Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2024/12/10 7:0 a.m.12 views

MOBATIME Network Master Clock - DTS 4801

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take control of the operating system for this product. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

9.8CVSS7.3AI score0.00432EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.12 views

Schneider Electric PowerChute Serial Shutdown

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.3CVSS6.8AI score0.00978EPSS
Exploits0References11
ICS
ICS
added 2024/12/03 7:0 a.m.12 views

Fuji Electric Monitouch V-SFT (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

8AI score
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.12 views

Siemens Mendix Runtime

SUMMARY The basic authentication mechanism of Mendix Runtime contains a race condition vulnerability which could allow unauthenticated remote attackers to circumvent default account lockout measures. Siemens has released new versions for several affected products and recommends to update to the...

6.9CVSS7.4AI score0.00268EPSS
Exploits0References10
ICS
ICS
added 2024/10/17 6:0 a.m.12 views

HMS Networks EWON FLEXY 202

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : HMS Networks Equipment : EWON FLEXY 202 Vulnerability : Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to sniff...

8.2CVSS7.3AI score0.00278EPSS
Exploits0References10
ICS
ICS
added 2024/09/12 6:0 a.m.12 views

AutomationDirect DirectLogic H2-DM1E

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable from an adjacent network/low attack complexity Vendor : AutomationDirect Equipment : DirectLogic H2-DM1E Vulnerabilities : Session Fixation, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of...

8.8CVSS9.1AI score0.00342EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.12 views

Siemens SIMATIC, SIPLUS, and TIM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.2CVSS6.1AI score0.00453EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.12 views

Siemens SINUMERIK Systems

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6.8CVSS6.7AI score0.00155EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.12 views

Siemens SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.3CVSS6.9AI score0.0014EPSS
Exploits0References10
ICS
ICS
added 2015/03/05 12:0 p.m.12 views

Network Time Protocol Vulnerabilities (Supplement)

OVERVIEW This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-353-01 Network Time Protocol Vulnerabilities that was published December 19, 2014, on the ICS‑CERT web site. Please refer to the original advisory for all the details of the vulnerabilities. The purpose o...

7.2AI score
Exploits0References25
ICS
ICS
added 2014/01/20 12:0 p.m.12 views

Mariposa Botnet

Overview ICS-CERT has received reports and investigated infections of the MariposaDefence Intelligence, http://defintel.com/docs/MariposaAnalysis.pdf, website last accessed March 15, 2010. botnet, which have affected the business networks of multiple control system owners in recent months. ICS-CE...

7.3AI score
Exploits0References17
ICS
ICS
added 2026/06/30 12:0 a.m.11 views

Siemens Mendix Studio Pro

SUMMARY Mendix Studio Pro versions before V11.12 are affected by a file parsing vulnerability that could be triggered when the application reads specially crafted malicious project during the build pipeline. This could allow an attacker to execute arbitrary code in the context of that user...

6.8CVSS6.4AI score0.00193EPSS
Exploits0References10
ICS
ICS
added 2026/06/18 12:0 a.m.11 views

Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service DoS condition in the affected product by continuously sending a large number of communication packets to the Ethernet port of the product in a short period of time,...

8.7CVSS5.7AI score0.00367EPSS
Exploits0References9
ICS
ICS
added 2026/06/11 12:30 a.m.11 views

Impact of Linux Kernel vulnerabilities on B&R products

SUMMARY B&R is aware of publicly reported vulnerabilities affecting the Linux kernel versions shipped with the products listed as affected in the advisory. Successful local exploitation of these vulnerabilities could allow an attacker to escalate privileges on the affected system. Public...

5.8AI score
Exploits0References11
ICS
ICS
added 2026/05/12 12:0 a.m.11 views

Siemens RUGGEDCOM APE1808 Devices

SUMMARY A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted...

6.6AI score
Exploits0References10
ICS
ICS
added 2026/05/07 12:0 a.m.11 views

CISA manage.get.gov incorrect portfolio administrator privileges

RISK EVALUATION manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. 2. RECOMMENDED PRACTICES Fixed in 1.176.0 on or around 2026-04-30. 3. DESCRIPTION...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References1
ICS
ICS
added 2026/04/23 6:0 a.m.11 views

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass authentication and have remote access to sensitive information on the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS5.8AI score0.00679EPSS
Exploits4References13
ICS
ICS
added 2026/04/21 6:0 a.m.11 views

Zero Motorcycles Firmware (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to pair via Bluetooth with a motorcycle, gaining unauthorized access to all Bluetooth functions, including changing the firmware. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

6.4CVSS5.7AI score0.00134EPSS
Exploits0References10
ICS
ICS
added 2026/04/16 6:0 a.m.11 views

Horner Automation Cscape and XL4, XL7 PLC

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...

