Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/11/20 6:0 a.m.15 views

ICAM365 CCTV Camera Multiple Models

RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized exposure of camera video streams and camera configuration data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

7CVSS6.7AI score0.00158EPSS
Exploits0References11
ICS
ICS
added 2025/10/16 6:0 a.m.15 views

Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to access to the device's file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

9.1CVSS6.9AI score0.00567EPSS
Exploits0References10
ICS
ICS
added 2025/10/07 12:30 a.m.15 views

ABB EIBPORT

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. A firmware update is available that resolves these privately reported vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited these...

8.5CVSS5.8AI score0.00302EPSS
Exploits0References15
ICS
ICS
added 2025/09/16 12:30 a.m.15 views

ABB Terra AC Wallbox

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash...

5.8AI score
Exploits0References12
ICS
ICS
added 2025/05/28 8:57 p.m.15 views

Craft CMS stores user-provided content session files

RISK EVALUATION Craft CMS stores user-provided content in session files. A remote, unauthenticated attacker can introduce arbitrary content, including PHP code, into session files with known names and locations. If an attacker can access these files, possibly through another vulnerability such...

10CVSS7.4AI score0.99803EPSS
Exploits14References1
ICS
ICS
added 2025/05/13 12:0 a.m.15 views

Siemens OZW Web Servers

SUMMARY OZW672 and OZW772 Web Server versions contain vulnerabilities that could allow an attacker to execute arbitrary code on the device with root privileges in versions before V8.0 or to authenticate as Administrator user in versions before V6.0. Siemens has released new versions for the...

8.8AI score
Exploits0References10
ICS
ICS
added 2025/03/26 12:30 a.m.15 views

ABB ACS880 Drives Containing CODESYS RTS

SUMMARY Multiple vulnerabilities regarding the CODESYS Runtime System from CODESYS Group have been publicly reported. CODESYS Runtime System is utilized in the firmware of ABB ACS880 drives to provide IEC 61131-3 programming capabilities. These vulnerabilities could lead to out-of-bound memory...

7.4AI score
Exploits0References16
ICS
ICS
added 2025/03/26 12:30 a.m.15 views

ABB Low Voltage DC Drives and Power Controllers CODESYS RTS

SUMMARY CODESYS group published several vulnerabilities regarding the CODESYS Runtime System, which is included in the firmware of ABB LV DC drives and power controllers. It is used to implement a selection of features and to provide IEC 611131-3 programming capabilities. These vulnerabilities...

7.6AI score
Exploits0References11
ICS
ICS
added 2025/02/11 5:0 a.m.15 views

Schneider Electric Uni-Telway Driver (Update D)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.8CVSS5.6AI score0.00149EPSS
Exploits0References11
ICS
ICS
added 2025/02/04 7:0 a.m.15 views

Rockwell Automation GuardLogix 5380 and 5580 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote, non-privileged user to send malicious requests resulting in a major nonrecoverable fault causing a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

7.1CVSS6.9AI score0.00451EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 7:0 a.m.15 views

Rockwell Automation Arena (Update C)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all control...

6.5AI score
Exploits0References13
ICS
ICS
added 2024/12/03 7:0 a.m.15 views

Open Automation Software

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker executing code with escalated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to...

8.5CVSS6.9AI score0.00152EPSS
Exploits0References10
ICS
ICS
added 2024/10/10 6:0 a.m.15 views

Rockwell Automation DataMosaix Private Cloud

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : DataMosaix Private Cloud Vulnerabilities : Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization, Incorrect Authorization 2. RISK...

7.8AI score
Exploits0References10
ICS
ICS
added 2024/10/08 12:0 a.m.15 views

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6CVSS6.7AI score0.00221EPSS
Exploits0References10
ICS
ICS
added 2024/09/26 6:0 a.m.15 views

goTenna Pro ATAK Plugin (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : Low attack complexity Vendor : goTenna Equipment : Pro ATAK Plugin Vulnerabilities : Weak Password Requirements, Insecure Storage of Sensitive Information, Missing Support for Integrity Check, Cleartext Transmission of Sensitive Information,...

7.1CVSS5.8AI score0.00148EPSS
Exploits0References10
ICS
ICS
added 2024/09/12 6:0 a.m.16 views

Rockwell Automation OptixPanel

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION : Exploitable remotely Vendor : Rockwell Automation Equipment : OptixPanel Vulnerability : Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability may allow users to exfiltrate credentials and escalate...

