Ics - Page 77 of Ics Most Viewed Vulnerabilities List

ICS•added 2024/12/10 12:0 a.m.•6 views

Siemens COMOS

SUMMARY COMOS is affected by XXE injection vulnerabilities that could allow an attacker to extract arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for...

7.3AI score

ICS•added 2024/12/03 12:0 a.m.•6 views

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

7.5AI score

Exploits0References8

ICS•added 2024/11/14 7:0 a.m.•6 views

Rockwell Automation Arena Input Analyzer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code on the program. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

7.3CVSS7.8AI score0.00249EPSS

ICS•added 2024/11/14 7:0 a.m.•6 views

Rockwell Automation FactoryTalk Updater (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an authentication bypass, remote code execution, and/or a local privilege escalation 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.3AI score

ICS•added 2024/10/08 4:0 a.m.•6 views

Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update B)

7.3CVSS6.9AI score0.00328EPSS

ICS•added 2024/08/21 12:0 p.m.•6 views

Best Practices for Event Logging and Threat Detection

Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC in cooperation with the following international partners: United States US...

7.1AI score

Exploits0References60

ICS•added 2024/06/11 12:30 p.m.•6 views

Hitachi Energy FOX61x, FOXCST, and FOXMAN-UN Products

SUMMARY Hitachi Energy is aware of a vulnerability that affects the FOXMAN-UN/FOXCST versions listed below. If exploited an attacker could potentially intercept or falsify data exchanges between the client and the server. Please refer to the “Recommended Immediate Actions” for information about...

6.8CVSS6.9AI score0.00219EPSS

Exploits0References9

ICS•added 2024/06/11 12:0 a.m.•6 views

Schneider Electric PowerLogic P5

6.8CVSS7.1AI score0.00164EPSS

ICS•added 2024/04/30 12:0 a.m.•6 views

Hitachi Energy RTU500 Series Product (Update B)

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2024-2617 in the RTU500 Web server component, that affects the RTU500 versions that are listed below. An attacker successfully exploiting this vulnerability could bypass secure update. Please refer to the Recommended Immediate Actions for...

7.2CVSS6.2AI score0.00666EPSS

Exploits0References9

ICS•added 2023/07/11 7:15 a.m.•6 views

Schneider Electric devices using CODESYS Runtime

6.9AI score

ICS•added 5 days ago•5 views

Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive health-related information and prevent legitimate users from establishing a connection with the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

5.6AI score

ICS•added 5 days ago•5 views

AzeoTech DAQFactory

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

8.4CVSS5.8AI score

ICS•added 2026/05/12 7:0 a.m.•5 views

Schneider Electric EasyLogic T150 and Saitel DP

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

7.1CVSS5.5AI score0.00292EPSS

ICS•added 2026/04/23 6:0 a.m.•5 views

Yadea T5 Electric Bicycle

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker being able to unlock and start the bicycle, leading to vehicle theft. 2. RECOMMENDED PRACTICES CISA provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics...

7.3CVSS5.7AI score0.00275EPSS

ICS•added 2026/04/23 6:0 a.m.•5 views

Intrado 911 Emergency Gateway (EGW)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read, modify, or delete files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

9.8CVSS5.7AI score0.00554EPSS

ICS•added 2026/04/16 6:0 a.m.•5 views

Horner Automation Cscape and XL4, XL7 PLC

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...

9.3CVSS5.7AI score0.00449EPSS

ICS•added 2026/03/31 6:0 a.m.•5 views

PX4 Autopilot

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with access to the MAVLink interface to execute arbitrary shell commands without cryptographic authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

9.8CVSS6.2AI score0.00926EPSS

ICS•added 2026/03/26 12:0 a.m.•5 views

Siemens SICAM 8 Products

SUMMARY Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - RTUM85 for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 -...

8.7CVSS5.9AI score0.00358EPSS

Exploits2References10

ICS•added 2026/03/25 12:0 a.m.•5 views

Nanoleaf Lines unauthenticated firmware file store

RISK EVALUATION Nanoleaf Lines 12.3.2 does not authenticate firmware file uploads. A remote, unauthenticated attacker can upload firmware files on the device and consume storage resources. 2. RECOMMENDED PRACTICES Update to 12.3.6. 3. DESCRIPTION Nanoleaf Lines 12.3.2 does not authenticate...

6.9CVSS5.9AI score0.0034EPSS

Exploits0References1

ICS•added 2026/03/24 6:0 a.m.•5 views

Pharos Controls Mosaic Show Controller

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary commands with root privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.3CVSS6AI score0.00573EPSS

ICS•added 2026/03/19 6:0 a.m.•5 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read, intercept, or modify communications. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.7CVSS5.8AI score0.00151EPSS

ICS•added 2026/03/19 5:0 a.m.•5 views

IGL-Technologies eParking.fi

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

ICS•added 2026/03/12 12:30 a.m.•5 views

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves publicly reported vulnerability. An attacker who successfully exploited these vulnerabilities could cause a crash, denial-of-service DoS, or potentially...

