Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/01/23 7:0 a.m.17 views

mySCADA myPRO Manager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

9.8CVSS7.7AI score0.01232EPSS
Exploits0References10
ICS
ICS
added 2024/10/17 12:0 a.m.17 views

Mitsubishi Electric CNC Series (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Equipment : CNC Series Vulnerability : Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote...

5.9CVSS6.3AI score0.0054EPSS
Exploits0References9
ICS
ICS
added 2024/10/10 12:0 a.m.17 views

Siemens Siveillance Video Camera

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.3CVSS8AI score0.00219EPSS
Exploits0References10
ICS
ICS
added 2024/09/19 6:0 a.m.17 views

IDEC CORPORATION WindLDR and WindO/I-NV4

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : IDEC Corporation Equipment : WindLDR, WindO/I-NV4 Vulnerability : Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain...

8.1CVSS8.2AI score0.00447EPSS
Exploits0References10
ICS
ICS
added 2024/09/12 6:0 a.m.18 views

Rockwell Automation AADvance Trusted SIS Workstation

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: AADvance Trusted SIS Workstation Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker executing...

7.8CVSS8.3AI score0.7104EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 6:0 a.m.17 views

BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Low attack complexity/public exploits are available Vendor : BPL Medical Technologies Equipment : PWS-01-BT, Be Well Android App Vulnerability : Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of...

5.1CVSS7.1AI score0.00658EPSS
Exploits0References10
ICS
ICS
added 2024/08/22 6:0 a.m.17 views

Rockwell Automation 5015 - AENFTXT

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : 5015 - AENFTXT Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service...

8.7CVSS7.7AI score0.02123EPSS
Exploits0References10
ICS
ICS
added 2024/08/15 6:0 a.m.17 views

AVEVA Historian Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : Historian Server Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to get read and write...

8.5CVSS7.3AI score0.00423EPSS
Exploits0References10
ICS
ICS
added 2024/08/13 6:0 a.m.17 views

Rockwell Automation Micro850/870

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Micro850/870 Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may cause CIP/Modbus...

6.9CVSS6.6AI score0.00543EPSS
Exploits0References10
ICS
ICS
added 2024/08/01 6:0 a.m.17 views

Johnson Controls exacqVision Web Service

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION : Exploitable remotely Vendor : Johnson Controls, Inc. Equipment : exacqVision Web Service Vulnerability : Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

8.1CVSS7.4AI score0.00222EPSS
Exploits0References10
ICS
ICS
added 2024/08/01 6:0 a.m.17 views

Johnson Controls exacqVision client and exacqVision server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.0 ATTENTION : Exploitable remotely Vendor : Johnson Controls Inc. Equipment : exacqVision Client, exacqVision Server key Vulnerability : Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

9CVSS7.6AI score0.00438EPSS
Exploits0References10
ICS
ICS
added 2024/07/09 6:0 a.m.17 views

Mitsubishi Electric MELIPC Series MI5122-VW

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : MI5122-VW Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to tamper with, destroy, disclose,...

8.8CVSS8.9AI score0.00165EPSS
Exploits0References10
ICS
ICS
added 2024/07/09 12:0 a.m.17 views

Schneider Electric FoxRTU Station

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.8CVSS7.5AI score0.00281EPSS
Exploits0References11
ICS
ICS
added 2024/05/30 6:0 a.m.17 views

Baxter Welch Allyn Configuration Tool

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION : Exploitable remotely Vendor : Baxter Equipment : Welch Allyn Configuration Tool Vulnerability : Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the unintended exposure of...

9.4CVSS6.6AI score0.00477EPSS
Exploits0References10
ICS
ICS
added 2026/07/02 6:0 a.m.16 views

CubeSpace CW0057 Reaction Wheel

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious firmware to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network...

5.2CVSS5.9AI score0.00116EPSS
Exploits0References13
ICS
ICS
added 2026/06/25 6:0 a.m.16 views

H.VIEW HV-500S6 IP Camera

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code and upload malicious files to the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

6.4AI score
Exploits0References13
ICS
ICS
added 2026/06/18 6:0 a.m.16 views

Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

5.6AI score
Exploits0References11
ICS
ICS
added 2026/06/09 12:0 a.m.16 views

Siemens SINEC INS

SUMMARY SINEC INS before V1.0 SP2 Update 6 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC INS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network access to...

