Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/05/14 12:0 a.m.9 views

Siemens Siveillance Video

SUMMARY The installer of Siveillance Video V2024 R1 resets the system configuration password when updating from older versions of Siveillance Video. This could inadvertently remove the password protection from system configuration files, also affecting backup data sets that were created after...

5.5CVSS7AI score0.00213EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.9 views

Siemens SCALANCE LPE9403

SUMMARY SCALANCE LPE9403 is affected by multiple vulnerabilities which lead to a compromise in availability, integrity and confidentiality. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS...

8.8AI score
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.9 views

Siemens VersiCharge AC Series EV Chargers

SUMMARY VersiCharge AC Series EV Chargers contain two vulnerabilities that could allow an attacker to gain control of the chargers through default Modbus port or execute arbitrary code by manipulating the M0 firmware. Siemens has released new versions for several affected products and recommends...

7.9AI score
Exploits0References10
ICS
ICS
added 2025/04/24 6:0 a.m.9 views

Vestel AC Charger

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could subsequently enable them to cause a denial of service or partial loss of integrity of the charger. 2. RECOMMENDED PRACTICES CISA reminds...

8.7CVSS7AI score0.00343EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 4:0 a.m.9 views

Schneider Electric ConneXium Network Manager Software

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.9AI score
Exploits0References11
ICS
ICS
added 2025/03/25 6:0 a.m.9 views

Rockwell Automation Verve Asset Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.5CVSS7.4AI score0.00663EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.9 views

Siemens SINAMICS S200

SUMMARY A specific range of produced SINAMICS S200 devices contains an unlocked bootloader vulnerability that could allow an attacker to download untrusted firmware that could damage or compromise the device. For delivered products listed below Siemens recommends countermeasures. 2. GENERAL...

9.8CVSS6.7AI score0.00513EPSS
Exploits0References10
ICS
ICS
added 2025/03/04 7:0 a.m.9 views

GMOD Apollo

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, bypass authentication, upload malicious files, or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.1CVSS7.8AI score0.00256EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 12:0 a.m.9 views

Siemens Siveillance Video Camera

SUMMARY Several camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions. Siemens has released an update...

7.8CVSS6.9AI score0.00145EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 12:0 a.m.9 views

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management is affected by a reflected cross-site scripting XSS vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link. Siemens recommends countermeasures for products where fixes are not, or not yet...

6.1CVSS6.1AI score0.00273EPSS
Exploits0References10
ICS
ICS
added 2024/12/17 7:0 a.m.9 views

Rockwell Automation PowerMonitor 1000 Remote

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform edit operations, create admin users, perform factory reset, execute arbitrary code, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...

8.6AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.9 views

Siemens Solid Edge SE2024

SUMMARY Siemens Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious PAR or ASM files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially lead to...

7.9AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.9 views

Siemens COMOS 

SUMMARY COMOS is affected by XXE injection vulnerabilities that could allow an attacker to extract arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for...

7.3AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.9 views

Siemens Parasolid

SUMMARY Parasolid is affected by out of bounds write vulnerability that could be triggered when the application reads files in PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker could perform remote code execution in the context of the current...

7.8CVSS7.8AI score0.00176EPSS
Exploits0References10
ICS
ICS
added 2024/12/03 11:0 a.m.9 views

FESTO CODESYS

GENERAL RECOMMENDATION As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside - Use...

7.3AI score
Exploits0References12
ICS
ICS
added 2024/12/03 7:0 a.m.9 views

Fuji Electric Tellus Lite V-Simulator (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

8.1AI score
Exploits0References10
ICS
ICS
added 2024/11/26 6:15 p.m.9 views

Valor Apps Easy Folder Listing Pro Joomla! extension deserialization vulnerability

RISK EVALUATION Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows any external user can gain console access to vulnerable web servers that could potentially lead to total compromise of the web server, potential privilege escalation, and initial access into...