9.3CVSS5.7AI score0.00449EPSS
Exploits0References11
ICS
ICS
added 2026/04/14 12:0 a.m.11 views

Siemens SCALANCE

SUMMARY SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities. Siemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly...

9.1CVSS7.3AI score0.01318EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.11 views

Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary

SUMMARY RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P and recommends to update to the latest version. 2...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References10
ICS
ICS
added 2026/04/02 1:54 p.m.11 views

Zscaler Client Connector hard-coded proxy configuration domain

RISK EVALUATION ZScaler Client Connector 4.7 and 4.8 on Microsoft Windows hard codes a domain used to retrieve proxy configuration information. An attacker with control of this domain could provide arbitrary proxy configurations and intercept, redirect or disrupt traffic. 2. RECOMMENDED...

5.4CVSS6AI score0.00178EPSS
Exploits0References1
ICS
ICS
added 2026/03/26 6:0 a.m.11 views

OC Messaging and Custom Messaging Gateway

RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated low-privileged user to gain access to SMS messages outside of their authorized tenant scope via a crafted company or tenant identifier parameter. 2. RECOMMENDED PRACTICES CISA recommends users take...

8.1CVSS5.8AI score0.00261EPSS
Exploits0References13
ICS
ICS
added 2026/03/19 2:47 p.m.11 views

OPEXUS eComplaint and eCase multiple vulnerabilities

RISK EVALUATION OPEXUS eComplaint and eCase contain multiple vulnerabilities. In the worst case, an unauthenticated attacker could take over any account with a known username. 2. RECOMMENDED PRACTICES Update to OPEXUS eCase and eComplaint 10.1.0.0. 3. DESCRIPTION OPEXUS eComplaint and eCASE...

9.8CVSS6AI score0.00307EPSS
Exploits0References1
ICS
ICS
added 2026/03/19 5:0 a.m.11 views

CTEK Chargeportal

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/03/03 7:0 a.m.11 views

Portwell Engineering Toolkits

RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to escalate privileges or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

9.3CVSS6AI score0.00159EPSS
Exploits1References13
ICS
ICS
added 2026/02/26 6:0 a.m.11 views

SWTCH EV swtchenergy.com (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to impersonate charging stations, hijack sessions, suppress or misroute legitimate traffic to cause large-scale denial of service, and manipulate data sent to the backend. 2. RECOMMENDED PRACTICES CISA...

5.8AI score
Exploits0References11
ICS
ICS
added 2026/02/24 12:30 a.m.11 views

ABB AC500 V3 Multiple Vulnerabilities

SUMMARY ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. An update is available that resolves these vulnerabilities. An attacker who successfully exploited these vulnerabilities could bypass the user management and read visualization files...

8.3CVSS6.1AI score0.00523EPSS
Exploits0References13
ICS
ICS
added 2026/02/24 12:0 a.m.11 views

Hitachi Energy RTU500 Product

SUMMARY Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. Successful exploitation of these vulnerabilities can result in the exposure of low-value user management information and device outage. Please refer to the Recommended Immediate...

6.1AI score
Exploits0References9
ICS
ICS
added 2026/02/19 7:0 a.m.11 views

Jinan USR IOT Technology Limited (PUSR) USR-W610

RISK EVALUATION Successful exploitation of these vulnerabilities could result in authentication being disabled, a denial-of-service condition, or an attacker stealing valid user credentials, including administrator credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

9.8CVSS6AI score0.0057EPSS
Exploits0References11
ICS
ICS
added 2026/02/18 12:30 a.m.11 views

ABB B&R Automation Studio

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces an outdated third-party component. Although no successful exploitation was observed during testing of the affected B&R products, the identified...

8.1CVSS6.6AI score0.09683EPSS
Exploits1References10
ICS
ICS
added 2026/01/29 7:0 a.m.11 views

Rockwell Automation ControlLogix

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

8.7CVSS5.8AI score0.00352EPSS
Exploits0References11
ICS
ICS
added 2026/01/29 12:30 a.m.11 views

ABB B&R PCs

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network attacker could exploit the vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS cache...

6.1AI score
Exploits0References10
ICS
ICS
added 2026/01/22 7:0 a.m.11 views

EVMAPA

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to degraded service, a denial-of-service, or unauthorized remote command execution, which could lead to spoofing or a manipulation of charging station statuses. 2. RECOMMENDED PRACTICES CISA recommends users take...

