Lucene search
K
IcsMost viewed

4255 matches found

ICS
ICS
added 2025/02/11 12:0 a.m.10 views

Siemens SIMATIC PCS neo, TIA Administrator, and TIA Portal

SUMMARY Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout. Siemens has released new versions for several...

8.8CVSS7.2AI score0.00536EPSS
Exploits0References10
ICS
ICS
added 2025/01/23 7:0 a.m.10 views

HMS Networks Ewon Flexy 202

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive user credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

6.9CVSS6.8AI score0.0014EPSS
Exploits0References10
ICS
ICS
added 2025/01/10 4:30 a.m.10 views

ABB Drive Composer

SUMMARY An update is available that resolves vulnerability in the product versions as affected in this advisory. An attacker who successfully exploits the vulnerability could get unauthorized access to the file system on the host machine. This can lead to the execution of arbitrary code, data...

9.8CVSS6.8AI score0.02061EPSS
Exploits0References11
ICS
ICS
added 2024/12/10 12:0 a.m.10 views

Siemens Solid Edge SE2024

SUMMARY Siemens Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious PAR or ASM files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially lead to...

7.9AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.10 views

Siemens CPCI85 Central Processing/Communication 

SUMMARY The SICAM A8000 CP-8031 and CP-8050 devices are affected by a vulnerability that could allow an attacker with physical access to the device to decrypt the firmware. Siemens has released new firmware and hardware versions for the affected products and recommends to update to the latest...

5.1CVSS7.1AI score0.00292EPSS
Exploits1References10
ICS
ICS
added 2024/12/05 7:0 a.m.10 views

Planet Technology Planet WGS-804HPT

RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all control system...

8.6AI score
Exploits0References10
ICS
ICS
added 2024/11/21 7:0 a.m.10 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary commands on the server hosting WebCTRL or redirect legitimate users to malicious sites. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

8.1AI score
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.10 views

Schneider Electric PowerLogic PM5300 Series

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.7CVSS6.9AI score0.00776EPSS
Exploits0References11
ICS
ICS
added 2024/11/12 12:0 a.m.10 views

Siemens SIPORT

SUMMARY SIPORT before V3.4.0 contains a privilege escalation vulnerability which could allow a local attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges. Siemens has released a new version for SIPORT and recommends to...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.10 views

Siemens SCALANCE M-800 Family

SUMMARY SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...

9.6AI score
Exploits0References10
ICS
ICS
added 2024/10/31 6:0 a.m.10 views

Rockwell Automation FactoryTalk ThinManager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to send crafted messages to the device resulting in database manipulation or a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.2AI score
Exploits0References10
ICS
ICS
added 2024/10/10 6:0 a.m.10 views

Rockwell Automation PowerFlex 6000T

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : PowerFlex 6000T Vulnerability : Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

8.2CVSS7AI score0.00495EPSS
Exploits0References10
ICS
ICS
added 2024/10/08 12:0 a.m.10 views

Schneider Electric Easergy Studio

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.8CVSS7.1AI score0.00172EPSS
Exploits0References11
ICS
ICS
added 2024/08/22 6:0 a.m.10 views

Rockwell Automation Emulate3D

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.4 ATTENTION : Exploitable locally Vendor : Rockwell Automation Equipment : Emulate3D Vulnerability : Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

5.4CVSS7.8AI score0.00219EPSS
Exploits0References10
ICS
ICS
added 2024/08/21 12:0 p.m.10 views

Best Practices for Event Logging and Threat Detection

Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC in cooperation with the following international partners: United States US...

7.1AI score
Exploits0References60
ICS
ICS
added 2024/08/13 12:0 a.m.10 views

Siemens NX

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.1AI score0.00182EPSS
Exploits0References10
ICS
ICS
added 2024/06/11 12:0 a.m.10 views

Schneider Electric Sage Series

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.1AI score
Exploits0References11
ICS
ICS
added 2021/06/08 12:0 a.m.10 views

Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.8AI score
Exploits0References11
ICS
ICS
added 2026/06/25 6:0 a.m.9 views

Horner Automation Cscape

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a local attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network...

8.4CVSS6.1AI score0.00134EPSS
Exploits0References13
ICS
ICS
added 2026/06/25 5:0 a.m.9 views

EVoke Systems Charging Station Management System

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

9.4CVSS5.9AI score0.00378EPSS
Exploits0References11
ICS
ICS
added 2026/06/10 12:30 a.m.9 views

ABB Freelance Security Lock

SUMMARY ABB is aware of a vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the product to stop or make the product inaccessible. 2. FREQUENTLY ASKED QUESTIONS What causes the vulnerability? - The...

7.1CVSS5.8AI score0.00116EPSS
Exploits0References15
ICS
ICS
added 2026/06/09 12:0 a.m.9 views

Siemens WinCC Certificate Manager

SUMMARY WinCC Certificate Manager insufficiently protects key material that could allow an attacker to extract sensitive information. Siemens has released a new version for SIMATIC WinCC Unified PC Runtime V21 and recommends to update to the latest version. Siemens recommends specific...

8.2CVSS5.9AI score0.00057EPSS
Exploits0References10
ICS
ICS
added 2026/04/28 6:0 a.m.9 views

NSA GRASSMARLIN

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

5.5CVSS5.5AI score0.00197EPSS
Exploits1References13
ICS
ICS
added 2026/04/21 5:0 a.m.9 views

Hardy Barth Salia EV Charge Controller

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

6.5CVSS6.7AI score0.00269EPSS
Exploits0References11
ICS
ICS
added 2026/04/02 6:0 a.m.9 views

Yokogawa CENTUM VP

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

2.1CVSS5.8AI score0.00165EPSS
Exploits0References13
ICS
ICS
added 2026/03/19 6:0 a.m.9 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read, intercept, or modify communications. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.7CVSS5.8AI score0.00151EPSS
Exploits0References13
ICS
ICS
added 2026/03/13 12:30 a.m.9 views

ABB AWIN Gateways

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves the reported vulnerabilities. AWIN gateways are not intended to be internet-facing. An attacker who successfully exploited this vulnerability could take...