9.8CVSS8AI score0.00975EPSS
Exploits0References1
ICS
ICS
added 2024/11/21 7:0 a.m.9 views

OSCAT Basic Library

RISK EVALUATION Successful exploitation of this vulnerability allows an local, unprivileged attacker to access limited internal data of the PLC, which may lead to a crash of the affected service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

4.4CVSS6.6AI score0.00189EPSS
Exploits0References10
ICS
ICS
added 2024/11/21 7:0 a.m.9 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary commands on the server hosting WebCTRL or redirect legitimate users to malicious sites. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

8.1AI score
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.9 views

Schneider Electric PowerLogic PM5300 Series

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.7CVSS6.9AI score0.00776EPSS
Exploits0References11
ICS
ICS
added 2024/10/08 12:0 a.m.9 views

Siemens HiMed Cockpit

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.3CVSS7.1AI score0.0017EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.9 views

Schneider Electric Vijeo Designer and EcoStruxureâ„¢ Machine Expert (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.8CVSS6.7AI score0.00209EPSS
Exploits0References11
ICS
ICS
added 2024/08/21 12:0 p.m.9 views

Best Practices for Event Logging and Threat Detection

Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC in cooperation with the following international partners: United States US...

7.1AI score
Exploits0References60
ICS
ICS
added 2024/07/19 4:0 p.m.9 views

Adminer and AdminerEvo Multiple Vulnerabilities

RISK EVALUATION Adminer and AdminerEvo contain multiple vulnerabilities. Successful exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to deny service, enumerate and access systems indirectly, upload arbitrary files, and execute arbitrary code. Adminer is no...

8.1AI score
Exploits0References1
ICS
ICS
added 2024/07/09 12:0 a.m.9 views

Schneider Electric Wiser Home Controller WHC-5918A

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS6.7AI score0.00426EPSS
Exploits0References11
ICS
ICS
added 2024/06/11 12:30 p.m.9 views

Hitachi Energy FOX61x Products

SUMMARY Hitachi Energy is aware of a vulnerability that affects the XMC20 versions listed below. Please refer to the “Recommended Immediate Actions” for information about the remediation. 2. GENERAL MITIGATION FACTORS/WORKAROUNDS Recommended security practices and firewall configurations can...

6.9CVSS6.9AI score0.00498EPSS
Exploits0References9
ICS
ICS
added 2024/06/11 12:0 a.m.9 views

Schneider Electric PowerLogic P5

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.8CVSS7.1AI score0.00164EPSS
Exploits0References11
ICS
ICS
added 2024/04/30 12:30 p.m.9 views

Hitachi Energy SDM600

SUMMARY Hitachi Energy is aware of multiple vulnerabilities that affect the SDM600 versions listed below. An attacker who managed to be authenticated to SDM600 and successfully exploit these vulnerabilities could elevate privileges and gain unauthorized access to the system. SDM600 version 1.3.4...

8AI score
Exploits0References9
ICS
ICS
added 2024/04/30 12:0 a.m.9 views

Hitachi Energy RTU500 Series Product (Update B)

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2024-2617 in the RTU500 Web server component, that affects the RTU500 versions that are listed below. An attacker successfully exploiting this vulnerability could bypass secure update. Please refer to the Recommended Immediate Actions for...

7.2CVSS6.2AI score0.00666EPSS
Exploits0References9
ICS
ICS
added 2023/12/19 1:30 p.m.9 views

Hitachi Energy RTU500 Scripting Interface

SUMMARY Hitachi Energy is aware of a reported vulnerability in the RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a Certification Authority CA,...

7.5CVSS6.6AI score0.00316EPSS
Exploits1References9
ICS
ICS
added 2026/06/30 6:0 a.m.8 views

Delta Electronics DVP12SE PLC

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to remotely issue commands, modify operational values, interfere with control logic, and alter device behavior without authentication or privilege enforcement. 2. RECOMMENDED PRACTICES CISA recommends users...

9.3CVSS5.8AI score0.0031EPSS
Exploits0References13
ICS
ICS
added 2026/06/26 4:8 p.m.8 views

extract-zip unvalidated symlink path traversal

RISK EVALUATION extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like '../../../../etc/passwd', extract-zip will extract the symlink without validation, allowing it to point outside the...