9.8CVSS5.6AI score0.00418EPSS
Exploits0References11
ICS
ICS
added 2026/01/22 7:0 a.m.11 views

Rockwell Automation CompactLogix 5370

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

7.1CVSS5.7AI score0.00159EPSS
Exploits0References13
ICS
ICS
added 2026/01/13 12:0 a.m.11 views

Siemens Industrial Edge Devices

SUMMARY Siemens Industrial Edge Devices contain an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Siemens has released new versions for several affected products and recommends to update...

10CVSS7.1AI score0.00601EPSS
Exploits0References10
ICS
ICS
added 2025/12/18 7:0 a.m.11 views

Rockwell Automation Micro820, Micro850, Micro870

RISK EVALUATION Successful exploitation of these vulnerabilities could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all control...

7.1CVSS6.6AI score0.00177EPSS
Exploits0References11
ICS
ICS
added 2025/12/04 7:0 a.m.11 views

Advantech iView

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify, or delete data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.7CVSS7AI score0.00387EPSS
Exploits0References13
ICS
ICS
added 2025/11/18 12:0 p.m.11 views

METZ CONNECT EWIO2

SUMMARY A critical authentication bypass in EWIO-2 allows unauthenticated attackers with network access to gain administrative control over the device. Once compromised, an attacker can change configurations, manipulate data, disrupt services, and potentially render the device non-functional. 2...

8.8AI score
Exploits0References14
ICS
ICS
added 2025/11/13 7:0 a.m.11 views

AVEVA Edge

RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to reverse engineer passwords through brute force. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.4CVSS6.3AI score0.00097EPSS
Exploits0References13
ICS
ICS
added 2025/10/21 6:0 a.m.11 views

Raisecomm RAX701-GC Series

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication and gain unauthenticated root shell access to the affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

9.3CVSS7.3AI score0.00809EPSS
Exploits3References13
ICS
ICS
added 2025/10/20 12:30 a.m.11 views

ABB Terra AC

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash...

6.8CVSS6.1AI score0.00264EPSS
Exploits0References12
ICS
ICS
added 2025/09/16 12:0 a.m.11 views

CISA Thorium multiple vulnerabilities

RISK EVALUATION CISA Thorium is a framework used for malware analysis. Multiple vulnerabilities were reported in Thorium. Impacts include denial of service, authenticated arbitrary file read, and failure to expire previously issued user tokens. 2. RECOMMENDED PRACTICES These issues were...

6.5CVSS7.3AI score0.00461EPSS
Exploits0References1
ICS
ICS
added 2025/08/26 9:22 a.m.11 views

Multiple Open-Source Software Vulnerabilities in Hitachi Energy Asset Suite Product

SUMMARY Hitachi Energy is aware of multiple reported vulnerabilities that affect the Asset Suite product versions mentioned in this document below. If exploited these vulnerabilities can potentially impact on confidentiality, integrity and availability of the product. Please refer to the...

7.4AI score
Exploits0References9
ICS
ICS
added 2025/08/14 6:0 a.m.11 views

Rockwell Automation ControlLogix Ethernet Modules

RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to perform memory dumps, modify memory, and control execution flow. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

9.3CVSS7.3AI score0.00872EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 6:0 a.m.11 views

AVEVA PI Integrator

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, or upload and execute files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

7.1CVSS7.5AI score0.00278EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 6:0 a.m.11 views

Santesoft Sante PACS Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create arbitrary files, cause a denial-of-service condition, obtain sensitive information, and steal a user's cookie information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

7AI score
Exploits0References10
ICS
ICS
added 2025/07/22 6:0 a.m.11 views

Lantronix Provisioning Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker perform a cross-site scripting attack, which could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

8.6CVSS7.7AI score0.01667EPSS
Exploits2References10
ICS
ICS
added 2025/07/21 12:30 a.m.11 views

ABB Busch-Welcome 2 Wire Door Opener Actuator

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could gain physical, unauthorized access to a Building where the product is installed 2. MITIGATING FACTORS ABB recommends double check...

8.6CVSS5.8AI score0.00192EPSS
Exploits0References11
ICS
ICS
added 2025/06/12 6:0 a.m.11 views

PTZOptics and Other Pan-Tilt-Zoom Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leak sensitive data, execute arbitrary commands, and access the admin web interface using hard-coded credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the...

9.1CVSS9.8AI score0.60879EPSS
Exploits1References10
Total number of security vulnerabilities4251