6.3AI score
Exploits0References10
ICS
ICS
added 2026/05/12 7:0 a.m.16 views

Schneider Electric EcoStruxure Panel Server

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

8.2CVSS5.6AI score0.00291EPSS
Exploits0References11
ICS
ICS
added 2026/05/12 12:0 a.m.16 views

Siemens SIMATIC S7 PLC Web Server

SUMMARY SIMATIC S7 PLCs contain multiple vulnerabilities in the web server that could allow an attacker to perform cross-site scripting attacks. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix...

5.8AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.16 views

Siemens SENTRON 7KT PAC1261 Data Manager

SUMMARY The web server in SENTRON 7KT PAC1261 Data Manager Before V2.1.0 contains a request smuggling vulnerability in the Go Project's net/http package that could allow an attacker to retrieve authorization tokens that can be used to gain administrative control over the device. Siemens has...

9.1CVSS6.7AI score0.00778EPSS
Exploits0References10
ICS
ICS
added 2026/03/10 6:0 a.m.16 views

Apeman Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take control of the device or view camera feeds. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

10CVSS4.2AI score0.006EPSS
Exploits0References13
ICS
ICS
added 2025/08/14 6:0 a.m.16 views

Rockwell Automation FactoryTalk Viewpoint

RISK EVALUATION Successful exploitation of this vulnerability could result in full privilege escalation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

8.5CVSS7.4AI score0.00129EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.16 views

Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER

SUMMARY SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER are affected by an XXE injection vulnerability that could allow an attacker to access arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions...

6.8CVSS7.6AI score0.00172EPSS
Exploits0References10
ICS
ICS
added 2025/04/24 6:0 a.m.16 views

Nice Linear eMerge E3

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary OS commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper...

9.8CVSS8.4AI score0.53472EPSS
Exploits3References10
ICS
ICS
added 2025/04/08 12:0 a.m.16 views

Siemens SENTRON 7KT PAC1260 Data Manager

SUMMARY SENTRON 7KT PAC1260 Data Manager is affected by multiple vulnerabilities as listed below. Software fixes can no longer be provided for The SENTRON 7KT PAC1260 Data Manager. This advisory documents the known open vulnerabilities. To fix the vulnerabilities, Siemens recommends to replace...

8.7AI score
Exploits0References10
ICS
ICS
added 2025/03/18 6:0 a.m.16 views

Rockwell Automation Lifecycle Services with VMware

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with local administrative privileges to execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.9AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.16 views

Siemens SINEMA Remote Connect Client

SUMMARY SINEMA Remote Connect Client before V3.2 SP3 is affected by multiple vulnerabilities. Siemens has released a new version for SINEMA Remote Connect Client and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

9.4AI score
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.16 views

Siemens SCALANCE W700 IEEE 802.11ax

SUMMARY SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

5.3CVSS9.6AI score0.02577EPSS
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.16 views

Siemens SIMATIC CP

SUMMARY SIMATIC CP 1543-1 devices contain an Incorrect Authorization vulnerability that could allow an unauthenticated attacker to gain access to the filesystem. Siemens has released a new version for SIMATIC CP 1543-1 V4.0 and recommends to update to the latest version. 2. GENERAL...

8.7CVSS7.3AI score0.00471EPSS
Exploits0References10
ICS
ICS
added 2024/10/17 6:0 a.m.16 views

Kieback&Peter DDC4000 Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Kieback&Peter Equipment : DDC4000 Series Vulnerabilities : Path Traversal, Insufficiently Protected Credentials, Use of Weak Credentials 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS8.3AI score0.00639EPSS
Exploits0References10
ICS
ICS
added 2024/10/08 12:0 a.m.16 views

Siemens SENTRON PAC3200 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS7.2AI score0.00527EPSS
Exploits0References10
ICS
ICS
added 2024/09/26 6:0 a.m.16 views

goTenna Pro ATAK Plugin (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : Low attack complexity Vendor : goTenna Equipment : Pro ATAK Plugin Vulnerabilities : Weak Password Requirements, Insecure Storage of Sensitive Information, Missing Support for Integrity Check, Cleartext Transmission of Sensitive Information,...

7.1CVSS5.8AI score0.00148EPSS
Exploits0References10
ICS
ICS
added 2024/09/19 6:0 a.m.16 views

Rockwell Automation RSLogix 5 and RSLogix 500

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable locally/high attack complexity Vendor : Rockwell Automation Equipment : RSLogix 5 and RSLogix 500 Vulnerability : Insufficient verification of data authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability...

