Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/05/08 6:0 a.m.11 views

Pixmeo OsiriX MD

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption, resulting in a denial-of-service condition or to steal credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

7.2AI score
Exploits0References10
ICS
ICS
added 2025/05/06 6:0 a.m.11 views

BrightSign Players (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation on the device, easily guessed passwords, or for arbitrary code to be executed on the underlying operating system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

6.2AI score
Exploits0References11
ICS
ICS
added 2025/04/29 6:0 a.m.11 views

Rockwell Automation ThinManager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges and cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

8.5CVSS7.7AI score0.0158EPSS
Exploits0References10
ICS
ICS
added 2025/04/24 6:0 a.m.11 views

Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool

RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

9.3CVSS8.3AI score0.00476EPSS
Exploits0References10
ICS
ICS
added 2025/04/15 6:0 a.m.11 views

Growatt Cloud Applications

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to compromise confidentiality, achieve cross-site scripting, or code execution on affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

7AI score
Exploits0References10
ICS
ICS
added 2025/04/15 6:0 a.m.11 views

National Instruments LabVIEW

RISK EVALUATION Successful exploitation of these vulnerabilities lead to the execution of arbitrary code on affected installations of LabVIEW, which could result in invalid memory writes. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

7.8AI score
Exploits0References10
ICS
ICS
added 2025/03/25 6:0 a.m.11 views

Rockwell Automation 440G TLS-Z

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take over the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

7CVSS7.4AI score0.00342EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.11 views

Siemens Tecnomatix Plant Simulation

SUMMARY Siemens Tecnomatix Plant Simulation do not properly limit the access of the simulation model to the filesystem. This could allow an unauthorized attacker to read or delete arbitrary files or the entire filesystem of the device. Siemens has released new versions for the affected products...

6.6AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.11 views

Siemens SIMATIC IPC Family, ITP1000, and Field PGs

SUMMARY Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations. Siemens has released new versions of BIOS for several affected products and...

6.5AI score
Exploits0References10
ICS
ICS
added 2025/03/04 7:0 a.m.11 views

Delta Electronics CNCSoft-G2

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code remotely. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

8.4CVSS7.1AI score0.00266EPSS
Exploits0References10
ICS
ICS
added 2025/02/20 7:0 a.m.11 views

Rapid Response Monitoring My Security Account App

RISK EVALUATION Successful exploitation of this vulnerability could allow attacker to access sensitive information of other users. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

8.7CVSS7.6AI score0.0033EPSS
Exploits0References10
ICS
ICS
added 2025/02/13 7:0 a.m.11 views

ORing IAP-420

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to invoke commands to compromise the device via the management interface. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these...

8.3CVSS7.2AI score0.13165EPSS
Exploits3References10
ICS
ICS
added 2025/02/11 12:0 a.m.11 views

Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor

SUMMARY SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor contain a weak registry permission vulnerability that could allow an authenticated attacker to perform privilege escalation or bypass security measures. Siemens recommends specific countermeasures for products where fixes are not, or not...

7.3CVSS7.2AI score0.00146EPSS
Exploits0References10
ICS
ICS
added 2025/02/06 7:0 a.m.11 views

MicroDicom DICOM Viewer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to alter network traffic and perform a machine-in-the-middle MITM attack. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

5.7CVSS6.9AI score0.00106EPSS
Exploits0References10
ICS
ICS
added 2024/12/03 7:0 a.m.11 views

Fuji Electric Monitouch V-SFT (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

8AI score
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.11 views

Rockwell Automation Verve Reporting (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could lead to arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

9.1CVSS8.1AI score0.01648EPSS
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.11 views

Baxter Life2000 Ventilation System

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to information disclosure and/or disruption of the device's function without detection. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying...