8.6CVSS5.9AI score0.00346EPSS
Exploits1References1
ICS
ICS
added 2026/06/25 6:0 a.m.8 views

Delta Electronics DTM Soft

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system...

8.4CVSS6.2AI score0.00388EPSS
Exploits0References13
ICS
ICS
added 2026/06/17 6:58 p.m.8 views

ServerCo getssl ACME shell script path injection

RISK EVALUATION In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used in challenge-file handling, allowing a maliciously crafted token to influence local path/filename usage during validation. An...

9.8CVSS6AI score0.00934EPSS
Exploits0References1
ICS
ICS
added 2026/04/28 12:0 a.m.8 views

Hitachi Energy PCM600

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Hitachi Energy PCM600 product versions listed in this document. An attacker successfully exploiting this vulnerability can impact integrity of the product. Please refer to the Recommended Immediate Actions for information about...

5.5CVSS6.7AI score0.08926EPSS
Exploits1References9
ICS
ICS
added 2026/04/23 6:0 a.m.8 views

SpiceJet Online Booking System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for all...

5.5AI score
Exploits0References13
ICS
ICS
added 2026/04/23 6:0 a.m.8 views

Carlson Software VASCO-B GNSS Receiver

RISK EVALUATION Successful exploitation of this vulnerability could enable a remote attacker to alter critical system functions or disrupt device operation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.4CVSS5.8AI score0.00373EPSS
Exploits0References11
ICS
ICS
added 2026/04/16 6:0 a.m.8 views

AVEVA Pipeline Simulation

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.3CVSS5.8AI score0.00388EPSS
Exploits0References11
ICS
ICS
added 2026/04/14 12:0 a.m.8 views

Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller SAC and recommends...

7.7CVSS7.3AI score0.73495EPSS
Exploits3References10
ICS
ICS
added 2026/04/07 8:51 p.m.8 views

IBM Maximo Application Suite Sensitive Tokens without 'Secure' Attribute

RISK EVALUATION IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. An unauthenticated attacker can steal cookies by directing users to a malicious http:// link and snooping user traffic. 2. RECOMMENDED PRACTICES...

4.3CVSS5.9AI score0.00118EPSS
Exploits0References1
ICS
ICS
added 2026/03/26 6:0 a.m.8 views

PTC Windchill Product Lifecycle Management

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

9.3CVSS6.5AI score0.00756EPSS
Exploits0References13
ICS
ICS
added 2026/03/26 12:0 a.m.8 views

Siemens SICAM 8 Products

SUMMARY Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - RTUM85 for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 -...

8.7CVSS5.9AI score0.00358EPSS
Exploits3References10
ICS
ICS
added 2026/03/24 6:0 a.m.8 views

Pharos Controls Mosaic Show Controller

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary commands with root privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.3CVSS6AI score0.00573EPSS
Exploits0References13
ICS
ICS
added 2026/03/19 5:0 a.m.8 views

IGL-Technologies eParking.fi

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/03/10 6:0 a.m.8 views

Lantronix EDS3000PS and EDS5000

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code with root-level privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

6AI score
Exploits0References13
ICS
ICS
added 2026/03/10 12:0 a.m.8 views

Siemens SIDIS Prime

SUMMARY SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a...

7.1AI score
Exploits0References10
ICS
ICS
added 2026/03/03 6:0 a.m.8 views

Mobiliti e-mobi.hu

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

6AI score
Exploits0References11
ICS
ICS
added 2026/02/10 7:0 a.m.8 views

AVEVA PI Data Archive

RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.7CVSS5.7AI score0.00284EPSS
Exploits0References11
ICS
ICS
added 2026/02/10 12:0 a.m.8 views

Siemens SINEC NMS

SUMMARY Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected...

6.4AI score
Exploits0References10
ICS
ICS
added 2026/02/10 12:0 a.m.8 views

Siemens Simcenter Femap and Nastran

SUMMARY Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to...

6.5AI score
Exploits0References10
Total number of security vulnerabilities4251