Hitachi Energy MACH HiDraw

SUMMARY Hitachi Energy is aware of a buffer overflow vulnerability that affects MACH HiDraw product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages denial of service and...

Siemens gWAP

SUMMARY Siemens gPROMS Web Applications Publisher gWAP is affected by a remote code execution vulnerability introduced through a third-party component, namely the Axios HTTP client library. The vulnerability stems from a specific "Gadget" attack chain that allows prototype pollution in other...

Delta Electronics COMMGR (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow for an attacker to remotely access the AS3000Simulator family in the COMMGR software and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

Schneider Electric communication modules for Modicon M580 and Quantum controllers (Update B)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Hitachi Energy MACH PS700

SUMMARY Hitachi Energy is aware of a vulnerability in third party component Intel Chipset Device Software, that affects MACH PS700 v2 product versions listed in this document. Authenticated malicious clients successfully exploiting this vulnerability could escalate the privilege to cause...

ECOVACS lawnmower and vacuum vulnerabilities

RISK EVALUATION ECOVACS lawnmowers, vacuums, and other robots contain multiple vulnerabilities. In some cases, using a combination of vulnerabilities, an attacker within Bluetooth range or with appropriate network access can take complete control of a robot device. Some vulnerabilities allow an...

Ruijie Reyee OS (Update A)

RISK EVALUATION Successful exploitation of this vulnerabilities could allow attackers to take near full control over the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

Hitachi Energy TRO600

RISK EVALUATION Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensive...

Rockwell Automation Pavilion8

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion8 Vulnerabilities : Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

IBM webMethods Integration Multiple Vulnerabilities

RISK EVALUATION IBM webMethods Integration contains multiple vulnerabilities that could allow an authenticated attacker to escalate privileges within webMethods, execute arbitrary operating system commands, or read arbitrary files. 2. RECOMMENDED PRACTICES Install webMethods Integration Corefix...

Siemens SCALANCE W700

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens JT Open and PLM XML SDK

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Rockwell Automation FactoryTalk View SE

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View SE Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an outside attacker...

Siemens TIA Administrator

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Westermo EDW-100

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Westermo Equipment : EDW-100 Vulnerabilities : Use of Hard-coded Password, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Siemens SCALANCE W700

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens RUGGEDCOM ROS Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Medtronic Paceart Optima System

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Medtronic Equipment: Paceart Optima System Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution or a...

Siemens S7-1500 CPU devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Haas Controller

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Haas Automation, Inc Equipment: Haas Controller Vulnerabilities: Missing Authentication for Critical Function, Insufficient Granularity of Access Control, Cleartext Transmission of Sensitive Information...

Hitachi Energy Relion 670 650 series and SAM600-IO Product

SUMMARY Hitachi Energy is aware of two critical memory allocation vulnerabilities called BadAlloc 1 vulnerabilities in the WindRiver VxWorks Operating Systems 23 that are used in our product versions listed in this advisory. An attacker that exploits these vulnerabilities might bypass security...

Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Summary Immediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Usestrong passwords. • Usemulti-factor authentication. Note: This advisory uses the MITRE Adversarial Tactics, Technique...

Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption...

Siemens SICAM PAS Information Disclosure Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-182-02A Siemens SICAM PAS Vulnerabilities that was published November 29, 2016, on the NCCIC/ICS-CERT web site. Positive Technologies’ Ilya Karpov and Dmitry Sklyarov have identified two vulnerabilities in the...

MatrikonOPC for DNP Unhandled C++ Exception

OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified an unhandled C++ exception in the MatrikonOPC DNP3 application. MatrikonOPC has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...

Samsung Data Management Server (Update B)

Overview This updated website posting provides new information regarding Samsung’s process for acquiring the updated software to mitigate the reported vulnerability. José A. Guasch,http://www.SecurityByDefault.com reported a SQL injection vulnerability in the Samsung Data Management Server DMS...

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter

ADVISORY SUMMARY Successful exploitation of this vulnerability could result in an attacker gaining administrator access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

Siemens License Server (SLS)

SUMMARY Siemens License Server before V4.3 contains various vulnerabilities that could allow a low-privileged local user to escalate privileges or perform arbitrary code execution. Siemens has released a new version for Siemens License Server SLS and recommends to update to the latest version...

Hitachi Energy TRMTracker

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the TRMTracker product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality and integrity impacts. Please refer to the Recommended Immediate Actions for...

AutomationDirect C-More EA9 Programming Software

RISK EVALUATION Successful exploitation of these vulnerabilities could result in memory corruption; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

LCDS LAquis SCADA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment : LAquis SCADA Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability...

Siemens User Management Component (UMC)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Hughes Network Systems WL3000 Fusion Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : Low attack complexity Vendor : Hughes Network Systems Equipment : WL3000 Fusion Software Vulnerabilities : Insufficiently Protected Credentials, Missing Encryption of Sensitive Data 2. RISK EVALUATION Successful exploitation of these...

PTC Kepware ThingWorx Kepware Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION : Exploitable from adjacent network. Vendor : PTC Equipment : Kepware ThingWorx Kepware Server Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the...

Johnson Controls exacqVision Server web service

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.6 ATTENTION : Exploitable remotely Vendor : Johnson Controls Inc. Equipment : exacqVision Web Service Vulnerability : Permissive Cross-domain Policy with Untrusted Domains 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Positron Broadcast Signal Processor

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Positron S.R.L Equipment : Broadcast Signal Processor TRA7005 Vulnerability : Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION...

Siemens SICAM Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Rockwell Automation Pavilion 8

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion 8 Vulnerability : Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

Johnson Controls Illustra Essentials Gen 4 (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Johnson Controls, Inc. Equipment : Illustra Essentials Gen 4 Vulnerability : Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability may...

Intrado 911 Emergency Gateway

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Intrado Equipment : 911 Emergency Gateway EGW Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious...

Siemens Mendix Applications

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

GE MiCOM S1 Agile

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : General Electric Equipment : MiCOM S1 Agile Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload malicious files and...

Real Time Automation 460 Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Real Time Automation Equipment : 460MCBS Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Johnson Controls IQ Wifi 6

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION : Low attack complexity Vendor : Johnson Controls Inc. Equipment : IQ Wifi 6 Vulnerability : Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to...

Siemens TIA Portal

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7-Technologies IGSS Denial of Service (Update A)

Overview ICS-CERT has become aware of multiple denial-of-service DoS vulnerabilities in the 7-Technologies 7T Interactive Graphical SCADA System IGSS supervisory control and data acquisition SCADA human-machine interface HMI application. All vulnerabilities are remotely exploitable. 7T has...

CareFusion Pyxis SupplyStation System Vulnerabilities

OVERVIEW Independent researchers Billy Rios and Mike Ahmadi in collaboration with CareFusion have identified numerous third-party software vulnerabilities in end-of-life versions of CareFusion’s Pyxis SupplyStation system. The Pyxis SupplyStation was obtained through a third-party that resells...

Ecava IntegraXor XSS

Overview ICS-CERT received a report from an anonymous security reseacher concerning several cross site scripting XSS vulnerabilities in the Ecava IntegraXor SCADA product. ICS-CERT has worked with the reseacher and Ecava to validate these vulnerabilities. Ecava has developed a patch release of...

Schneider Electric EcoStruxure PME and EPO

GENERAL SECURITY RECOMMENDATIONS Schneider Electric strongly recommends the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business...

Rockwell Automation Studio 5000 Logix Designer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the device or execute malicious code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...