Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2020/04/29 12:0 p.m.21 views

Microsoft Office 365 Security Recommendations

Summary As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 O365 and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully...

9.3AI score
Exploits0References36
ICS
ICS
added 2019/02/13 12:0 p.m.21 views

DNS Infrastructure Hijacking Campaign

Summary The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a global Domain Name System DNS infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to...

9.3AI score
Exploits0References21
ICS
ICS
added 2018/10/02 12:0 p.m.21 views

Philips iSite/IntelliSpace PACS Vulnerabilities (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code...

9.2AI score
Exploits0References49
ICS
ICS
added 2018/09/06 12:0 p.m.21 views

7-Technologies IGSS Vulnerabilities

Overview This advisory is a follow-up to ICS-ALERT-11-080-03 7-Technologies IGSS Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent researcher has identified eight vulnerabilities in 7-Technologies 7T IGSS SCADA human-machine interface HMI application. Each of t...

9AI score
Exploits0References20
ICS
ICS
added 2016/08/07 6:0 a.m.21 views

Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption...

7.1AI score
Exploits0References10
ICS
ICS
added 2015/03/28 6:0 a.m.21 views

Siemens Climatix BACnet/IP Communication Module Cross-site Scripting Vulnerability

OVERVIEW Siemens has identified a cross-site scripting XSS vulnerability in its Climatix BACnet/IP communication module. This vulnerability was reported directly to Siemens by Juan Francisco Bolivar Hernandez. Siemens has produced a new firmware update to mitigate this vulnerability. This...

4.3CVSS6AI score0.02544EPSS
Exploits1References10
ICS
ICS
added 2014/08/28 6:0 a.m.21 views

MatrikonOPC for DNP Unhandled C++ Exception

OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified an unhandled C++ exception in the MatrikonOPC DNP3 application. MatrikonOPC has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...

5CVSS6.3AI score0.01343EPSS
Exploits0References10
ICS
ICS
added 2013/04/30 12:0 p.m.21 views

Ecava IntegraXor XSS

Overview ICS-CERT received a report from an anonymous security reseacher concerning several cross site scripting XSS vulnerabilities in the Ecava IntegraXor SCADA product. ICS-CERT has worked with the reseacher and Ecava to validate these vulnerabilities. Ecava has developed a patch release of...

6.1AI score
Exploits0References21
ICS
ICS
added 2026/06/25 6:0 a.m.20 views

OHIF Viewers DICOM

ADVISORY SUMMARY Successful exploitation of this vulnerability in a custom integration version could allow an attacker to steal an authenticated clinician's token via a crafted link. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

8.3CVSS6AI score0.00232EPSS
Exploits0References13
ICS
ICS
added 2026/06/09 7:0 a.m.20 views

Schneider Electric PowerLogic P7

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.3AI score
Exploits0References11
ICS
ICS
added 2026/05/28 6:0 a.m.20 views

KMW CCTV Security Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

9.1CVSS5.8AI score0.00624EPSS
Exploits0References13
ICS
ICS
added 2026/02/26 7:0 a.m.20 views

Johnson Controls, Inc. Frick Controls Quantum HD

RISK EVALUATION Successful exploitation of these vulnerabilities can lead to pre-authentication remote code execution, information leak or denial of service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

9.8CVSS6.5AI score0.01506EPSS
Exploits0References11
ICS
ICS
added 2025/08/14 6:0 a.m.20 views

Rockwell Automation Studio 5000 Logix Designer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the device or execute malicious code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.3CVSS7.7AI score0.00115EPSS
Exploits0References10
ICS
ICS
added 2025/08/05 6:0 a.m.20 views

Tigo Energy Cloud Connect Advanced (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to gain unauthorized administrative access using hard-coded credentials, escalate privileges to take full control of the device, modify system settings, disrupt solar energy production, interfere with safety...

10AI score
Exploits0References10
ICS
ICS
added 2025/03/25 1:30 p.m.20 views

Hitachi Energy TRMTracker

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the TRMTracker product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality and integrity impacts. Please refer to the Recommended Immediate Actions for...

7.9AI score
Exploits0References9
ICS
ICS
added 2025/03/25 6:0 a.m.20 views

Inaba Denki Sangyo CHOCO TEI WATCHER mini

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain the product's login password, gain unauthorized access, tamper with product's data, and/or modify product settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

7.5CVSS8AI score0.00787EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.20 views

Siemens SIMATIC S7-1500 TM MFP

SUMMARY Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...

