Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/10/07 12:30 a.m.10 views

ABB B&R Automation Runtime

SUMMARY An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could take over a remote session or execute code in the context of...

6.1CVSS6AI score0.00251EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 6:0 a.m.10 views

Rockwell Automation 1783-NATR

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a memory corruption on the product. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

7.5CVSS7.2AI score0.01475EPSS
Exploits0References10
ICS
ICS
added 2025/08/14 12:0 a.m.10 views

Siemens Mendix SAML Module

SUMMARY Mendix SAML module contains a vulnerability that could allow unauthenticated remote attackers to hijack an account in specific SSO configurations. Mendix has provided fix releases for the Mendix SAML module and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a...

8.2CVSS7.4AI score0.00135EPSS
Exploits0References10
ICS
ICS
added 2025/08/14 12:0 a.m.10 views

Siemens Desigo CC Product Family and SENTRON Powermanager

SUMMARY Versions V5.0 through V8 of the Desigo CC product family Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS, as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful...

8.2CVSS7.2AI score0.00135EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.10 views

Siemens SIMATIC RTLS Locating Manager

SUMMARY Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate...

7.7AI score
Exploits0References10
ICS
ICS
added 2025/07/23 12:30 a.m.10 views

ABB AC500 V2

SUMMARY ABB became aware of vulnerabilities in AC500 V2 listed as affected in the advisory. An attacker who successfully exploited this vulnerability could access fragments of Modbus telegrams that have been sent earlier by that PLC 2. MITIGATING FACTORS Mitigating factors describe conditions...

6.9CVSS5.8AI score0.00402EPSS
Exploits0References10
ICS
ICS
added 2025/06/24 6:0 a.m.10 views

MICROSENS NMP Web+

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain system access, overwrite files or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

8.3AI score
Exploits0References10
ICS
ICS
added 2025/05/28 3:28 p.m.10 views

ZKTeco BioTime multiple vulnerabilities

RISK EVALUATION ZKTeco BioTime is a web-based time and attendance management software. A default password vulnerability was found that allows an attacker to log in to any user account that does not change their password. Attackers utilizing this obtain user credentials and can possibly perform...

7.3CVSS7.2AI score0.00317EPSS
Exploits0References1
ICS
ICS
added 2025/05/20 6:0 a.m.10 views

AutomationDirect MB-Gateway

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to make configuration changes, disrupt operations, or achieve arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

10CVSS8.1AI score0.01007EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.10 views

Siemens SIMATIC IPC RS-828A

SUMMARY SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller BMC that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire...

10CVSS7.6AI score0.61202EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.10 views

Siemens BACnet ATEC Devices

SUMMARY BACnet ATEC devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device's normal operation. Siemens recommends...

7.1CVSS7.2AI score0.00205EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.10 views

Siemens User Management Component (UMC)

SUMMARY Siemens User Management Component UMC is affected by three vulnerabilities which could allow an unauthenticated remote attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens...

7.8AI score
Exploits0References10
ICS
ICS
added 2025/05/06 6:0 a.m.10 views

BrightSign Players (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation on the device, easily guessed passwords, or for arbitrary code to be executed on the underlying operating system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

6.2AI score
Exploits0References11
ICS
ICS
added 2025/05/06 6:0 a.m.10 views

Optigo Networks ONS NC600

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to establish an authenticated connection with the hard-coded credentials and perform OS command executions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

9.3CVSS6.9AI score0.00608EPSS
Exploits0References10
ICS
ICS
added 2025/04/15 6:0 a.m.10 views

National Instruments LabVIEW

RISK EVALUATION Successful exploitation of these vulnerabilities lead to the execution of arbitrary code on affected installations of LabVIEW, which could result in invalid memory writes. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

7.8AI score
Exploits0References10
ICS
ICS
added 2025/03/20 12:0 a.m.10 views

CentralSquare eTRAKiT.Net SQL injection vulnerability

RISK EVALUATION eTRAKiT is a public online portal that provides the public with easily accessible information related to permits, projects, licenses, code compliance, land, and inspections. An SQL injection vulnerability in the CRM feature of eTRAKiT.net release 3.2.1.77 allows a remote,...