7.5AI score
Exploits0References10
ICS
ICS
added 2024/11/12 7:0 a.m.11 views

Rockwell Automation FactoryTalk View ME

RISK EVALUATION Successful exploitation of this vulnerability could allow a local low-privileged user to escalate their privileges by changing the macro to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

7.8CVSS8.1AI score0.00226EPSS
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.11 views

Schneider Electric Modicon M340, MC80, and Momentum Unity M1E & EcoStruxure (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.7CVSS7.2AI score0.00483EPSS
Exploits0References11
ICS
ICS
added 2024/10/08 12:0 a.m.11 views

Siemens Simcenter Nastran

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.9AI score0.00242EPSS
Exploits0References10
ICS
ICS
added 2024/09/23 12:0 a.m.11 views

Planet Fitness Workouts mobile apps do not properly validate TLS certificates

RISK EVALUATION The Planet Fitness Workouts iOS and Android mobile apps are vulnerable to network attacks due to improper TLS certificate validation, allowing an attacker to obtain session tokens and sensitive information. This issue was fixed in version 9.8.12. 2. RECOMMENDED PRACTICES Upgrade...

8.8CVSS6.2AI score0.00403EPSS
Exploits1References1
ICS
ICS
added 2024/08/27 12:30 p.m.11 views

Hitachi Energy MicroSCADA Pro/X SYS600 (Update A)

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the MicroSCADA Pro/X SYS600 product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability impacts. Please refer to the...

7.2AI score
Exploits0References9
ICS
ICS
added 2024/08/13 12:0 a.m.11 views

Schneider Electric Accutech Manager

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.5CVSS6.7AI score0.00484EPSS
Exploits0References11
ICS
ICS
added 2024/02/27 12:0 p.m.11 views

Festo Didactic SE MES PC

GENERAL RECOMMENDATION Festo Didactic offers products with security functions that aid the safe operation of plants, systems, machines and networks. In order to protect plants, systems, machines and networks from cyber threats, a comprehensive security concept must be implemented and...

7.9AI score
Exploits0References12
ICS
ICS
added 2023/11/28 7:0 a.m.11 views

FESTO Automation Suite, FluidDraw, and Festo Didactic Products

GENERAL RECOMENDATION Users running communication over an untrusted network who require full protection should switch to an alternative solution such as running the communication over a VPN. Festo strongly recommends to minimize and protect network access to connected devices with state of the...

9.8CVSS10AI score0.01505EPSS
Exploits0References10
ICS
ICS
added 2026/06/30 6:0 a.m.10 views

Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow a local attacker to tamper with or destroy information in the affected product, cause a denial-of-service condition in the affected product, or execute arbitrary code when a specially crafted archive file is...

6.4AI score
Exploits0References12
ICS
ICS
added 2026/06/25 6:0 a.m.10 views

Yokogawa FAST/TOOLS and CI Server

ADVISORY SUMMARY Successful exploitation of this vulnerability may return a response containing the CI Server setting information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

8.2CVSS5.8AI score0.00217EPSS
Exploits0References11
ICS
ICS
added 2026/06/18 3:56 p.m.10 views

Webmin multiple vulnerabilities

RISK EVALUATION Webmin contains multiple vulnerabilities. In the worst case, a remote, unauthenticated attacker could impersonate and authenticate as any user. 2. RECOMMENDED PRACTICES Update to most recent available version of Webmin. 3. DESCRIPTION The Webmin HTTP server miniserv.pl allows...

9.2CVSS6AI score0.00285EPSS
Exploits0References1
ICS
ICS
added 2026/06/18 3:45 p.m.10 views

U.S. GAO EPDS and CBCA EDS multiple vulnerabilities

RISK EVALUATION The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS contained multiple vulnerabilities. In the worst case, a remote, unauthenticated attacker could change all users'...

6.1AI score
Exploits0References1
ICS
ICS
added 2026/06/09 12:0 a.m.10 views

Siemens Products using OpenSSL

SUMMARY OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service DoS or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest...

9.8CVSS6.6AI score0.47621EPSS
Exploits7References10
ICS
ICS
added 2026/05/14 6:0 a.m.10 views

Universal Robots Polyscope 5

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for...

9.8CVSS5.9AI score0.01829EPSS
Exploits0References13
ICS
ICS
added 2026/04/29 12:0 a.m.10 views

CryptPad unbounded WebSocket frame flood

RISK EVALUATION CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. 2. RECOMMENDED PRACTICES Upgrade to 2026.2.2. 3. DESCRIPTION CryptPad 2025.3.1 allows unbounded WebSocket...

