Advisory CSA to provide information on Maui ransomware, which has been used by North Korean state-sponsored...
Siemens SICAM PQ Analyzer
1. EXECUTIVE SUMMARY CVSS v3 3.4 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SICAM PQ Analyzer Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve persistence on the system or cause a...
Ecava IntegraXor Directory Traversal
Overview This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal, published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface HMI product that could all...
Siemens SIPROTEC 4 and SIPROTEC Compact (Update E)
CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerabilities: Improper Input Validation, Missing Authorization, Improper Authentication UPDATE INFORMATION This updated advisory is a follow-up to the updated...