8.8CVSS9.2AI score0.01284EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 6:0 a.m.15 views

Rockwell Automation SequenceManager

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : SequenceManager Vulnerabilities : Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a...

8.7CVSS7.2AI score0.00631EPSS
Exploits0References10
ICS
ICS
added 2024/08/13 6:0 a.m.15 views

Rockwell Automation GuardLogix/ControlLogix 5580 Controller

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix 5580, GuardLogix 5580 Vulnerability : Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this...

8.7CVSS6.6AI score0.00577EPSS
Exploits0References10
ICS
ICS
added 2024/08/13 12:0 a.m.15 views

Siemens LOGO! V8.3 BM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.1CVSS4.9AI score0.00213EPSS
Exploits0References10
ICS
ICS
added 2024/07/23 6:0 a.m.15 views

National Instruments IO Trace

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : National Instruments Equipment : IO Trace Vulnerability : Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code. 3...

7.8CVSS8.1AI score0.00306EPSS
Exploits0References10
ICS
ICS
added 2024/07/09 6:0 a.m.15 views

Johnson Controls Inc. Software House C●CURE 9000

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Johnson Controls, Inc. Equipment : Software House C●CURE 9000 Vulnerability : Use of Weak Credentials 2. RISK EVALUATION Successful exploitations of this vulnerability could allow an...

7.7CVSS6.9AI score0.00419EPSS
Exploits0References10
ICS
ICS
added 2023/05/25 12:0 p.m.15 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 25, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-145-01 Moxa MXsecurity Series CISA encourages users and administrators to review the newly...

6.7AI score
Exploits0References19
ICS
ICS
added 2023/03/06 7:52 p.m.15 views

Hitachi Energy Gateway Station

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Vulnerabilities: Improper Input Validation, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause part of...

7.5CVSS7.4AI score0.00672EPSS
Exploits0References4
ICS
ICS
added 2026/07/02 5:0 a.m.14 views

Gardyn IoT Hub

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control IoT Hub managed devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize...

6AI score
Exploits0References11
ICS
ICS
added 2026/06/18 6:0 a.m.14 views

AVer PTC cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system devices and/or...

9.8CVSS6.2AI score0.00616EPSS
Exploits0References13
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens SIMATIC

SUMMARY SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general...

6.7AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens Siemens ROS#

SUMMARY ROS contains a ROS service fileserver, that before version 2.2.2 contains a path traversal vulnerability which could allow an attacker to access, i.e. read and write, arbitrary files, which are accessible with the user rights of the user that runs the service, on the system that hosts...

9.3CVSS7.4AI score0.00487EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens Opcenter RDnL

SUMMARY Opcenter RDnL is affected by missing authentication in critical function in ‘ActiveMQ Artemis’. An unauthenticated attacker within the adjacent network could use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox contains an improper access control vulnerability that could allow an authenticated remote attacker to read arbitrary files with root privileges from the underlying operating system's filesystem. Siemens has released new versions for the affected products and recommends to...

6.8CVSS7.4AI score0.00286EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox contains an input validation vulnerability in the feature key installation process that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected...

7.7CVSS8AI score0.00442EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens Solid Edge

SUMMARY Solid Edge SE2026 before Update 5 is affected by two file parsing vulnerabilities that could be triggered when the application reads specially crafted files in PAR format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a new version...

6.2AI score
Exploits0References10
ICS
ICS
added 2026/05/07 6:0 a.m.14 views

MAXHUB Pivot client application

ADVISORY SUMMARY Successful exploitation of this vulnerability may enable an attacker to access tenant email addresses and associated information in cleartext or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.3CVSS5.8AI score0.00159EPSS
Exploits0References11
ICS
ICS
added 2026/04/07 12:0 a.m.14 views

Mitsubishi Electric GENESIS64 and ICONICS Suite products

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local attacker to disclose SQL Server credentials used by the affected products and use them to disclose, tamper with, or destroy data, or to cause a denial-of-service DoS condition on the system. 2. RECOMMENDED...