8.8CVSS6.7AI score0.48666EPSS

Exploits7References11

ICS•added 2026/03/10 7:0 a.m.•5 views

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

5.1CVSS6.2AI score0.00392EPSS

ICS•added 2026/03/10 12:0 a.m.•5 views

Mitsubishi Electric CNC Series

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause an out-of-bounds read, resulting in a denial-of-service condition in the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the exploitation...

5.9CVSS6AI score0.00614EPSS

Exploits0References9

ICS•added 2026/03/10 12:0 a.m.•5 views

Siemens SIDIS Prime

SUMMARY SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a...

7.1AI score

ICS•added 2026/02/26 7:0 a.m.•5 views

Mobility46 mobility46.se

ICS•added 2026/02/17 7:0 a.m.•5 views

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to write arbitrary data beyond the bounds of a stack-allocated buffer, leading to the corruption of a structured exception handler SEH. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

9.8CVSS6.3AI score0.00532EPSS

ICS•added 2026/02/10 7:0 a.m.•5 views

ZOLL ePCR IOS Mobile Application

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to protected health information PHI or device telemetry. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

6.7CVSS5.8AI score0.00172EPSS

7.8CVSS6.6AI score0.00134EPSS

Siemens NX

SUMMARY Siemens NX is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in CGM format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to...

Siemens SINEC NMS

SUMMARY Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected...

6.4AI score

Siemens Simcenter Femap and Nastran

SUMMARY Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to...

6.5AI score

7.6CVSS5.6AI score0.00264EPSS

Siemens Polarion

SUMMARY Polarion before V2506 contains a vulnerability that could allow authenticated remote attackers to conduct cross-site scripting attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...

ICS•added 2026/02/05 7:0 a.m.•5 views

o6 Automation GmbH Open62541

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition and memory corruption. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

6.8CVSS5.5AI score0.00343EPSS

ICS•added 2026/02/03 7:0 a.m.•5 views

Mitsubishi Electric FREQSHIP-mini for Windows

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to, modify, delete, or destroy information stored on the system where the affected product is installed, or cause a denial-of-service condition on the affected system. 2. RECOMMENDED...

8.8CVSS6.5AI score0.00148EPSS

Exploits0References12

ICS•added 2026/02/03 7:0 a.m.•5 views

RISS SRL MOMA Seismic Station

RISK EVALUATION Successful exploitation of this vulnerability could result in an unauthenticated attacker creating a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

9.3CVSS5.5AI score0.00474EPSS

ICS•added 2026/01/29 7:0 a.m.•5 views

Rockwell Automation ArmorStart LT

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

ICS•added 2026/01/27 7:0 a.m.•5 views

iba Systems ibaPDA

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthorized actions on the file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

10CVSS5.8AI score0.00409EPSS

ICS•added 2026/01/27 12:0 a.m.•5 views

Hitachi Energy FOX61x

SUMMARY Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to...

9CVSS5.6AI score0.14859EPSS

Exploits2References10

9.4CVSS5.7AI score0.00465EPSS

Hubitat Elevation Hubs

RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to escalate their privileges and control devices outside of their authorized scope. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

Weintek cMT X Series HMI EasyWeb Service

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a low-level user to alter privileges and gain full control to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

5.7AI score

AutomationDirect CLICK Programmable Logic Controller

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to impersonate users, escalate privileges, gain unauthorized access to systems and services, and decrypt sensitive data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the...

5.7AI score

Exploits0References12

9.8CVSS6.2AI score0.01356EPSS

Delta Electronics DIAView

RISK EVALUATION Successful exploitation of this vulnerability could enable an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

ICS•added 2026/01/13 8:0 a.m.•5 views

"Schneider Electric Plant iT/Brewmaxx"

ICS•added 2026/01/13 12:0 a.m.•5 views

Siemens RUGGEDCOM APE1808 Devices

SUMMARY Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not...

5.8AI score

ICS•added 2026/01/08 12:0 a.m.•5 views

Ideagen DevonWay stored XSS

RISK EVALUATION Ideagen DevonWay contains a stored cross site scripting vulnerability. A remote, authenticated attacker could craft a payload in the 'Reports' page that executes when another user views the report. Fixed in 2.62.4 and 2.62 LTS. 2. RECOMMENDED PRACTICES Update to 2.62.4 or 2.62...

5.5CVSS5.8AI score0.00202EPSS

Exploits0References1

ICS•added 2025/12/18 7:0 a.m.•5 views

Inductive Automation Ignition

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to be granted direct SYSTEM-level code execution on the host operating system running the Ignition Gateway service on Windows systems. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

7.3CVSS7AI score0.00221EPSS

ICS•added 2025/12/18 7:0 a.m.•5 views

Axis Communications Camera Station Pro, Camera Station, and Device Manager (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code, executing a man-in-middle style attack, or bypass authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

8.9AI score