8.7CVSS5.3AI score0.00578EPSS
Exploits1References1
ICS
ICS
added 2026/04/23 6:0 a.m.10 views

Intrado 911 Emergency Gateway (EGW)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read, modify, or delete files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

9.8CVSS5.7AI score0.00554EPSS
Exploits0References13
ICS
ICS
added 2026/04/14 12:0 a.m.10 views

Siemens SCALANCE

SUMMARY SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities. Siemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly...

9.1CVSS7.3AI score0.01318EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.10 views

Siemens Analytics Toolkit

SUMMARY Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update to...

6.3CVSS5.8AI score0.00137EPSS
Exploits0References10
ICS
ICS
added 2026/03/10 12:0 a.m.10 views

Siemens RUGGEDCOM APE1808 Devices

SUMMARY Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security...

7.1AI score
Exploits0References10
ICS
ICS
added 2026/03/10 12:0 a.m.10 views

Mitsubishi Electric CNC Series

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition in the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the exploitation...

5.9CVSS6AI score0.00614EPSS
Exploits0References9
ICS
ICS
added 2026/02/26 7:0 a.m.10 views

EV Energy ev.energy

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.8AI score
Exploits0References11
ICS
ICS
added 2026/02/24 6:0 a.m.10 views

Gardyn Home Kit (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control edge devices, access cloud-based devices and user information without authentication, and pivot to other edge devices managed in the Gardyn cloud environment. 2. RECOMMENDED...

6.2AI score
Exploits0References11
ICS
ICS
added 2026/02/17 7:0 a.m.10 views

Honeywell HIB2PI CCTV Camera (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially leading to further network compromise. 2. RECOMMENDED PRACTICES CISA recommends...

9.8CVSS7.5AI score0.00833EPSS
Exploits0References13
ICS
ICS
added 2026/02/10 8:0 a.m.10 views

Schneider Electric EcoStruxure Building Operation Workstation

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

5.8AI score
Exploits0References11
ICS
ICS
added 2026/01/29 7:0 a.m.10 views

Rockwell Automation ControlLogix

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

8.7CVSS5.8AI score0.00352EPSS
Exploits0References11
ICS
ICS
added 2026/01/28 12:0 a.m.10 views

Siemens SINEC OS

SUMMARY SINEC OS before V3.3 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

9.8CVSS8.2AI score0.01522EPSS
Exploits0References10
ICS
ICS
added 2026/01/22 7:0 a.m.10 views

EVMAPA

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to degraded service, a denial-of-service, or unauthorized remote command execution, which could lead to spoofing or a manipulation of charging station statuses. 2. RECOMMENDED PRACTICES CISA recommends users take...

9.8CVSS5.6AI score0.00418EPSS
Exploits0References11
ICS
ICS
added 2026/01/22 7:0 a.m.10 views

Johnson Controls Inc. iSTAR Configuration Utility (ICU) tool

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a failure within the operating system of the machine hosting the ICU tool. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

7.1CVSS5.7AI score0.0039EPSS
Exploits0References13
ICS
ICS
added 2026/01/15 7:0 a.m.10 views

AVEVA Process Optimization

RISK EVALUATION Successful exploitation of these vulnerabilities could enable an attacker to execute remote code, perform SQL injection, escalate privileges, or access sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.8AI score
Exploits0References13
ICS
ICS
added 2026/01/13 8:0 a.m.10 views

"Schneider Electric Plant iT/Brewmaxx"

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/01/08 4:36 p.m.10 views

OPEXUS eCASE

RISK EVALUATION OPEXUS eCASE Audit contains multiple vulnerabilities. An authenticated attacker could bypass authorization or inject JavaScript that could be executed in the context of other users. 2. RECOMMENDED PRACTICES Update to eCase Audit v11.14.2.0 and eCase Platform v11.14.1.0. 3...

7.6CVSS6.7AI score0.00285EPSS
Exploits0References1
ICS
ICS
added 2025/12/16 7:0 a.m.10 views

Johnson Controls PowerG, IQPanel and IQHub (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

5.8AI score
Exploits0References13
ICS
ICS
added 2025/12/09 12:0 a.m.10 views

Siemens RUGGEDCOM ROX II

SUMMARY Devices based on RUGGEDCOM ROX before V2.17 contain multiple high severity vulnerabilities. Siemens has released a new version for RUGGEDCOM ROX II family and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

8AI score
Exploits0References10
Total number of security vulnerabilities4251