9.8CVSS8.3AI score0.00528EPSS
Exploits0References1
ICS
ICS
added 2025/02/18 7:0 a.m.10 views

Elseta Vinci Protocol Analyzer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges and perform code execution on the affected system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

9.9CVSS10AI score0.01325EPSS
Exploits0References10
ICS
ICS
added 2025/02/13 7:0 a.m.10 views

Dingtian DT-R0 Series

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify the device settings and gain administrator access. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

9.8CVSS7.3AI score0.0057EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.10 views

Siemens SIMATIC PCS neo, TIA Administrator, and TIA Portal

SUMMARY Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout. Siemens has released new versions for several...

8.8CVSS7.2AI score0.00536EPSS
Exploits0References10
ICS
ICS
added 2025/02/04 7:0 a.m.10 views

Schneider Electric Web Designer for Modicon

RISK EVALUATION Successful exploitation of this vulnerability could result in information disclosure, workstation integrity and potential remote code execution on the compromised computer. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

8.4CVSS7.6AI score0.00278EPSS
Exploits0References10
ICS
ICS
added 2025/01/23 7:0 a.m.10 views

HMS Networks Ewon Flexy 202

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive user credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

6.9CVSS6.8AI score0.0014EPSS
Exploits0References10
ICS
ICS
added 2025/01/10 4:30 a.m.10 views

ABB Drive Composer

SUMMARY An update is available that resolves vulnerability in the product versions as affected in this advisory. An attacker who successfully exploits the vulnerability could get unauthorized access to the file system on the host machine. This can lead to the execution of arbitrary code, data...

9.8CVSS6.8AI score0.02061EPSS
Exploits0References11
ICS
ICS
added 2024/12/10 12:0 a.m.10 views

Siemens CPCI85 Central Processing/Communication 

SUMMARY The SICAM A8000 CP-8031 and CP-8050 devices are affected by a vulnerability that could allow an attacker with physical access to the device to decrypt the firmware. Siemens has released new firmware and hardware versions for the affected products and recommends to update to the latest...

5.1CVSS7.1AI score0.00292EPSS
Exploits1References10
ICS
ICS
added 2024/12/05 7:0 a.m.10 views

Planet Technology Planet WGS-804HPT

RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all control system...

8.6AI score
Exploits0References10
ICS
ICS
added 2024/11/13 8:32 p.m.10 views

Ivanti Connect Secure and Ivanti Policy Secure Multiple Vulnerabilities

RISK EVALUATION Ivanti Connect Secure and Ivanti Policy Secure contain multiple vulnerabilities that allow a remote, authenticated attacker to execute arbitrary code. All of the vulnerabilities except for CVE-2024-39709 require the attacker to be authenticated with administrative privileges to...

7.8CVSS7.7AI score0.00298EPSS
Exploits0References1
ICS
ICS
added 2024/11/12 12:0 a.m.10 views

Siemens SIPORT

SUMMARY SIPORT before V3.4.0 contains a privilege escalation vulnerability which could allow a local attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges. Siemens has released a new version for SIPORT and recommends to...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References10
ICS
ICS
added 2024/10/31 6:0 a.m.10 views

Rockwell Automation FactoryTalk ThinManager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to send crafted messages to the device resulting in database manipulation or a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.2AI score
Exploits0References10
ICS
ICS
added 2024/10/10 6:0 a.m.10 views

Rockwell Automation PowerFlex 6000T

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : PowerFlex 6000T Vulnerability : Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

8.2CVSS7AI score0.00495EPSS
Exploits0References10
ICS
ICS
added 2024/10/08 12:0 a.m.10 views

Schneider Electric Easergy Studio

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.8CVSS7.1AI score0.00172EPSS
Exploits0References11
ICS
ICS
added 2024/08/22 6:0 a.m.10 views

Rockwell Automation Emulate3D

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.4 ATTENTION : Exploitable locally Vendor : Rockwell Automation Equipment : Emulate3D Vulnerability : Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

5.4CVSS7.8AI score0.00219EPSS
Exploits0References10
ICS
ICS
added 2024/08/13 12:0 a.m.10 views

Siemens NX

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.1AI score0.00182EPSS
Exploits0References10
ICS
ICS
added 2024/06/11 12:30 p.m.10 views

Hitachi Energy XMC20

SUMMARY Hitachi Energy is aware of a vulnerability that affects the XMC20 versions listed below. Please refer to the “Recommended Immediate Actions” for information about the remediation. 2. GENERAL MITIGATION FACTORS/WORKAROUNDS Recommended security practices and firewall configurations can...