5.8AI score
Exploits0References12
ICS
ICS
added 2026/03/12 12:30 a.m.9 views

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves publicly reported vulnerability. An attacker who successfully exploited these vulnerabilities could cause a crash, denial-of-service DoS, or potentially...

9.8CVSS6.7AI score0.47621EPSS
Exploits7References11
ICS
ICS
added 2026/03/10 6:0 a.m.9 views

Honeywell IQ4 Series BMS Controller (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attacker to access controller management settings, control components, disclose information, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

10CVSS5.8AI score0.05585EPSS
Exploits1References13
ICS
ICS
added 2026/03/03 6:0 a.m.9 views

Everon OCPP Backends

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

6AI score
Exploits0References11
ICS
ICS
added 2026/02/26 7:0 a.m.9 views

Chargemap chargemap.com

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/02/26 7:0 a.m.9 views

CloudCharge cloudcharge.se

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to impersonate charging stations, hijack sessions, suppress or misroute legitimate traffic to cause large-scale denial of service, and manipulate data sent to the backend. 2. RECOMMENDED PRACTICES CISA...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/02/24 7:0 a.m.9 views

InSAT MasterSCADA BUK-TS

RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all control system...

9.8CVSS6.3AI score0.00538EPSS
Exploits0References11
ICS
ICS
added 2026/02/24 12:0 a.m.9 views

Hitachi Energy Relion REB500 Product

SUMMARY Hitachi Energy is aware of vulnerabilities that affect the Relion REB500 product versions listed in this document. Authenticated users with certain roles can exploit the vulnerabilities to access and modify the directory contents they are not authorized to do so. Please refer to the...

6AI score
Exploits0References9
ICS
ICS
added 2026/02/10 7:0 a.m.9 views

AVEVA PI Data Archive

RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.7CVSS5.7AI score0.00284EPSS
Exploits0References11
ICS
ICS
added 2026/02/10 12:0 a.m.9 views

Siemens SINEC NMS

SUMMARY Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected...

6.4AI score
Exploits0References10
ICS
ICS
added 2026/02/10 12:0 a.m.9 views

Siemens Simcenter Femap and Nastran

SUMMARY Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to...

6.5AI score
Exploits0References10
ICS
ICS
added 2026/02/05 6:0 a.m.9 views

TP-Link Systems Inc. VIGI Series IP Camera

RISK EVALUATION Successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

8.7CVSS5.6AI score0.00446EPSS
Exploits0References11
ICS
ICS
added 2026/02/03 7:0 a.m.9 views

RISS SRL MOMA Seismic Station

RISK EVALUATION Successful exploitation of this vulnerability could result in an unauthenticated attacker creating a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

9.3CVSS5.5AI score0.00474EPSS
Exploits0References11
ICS
ICS
added 2026/01/29 7:0 a.m.9 views

Rockwell Automation ArmorStart LT

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/01/22 7:0 a.m.9 views

Delta Electronics DIAView

RISK EVALUATION Successful exploitation of this vulnerability could enable an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

9.8CVSS6.2AI score0.01356EPSS
Exploits0References10
ICS
ICS
added 2026/01/19 12:30 a.m.9 views

ABB B&R Automation Runtime

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. An attacker who successfully exploited this vulnerability could cause the product to stop. 2. FREQUENTLY ASKED QUESTIONS What causes the...

8.9CVSS5.8AI score0.00313EPSS
Exploits0References10
ICS
ICS
added 2026/01/13 8:0 a.m.9 views

Schneider Electric EcoStruxure Process Expert (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7CVSS5.8AI score0.00103EPSS
Exploits0References11
ICS
ICS
added 2026/01/13 7:0 a.m.9 views

YoSmart YoLink Smart Hub

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely control other users' smart home devices, intercept sensitive data, and hijack sessions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

6.9AI score
Exploits0References13
ICS
ICS
added 2026/01/06 7:0 a.m.9 views

Columbia Weather Systems MicroServer

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to redirect the SSH connection to an attacker controlled device, gain admin access to the web portal, and gain limited shell access. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

8.8CVSS6.6AI score0.00241EPSS
Exploits0References11
ICS
ICS
added 2025/12/18 7:0 a.m.9 views

Advantech WebAccess/SCADA

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated attacker to read or modify a remote database. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.6AI score
Exploits0References13
ICS
ICS
added 2025/12/11 7:0 a.m.9 views

OpenPLC_V3 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in the alteration of PLC settings or the upload of malicious programs. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

9.8CVSS5.7AI score0.0045EPSS
Exploits0References11
ICS
ICS
added 2025/12/09 12:0 a.m.9 views

Siemens SINEMA Remote Connect Server

SUMMARY SINEMA Remote Connect Server Before V3.2 SP4 is affected by multiple vulnerabilities. Siemens has released a new version for SINEMA Remote Connect Server and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

6.8AI score
Exploits0References10
ICS
ICS
added 2025/11/11 12:0 a.m.9 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by improper certificate validation while connecting to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released a new version for Solid Edge SE2025 and recommends to update to the...

8.7CVSS6.9AI score0.00207EPSS
Exploits0References10
ICS
ICS
added 2025/11/11 12:0 a.m.9 views

Siemens COMOS

SUMMARY COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...

8.4AI score
Exploits0References10
Total number of security vulnerabilities4255