5.9AI score
Exploits0References10
ICS
ICS
added 2026/03/24 6:0 a.m.14 views

Grassroots DICOM (GDCM)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted file, and when parsed, could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

8.7CVSS5.7AI score0.00358EPSS
Exploits0References13
ICS
ICS
added 2026/03/03 12:0 a.m.14 views

Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet module

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition by continuously sending UDP packets to the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.7CVSS6AI score0.00426EPSS
Exploits0References9
ICS
ICS
added 2026/02/24 12:30 a.m.14 views

ABB Automation Builder Gateway for Windows

SUMMARY ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. The Windows gateway is accessible remotely by default. Unauthenticated attackers can therefore search for PLCs, but the user management of the PLCs prevents the actual access to the PLCs...

5.3CVSS5.8AI score0.00417EPSS
Exploits0References11
ICS
ICS
added 2026/02/19 7:0 a.m.14 views

Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller

RISK EVALUATION Successful exploitation of this vulnerability could result in an over- or under-odorization event. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.2CVSS5.8AI score0.00449EPSS
Exploits0References11
ICS
ICS
added 2025/12/09 12:0 a.m.14 views

Siemens COMOS

SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...

6.2AI score
Exploits0References10
ICS
ICS
added 2025/10/30 5:0 a.m.14 views

International Standards Organization ISO 15118-2 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in man-in-the-middle attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

6.3CVSS5.7AI score0.00234EPSS
Exploits0References11
ICS
ICS
added 2025/10/23 6:0 a.m.14 views

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA...

7.8CVSS6.9AI score0.00195EPSS
Exploits0References10
ICS
ICS
added 2025/10/21 6:0 a.m.14 views

Rockwell Automation Compact GuardLogix 5370

RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...

8.7CVSS6.5AI score0.00383EPSS
Exploits0References11
ICS
ICS
added 2025/07/10 6:0 a.m.14 views

Advantech iView

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, achieve remote code execution, or cause service disruptions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

6.1CVSS8.4AI score0.00194EPSS
Exploits0References10
ICS
ICS
added 2025/05/22 6:0 a.m.14 views

Rockwell Automation FactoryTalk Historian ThingWorx

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to launch XXE-based attacks on applications that accept malicious log4net configuration files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS6.8AI score0.17823EPSS
Exploits0References10
ICS
ICS
added 2025/05/22 6:0 a.m.14 views

Lantronix Device Installer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to the host machine running the Device Installer software. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability such...

6.9CVSS7.2AI score0.00201EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.14 views

Siemens RUGGEDCOM APE1808 Devices

SUMMARY Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications. 2. GENERAL...

7.2AI score
Exploits0References10
ICS
ICS
added 2025/04/29 12:30 p.m.14 views

Hitachi Energy Asset Suite

SUMMARY Hitachi Energy is aware multiple vulnerabilities that affects the Asset Suite product versions listed below. If these vulnerabilities are successfully exploited by an attacker, it could have an impact on the confidentiality, integrity, or availability of the product. Please refer to the...

8.6AI score
Exploits0References9
ICS
ICS
added 2025/04/16 12:30 a.m.14 views

ABB CoreSense HM and CoreSense M10

SUMMARY An update is available that resolves vulnerability in the product versions listed as affected in this advisory. A path traversal vulnerability in these products can allow unauthenticated users to gain access to restricted directories. Exploiting this vulnerability can lead to complete...

8.2CVSS5.8AI score0.00175EPSS
Exploits0References10
ICS
ICS
added 2025/04/15 6:0 a.m.14 views

Lantronix XPort (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker unauthorized access to the configuration interface and cause disruption to monitoring and operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

9.8CVSS9.8AI score0.00456EPSS
Exploits0References10
ICS
ICS
added 2025/04/15 6:0 a.m.14 views

Mitsubishi Electric Europe B.V. smartRTU

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to disclose, tamper with, destroy or delete information in the product, or cause a denial-of service condition on the product. 2. RECOMMENDED PRACTICES CISA recommends users take...

8.7CVSS8.1AI score0.00511EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.14 views

Siemens Insights Hub Private Cloud

SUMMARY Insights Hub Private Cloud is affected by multiple vulnerabilities in Ingress NGINX Controller for Kubernetes. These vulnerabilities could lead to arbitrary code execution in the context of the ingress-nginx controller, or disclosure of Secrets accessible to the controller, or denial of...

8.7AI score
Exploits0References10
Total number of security vulnerabilities4251