6.9CVSS7AI score0.00498EPSS
Exploits0References9
ICS
ICS
added 2024/06/11 12:0 a.m.10 views

Schneider Electric Sage Series

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.1AI score
Exploits0References11
ICS
ICS
added 2021/06/08 12:0 a.m.10 views

Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.8AI score
Exploits0References11
ICS
ICS
added 2026/06/25 6:0 a.m.9 views

Horner Automation Cscape

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a local attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network...

8.4CVSS6.1AI score0.00134EPSS
Exploits0References13
ICS
ICS
added 2026/06/25 5:0 a.m.9 views

EVoke Systems Charging Station Management System

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

9.4CVSS5.9AI score0.00378EPSS
Exploits0References11
ICS
ICS
added 2026/06/18 3:45 p.m.9 views

U.S. GAO EPDS and CBCA EDS multiple vulnerabilities

RISK EVALUATION The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS contained multiple vulnerabilities. In the worst case, a remote, unauthenticated attacker could change all users'...

6.1AI score
Exploits0References1
ICS
ICS
added 2026/06/10 12:30 a.m.9 views

ABB Freelance Security Lock

SUMMARY ABB is aware of a vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the product to stop or make the product inaccessible. 2. FREQUENTLY ASKED QUESTIONS What causes the vulnerability? - The...

7.1CVSS5.8AI score0.00116EPSS
Exploits0References15
ICS
ICS
added 2026/06/09 12:0 a.m.9 views

Siemens WinCC Certificate Manager

SUMMARY WinCC Certificate Manager insufficiently protects key material that could allow an attacker to extract sensitive information. Siemens has released a new version for SIMATIC WinCC Unified PC Runtime V21 and recommends to update to the latest version. Siemens recommends specific...

8.2CVSS5.9AI score0.00057EPSS
Exploits0References10
ICS
ICS
added 2026/04/28 6:0 a.m.9 views

NSA GRASSMARLIN

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

5.5CVSS5.5AI score0.00197EPSS
Exploits1References13
ICS
ICS
added 2026/04/21 5:0 a.m.9 views

Hardy Barth Salia EV Charge Controller

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

6.5CVSS6.7AI score0.00269EPSS
Exploits0References11
ICS
ICS
added 2026/04/16 6:0 a.m.9 views

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

8.4CVSS6.5AI score0.00339EPSS
Exploits0References12
ICS
ICS
added 2026/04/14 12:0 a.m.9 views

Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary

SUMMARY RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P and recommends to update to the latest version. 2...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.9 views

Siemens TPM 2.0

SUMMARY The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the...

6.6CVSS7.4AI score0.00199EPSS
Exploits0References10
ICS
ICS
added 2026/04/13 12:30 a.m.9 views

ABB System 800xA, Symphony Plus IEC 61850

SUMMARY This vulnerability was privately reported relating to ABB’s implementation of the IEC 61850 communication stack for MMS client applications used in some Automation control system products. Note: IEC 61850 communication typically supports MMS and GOOSE protocols. Some ABB products support...

7.1CVSS5.7AI score0.00184EPSS
Exploits0References19
ICS
ICS
added 2026/04/02 6:0 a.m.9 views

Yokogawa CENTUM VP

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

2.1CVSS5.8AI score0.00165EPSS
Exploits0References13
ICS
ICS
added 2026/03/13 12:30 a.m.9 views

ABB AWIN Gateways

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves the reported vulnerabilities. AWIN gateways are not intended to be internet-facing. An attacker who successfully exploited this vulnerability could take...

5.8AI score
Exploits0References12
ICS
ICS
added 2026/03/12 12:30 a.m.9 views

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves publicly reported vulnerability. An attacker who successfully exploited these vulnerabilities could cause a crash, denial-of-service DoS, or potentially...

9.8CVSS6.7AI score0.47621EPSS
Exploits7References11
ICS
ICS
added 2026/03/10 6:0 a.m.9 views

Honeywell IQ4 Series BMS Controller (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attacker to access controller management settings, control components, disclose information, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

10CVSS5.8AI score0.05585EPSS
Exploits1References13
ICS
ICS
added 2026/03/10 12:0 a.m.9 views

Siemens Heliox EV Chargers

SUMMARY Heliox EV Chargers listed below contain improper access control vulnerability that could allow an attacker to reach unauthorized services via the charging cable. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL...

2.6CVSS6.1AI score0.00141EPSS
Exploits0References10
Total number of security vulnerabilities4251