8.8CVSS7.7AI score0.00185EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 6:0 a.m.16 views

Rockwell Automation SequenceManager

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : SequenceManager Vulnerabilities : Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a...

8.7CVSS7.2AI score0.00631EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 6:0 a.m.16 views

iniNet Solutions SpiderControl SCADA Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : iniNet Solutions GmbH Equipment : SpiderControl SCADA Web Server Vulnerabilities : Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of this...

8.7CVSS7.9AI score0.1308EPSS
Exploits1References10
ICS
ICS
added 2024/09/10 12:0 a.m.17 views

Siemens SINEMA Remote Connect Server

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.3CVSS4.9AI score0.00339EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.16 views

Siemens Third-Party Component in SICAM and SITIPE Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.2CVSS7AI score0.00444EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.16 views

Schneider Electric EcoStruxure

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

5.4CVSS6.6AI score0.00287EPSS
Exploits0References11
ICS
ICS
added 2024/08/22 10:0 a.m.16 views

Authenticated Remote Code Execution affects Mobotix P3 and Mx6 cameras

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : MOBOTIX Equipment : P3 Cameras, Mx6 Cameras Vulnerability : Improper Neutralization of Expression/Command Delimiters 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

8.7CVSS8AI score0.00387EPSS
Exploits0References10
ICS
ICS
added 2024/07/09 12:0 a.m.16 views

Siemens SIPROTEC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.2CVSS5.8AI score0.00205EPSS
Exploits0References10
ICS
ICS
added 2024/06/11 12:30 p.m.16 views

Hitachi Energy UNEM

SUMMARY Hitachi Energy is aware of multiple internal reported vulnerabilities that affects the UNEM versions listed below. Please refer to the “Recommended Immediate Actions” for information about the remediation. 2. GENERAL MITIGATION FACTORS/WORKAROUNDS Recommended security practices and...

10AI score
Exploits0References9
ICS
ICS
added 2024/06/11 12:30 p.m.16 views

Hitachi Energy FOXMAN-UN

SUMMARY Hitachi Energy is aware of multiple internal reported vulnerabilities that affects the FOXMAN-UN versions listed below. Please refer to the “Recommended Immediate Actions” for information about the remediation. 2. GENERAL MITIGATION FACTORS/WORKAROUNDS Recommended security practices and...

10AI score
Exploits0References9
ICS
ICS
added 2023/03/06 7:52 p.m.16 views

Hitachi Energy Gateway Station

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Vulnerabilities: Improper Input Validation, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause part of...

7.5CVSS7.4AI score0.00672EPSS
Exploits0References4
ICS
ICS
added 2022/08/11 12:0 p.m.16 views

#StopRansomware: Zeppelin Ransomware

Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory CSA is part of an...

10AI score
Exploits0References44
ICS
ICS
added 2019/05/03 12:0 p.m.16 views

New Exploits for Unsecure SAP Systems

Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. 1 Technical Details A presentation at the April 2019 Operation for Community Development and Empowerme...

9.8AI score
Exploits0References29
ICS
ICS
added 2026/07/07 6:0 a.m.15 views

Labcenter Proteus 9

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could disclose information and allow a malicious user to execute arbitrary code on affected installations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

6.7AI score
Exploits0References13
ICS
ICS
added 2026/06/04 6:0 a.m.15 views

NAVTOR NavBox

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a local attacker to gain unauthorized access to SOAP methods, resulting in a disruption of operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

6.3CVSS5.3AI score0.00122EPSS
Exploits0References13
ICS
ICS
added 2026/06/01 7:57 p.m.15 views

DeepAI.org CSRF

RISK EVALUATION The DeepAI.org endpoint https://api.deepai.org/changeuseremail accepts POST requests without any CSRF protection. If a logged-in user is tricked into visiting a malicious HTML page, an attacker can change the user's email address to their own and take over the account via...

5CVSS5.8AI score0.00107EPSS
Exploits0References1
ICS
ICS
added 2026/05/19 1:27 p.m.15 views

Technitium DNS Amplification

RISK EVALUATION Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. 2. RECOMMENDED PRACTICES Fixed in version 15.0. 3. DESCRIPTION Technitium...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References1
Total number of security vulnerabilities4251