7.4AI score
Exploits0References10
ICS
ICS
added 2025/01/14 7:0 a.m.20 views

Schneider Electric EcoStruxure (Update D)

RISK EVALUATION Successful exploitation of this vulnerability allows for local privilege escalation, which could lead to the execution of a malicious DLL. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.5CVSS7.2AI score0.00419EPSS
Exploits0References12
ICS
ICS
added 2024/12/10 7:0 a.m.20 views

National Instruments LabVIEW

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.4AI score
Exploits0References10
ICS
ICS
added 2024/12/05 7:0 a.m.20 views

AutomationDirect C-More EA9 Programming Software

RISK EVALUATION Successful exploitation of these vulnerabilities could result in memory corruption; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

7.8CVSS8.7AI score0.00307EPSS
Exploits0References10
ICS
ICS
added 2024/10/17 6:0 a.m.20 views

LCDS LAquis SCADA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment : LAquis SCADA Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability...

7CVSS6.8AI score0.00624EPSS
Exploits0References10
ICS
ICS
added 2024/10/08 12:0 a.m.20 views

Siemens Sentron Powercenter 1000

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS6.6AI score0.00351EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.20 views

Siemens SIMATIC SCADA and PCS 7 Systems

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.4CVSS8.1AI score0.0061EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.20 views

Siemens User Management Component (UMC)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS8.4AI score0.01064EPSS
Exploits0References10
ICS
ICS
added 2024/07/16 6:0 a.m.20 views

Rockwell Automation Pavilion 8

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion 8 Vulnerability : Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

8.8CVSS6.8AI score0.00488EPSS
Exploits0References10
ICS
ICS
added 2024/07/09 12:0 a.m.20 views

Siemens Mendix Encryption Module

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.7CVSS7.7AI score0.00244EPSS
Exploits0References12
ICS
ICS
added 2024/07/02 6:0 a.m.20 views

Johnson Controls Kantech Door Controllers

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION : Exploitable via adjacent network Vendor : Johnson Controls, Inc. Equipment : Kantech KT1, KT2, KT400 Door Controllers Vulnerability : Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of...

3.1CVSS4.4AI score0.00222EPSS
Exploits0References10
ICS
ICS
added 2024/06/11 6:0 a.m.20 views

Intrado 911 Emergency Gateway

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Intrado Equipment : 911 Emergency Gateway EGW Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious...

10CVSS9.8AI score0.0054EPSS
Exploits0References10
ICS
ICS
added 2023/11/07 7:0 a.m.20 views

GE MiCOM S1 Agile

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low attack complexity Vendor : General Electric Equipment : MiCOM S1 Agile Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload malicious files and...

7.3CVSS6.4AI score0.00255EPSS
Exploits0References10
ICS
ICS
added 2023/09/21 6:0 a.m.20 views

Real Time Automation 460 Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Real Time Automation Equipment : 460MCBS Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

9.4CVSS8AI score0.0034EPSS
Exploits0References10
ICS
ICS
added 2023/06/29 6:0 a.m.20 views

Medtronic Paceart Optima System

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Medtronic Equipment: Paceart Optima System Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution or a...

9.8CVSS9.3AI score0.28287EPSS
Exploits0References8
ICS
ICS
added 2023/04/11 12:0 a.m.20 views

Siemens TIA Portal

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.7AI score0.00249EPSS
Exploits0References10
ICS
ICS
added 2022/10/26 12:0 p.m.20 views

#StopRansomware: Daixin Team

Summary Actions to take today to mitigate cyber threats from ransomware: Install updates for operating systems, software, and firmware as soon as they are released. Require phishing-resistant MFA for as many services as possible. Train users to recognize and report phishing attempts. Note: This...

9.6AI score
Exploits0References61
ICS
ICS
added 2018/08/23 12:0 p.m.20 views

7-Technologies IGSS Denial of Service (Update A)

Overview ICS-CERT has become aware of multiple denial-of-service DoS vulnerabilities in the 7-Technologies 7T Interactive Graphical SCADA System IGSS supervisory control and data acquisition SCADA human-machine interface HMI application. All vulnerabilities are remotely exploitable. 7T has...

7.7AI score
Exploits0References21
ICS
ICS
added 2011/12/24 7:0 a.m.20 views

Ecava IntegraXor SQL

Overview ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research VSR of an unauthenticated Structured Query Language SQL vulnerability in the Ecava IntegraXor human machine interface HMI product that could allow data leakage, data...

7.5CVSS9.2AI score0.01734EPSS
Exploits0References10
ICS
ICS
added 2026/05/19 4:0 a.m.19 views

ZKTeco CCTV Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.1CVSS5.8AI score0.00507EPSS
Exploits0References11
ICS
ICS
added 2026/04/14 7:0 a.m.19 views

Schneider Electric PowerChute Serial Shutdown

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.3AI score
Exploits0References11
ICS
ICS
added 2026/02/05 7:0 a.m.19 views

Ilevia EVE X1 Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary shell commands and the disclosure of sensitive system information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.7CVSS6.2AI score0.00793EPSS
Exploits1References13
ICS
ICS
added 2025/08/14 6:0 a.m.19 views

Rockwell Automation FactoryTalk Action Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow a local unauthenticated attacker to listen to communications and manipulate the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

8.5CVSS7.2AI score0.0015EPSS
Exploits0References10
ICS
ICS
added 2025/05/20 6:0 a.m.19 views

Assured Telematics Inc (ATI) Fleet Management System (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker collecting sensitive file system information or obtain administrative credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

8.7CVSS6.6AI score0.00386EPSS
Exploits0References10
ICS
ICS
added 2025/05/08 6:0 a.m.19 views

Horner Automation Cscape

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

8.4CVSS7.4AI score0.00244EPSS
Exploits0References10
ICS
ICS
added 2025/04/10 6:0 a.m.19 views

Subnet Solutions PowerSYSTEM Center

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as: Minimize network...

5.3CVSS7AI score0.00131EPSS
Exploits0References10
ICS
ICS
added 2025/02/12 7:44 p.m.19 views

Ivanti Connect Secure and Ivanti Policy Secure external file control vulnerability

RISK EVALUATION Ivanti Connect Secure and Ivanti Policy Secure contain a vulnerability that allows a remote, authenticated attacker to write arbitrary files. These vulnerabilities are addressed in Ivanti Connect Secure version 22.7R2.6 and Ivanti Policy Secure version 22.7R1.3. 2. RECOMMENDED...

9.1CVSS7.2AI score0.01259EPSS
Exploits0References1
ICS
ICS
added 2024/10/24 6:0 a.m.19 views

VIMESA VHF/FM Transmitter Blue Plus

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : VIMESA Equipment : VHF/FM Transmitter Blue Plus Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could...

6.9CVSS7.5AI score0.00377EPSS
Exploits1References10
ICS
ICS
added 2024/10/10 6:0 a.m.19 views

Rockwell Automation DataMosaix Private Cloud

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : DataMosaix Private Cloud Vulnerabilities : Inadequate Encryption Strength, Out-of-bounds Write, Improper Check for Dropped Privileges, Reliance on...

9.8CVSS9.1AI score0.09116EPSS
Exploits6References10
ICS
ICS
added 2024/10/08 12:0 a.m.19 views

Siemens SIMATIC S7-1500 CPUs

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6.9CVSS7.3AI score0.00542EPSS
Exploits0References10
ICS
ICS
added 2024/09/24 6:0 a.m.19 views

OMNTEC Proteus Tank Monitoring (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : OMNTEC Mfg., Inc. Equipment : Proteus Tank Monitoring Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability allow an...

9.8CVSS9.9AI score0.00586EPSS
Exploits0References10
ICS
ICS
added 2024/09/12 6:0 a.m.19 views

Rockwell Automation ThinManager

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: ThinManager Vulnerability: Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could...

8.8CVSS9.1AI score0.11228EPSS
Exploits0References10
ICS
ICS
added 2024/08/15 6:0 a.m.19 views

PTC Kepware ThingWorx Kepware Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION : Exploitable from adjacent network. Vendor : PTC Equipment : Kepware ThingWorx Kepware Server Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the...

5.9CVSS5.5AI score0.004EPSS
Exploits0References10
ICS
ICS
added 2024/08/01 6:0 a.m.19 views

Johnson Controls exacqVision Web Service

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Exploitable remotely Vendor : Johnson Controls, Inc. Equipment : exacqVision Web Service Vulnerability : Cross-Site Request Forgery CSRF 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform...

8.8CVSS8.2AI score0.00204EPSS
Exploits0References10
Total number of security vulnerabilities4251