4251 matches found
Microsoft Office 365 Security Recommendations
Summary As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 O365 and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully...
DNS Infrastructure Hijacking Campaign
Summary The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a global Domain Name System DNS infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to...
Philips iSite/IntelliSpace PACS Vulnerabilities (Update A)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code...
7-Technologies IGSS Vulnerabilities
Overview This advisory is a follow-up to ICS-ALERT-11-080-03 7-Technologies IGSS Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent researcher has identified eight vulnerabilities in 7-Technologies 7T IGSS SCADA human-machine interface HMI application. Each of t...
Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption...
Siemens Climatix BACnet/IP Communication Module Cross-site Scripting Vulnerability
OVERVIEW Siemens has identified a cross-site scripting XSS vulnerability in its Climatix BACnet/IP communication module. This vulnerability was reported directly to Siemens by Juan Francisco Bolivar Hernandez. Siemens has produced a new firmware update to mitigate this vulnerability. This...
MatrikonOPC for DNP Unhandled C++ Exception
OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified an unhandled C++ exception in the MatrikonOPC DNP3 application. MatrikonOPC has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...
Ecava IntegraXor XSS
Overview ICS-CERT received a report from an anonymous security reseacher concerning several cross site scripting XSS vulnerabilities in the Ecava IntegraXor SCADA product. ICS-CERT has worked with the reseacher and Ecava to validate these vulnerabilities. Ecava has developed a patch release of...
OHIF Viewers DICOM
ADVISORY SUMMARY Successful exploitation of this vulnerability in a custom integration version could allow an attacker to steal an authenticated clinician's token via a crafted link. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...
Schneider Electric PowerLogic P7
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
KMW CCTV Security Cameras
ADVISORY SUMMARY Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...
Johnson Controls, Inc. Frick Controls Quantum HD
RISK EVALUATION Successful exploitation of these vulnerabilities can lead to pre-authentication remote code execution, information leak or denial of service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...
Rockwell Automation Studio 5000 Logix Designer
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the device or execute malicious code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...
Tigo Energy Cloud Connect Advanced (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to gain unauthorized administrative access using hard-coded credentials, escalate privileges to take full control of the device, modify system settings, disrupt solar energy production, interfere with safety...
Hitachi Energy TRMTracker
SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the TRMTracker product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality and integrity impacts. Please refer to the Recommended Immediate Actions for...
Inaba Denki Sangyo CHOCO TEI WATCHER mini
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain the product's login password, gain unauthorized access, tamper with product's data, and/or modify product settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...
Siemens SIMATIC S7-1500 TM MFP
SUMMARY Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...
Schneider Electric EcoStruxure (Update D)
RISK EVALUATION Successful exploitation of this vulnerability allows for local privilege escalation, which could lead to the execution of a malicious DLL. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...
National Instruments LabVIEW
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...
AutomationDirect C-More EA9 Programming Software
RISK EVALUATION Successful exploitation of these vulnerabilities could result in memory corruption; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...
LCDS LAquis SCADA
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment : LAquis SCADA Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability...
Siemens Sentron Powercenter 1000
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SIMATIC SCADA and PCS 7 Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens User Management Component (UMC)
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Rockwell Automation Pavilion 8
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion 8 Vulnerability : Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...
Siemens Mendix Encryption Module
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Johnson Controls Kantech Door Controllers
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION : Exploitable via adjacent network Vendor : Johnson Controls, Inc. Equipment : Kantech KT1, KT2, KT400 Door Controllers Vulnerability : Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of...
Intrado 911 Emergency Gateway
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Intrado Equipment : 911 Emergency Gateway EGW Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious...
GE MiCOM S1 Agile
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : General Electric Equipment : MiCOM S1 Agile Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload malicious files and...
Real Time Automation 460 Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Real Time Automation Equipment : 460MCBS Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Medtronic Paceart Optima System
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Medtronic Equipment: Paceart Optima System Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution or a...
Siemens TIA Portal
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
#StopRansomware: Daixin Team
Summary Actions to take today to mitigate cyber threats from ransomware: Install updates for operating systems, software, and firmware as soon as they are released. Require phishing-resistant MFA for as many services as possible. Train users to recognize and report phishing attempts. Note: This...
7-Technologies IGSS Denial of Service (Update A)
Overview ICS-CERT has become aware of multiple denial-of-service DoS vulnerabilities in the 7-Technologies 7T Interactive Graphical SCADA System IGSS supervisory control and data acquisition SCADA human-machine interface HMI application. All vulnerabilities are remotely exploitable. 7T has...
Ecava IntegraXor SQL
Overview ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research VSR of an unauthenticated Structured Query Language SQL vulnerability in the Ecava IntegraXor human machine interface HMI product that could allow data leakage, data...
ZKTeco CCTV Cameras
ADVISORY SUMMARY Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...
Schneider Electric PowerChute Serial Shutdown
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...
Ilevia EVE X1 Server
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary shell commands and the disclosure of sensitive system information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...
Rockwell Automation FactoryTalk Action Manager
RISK EVALUATION Successful exploitation of this vulnerability could allow a local unauthenticated attacker to listen to communications and manipulate the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...
Assured Telematics Inc (ATI) Fleet Management System (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker collecting sensitive file system information or obtain administrative credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Horner Automation Cscape
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...
Subnet Solutions PowerSYSTEM Center
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as: Minimize network...
Ivanti Connect Secure and Ivanti Policy Secure external file control vulnerability
RISK EVALUATION Ivanti Connect Secure and Ivanti Policy Secure contain a vulnerability that allows a remote, authenticated attacker to write arbitrary files. These vulnerabilities are addressed in Ivanti Connect Secure version 22.7R2.6 and Ivanti Policy Secure version 22.7R1.3. 2. RECOMMENDED...
VIMESA VHF/FM Transmitter Blue Plus
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : VIMESA Equipment : VHF/FM Transmitter Blue Plus Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Rockwell Automation DataMosaix Private Cloud
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : DataMosaix Private Cloud Vulnerabilities : Inadequate Encryption Strength, Out-of-bounds Write, Improper Check for Dropped Privileges, Reliance on...
Siemens SIMATIC S7-1500 CPUs
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
OMNTEC Proteus Tank Monitoring (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : OMNTEC Mfg., Inc. Equipment : Proteus Tank Monitoring Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability allow an...
Rockwell Automation ThinManager
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: ThinManager Vulnerability: Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could...
PTC Kepware ThingWorx Kepware Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION : Exploitable from adjacent network. Vendor : PTC Equipment : Kepware ThingWorx Kepware Server Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the...
Johnson Controls exacqVision Web Service
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely Vendor : Johnson Controls, Inc. Equipment : exacqVision Web Service Vulnerability : Cross-Site Request Forgery CSRF 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform...