Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/08/07 6:0 a.m.9 views

Delta Electronics DIAView

RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to read or write files on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations...

9.3CVSS7AI score0.11131EPSS
Exploits0References10
ICS
ICS
added 2025/08/05 5:0 a.m.9 views

Mitsubishi Electric Iconics Digital Solutions Multiple Products (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems...

5.9CVSS6.1AI score0.00192EPSS
Exploits0References9
ICS
ICS
added 2025/07/22 6:0 a.m.9 views

Schneider Electric EcoStruxure Power Operation (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in the loss of system functionality or unauthorized access to system functions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA...

9.8CVSS8.7AI score0.03399EPSS
Exploits0References12
ICS
ICS
added 2025/07/10 6:0 a.m.9 views

End-of-Train and Head-of-Train Remote Linking Protocol (Update C)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train device, causing a sudden stoppage of the train which may lead to a disruption of operations, or induce brake failure. 2. RECOMMENDED PRACTICES CISA...

8.1CVSS9.3AI score0.0053EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.9 views

Siemens SIPROTEC 5

SUMMARY A sensitive data exposure vulnerability in SIPROTEC 5 can allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access. Siemens is preparing fix versions and recommends countermeasures for...

6CVSS7.1AI score0.00277EPSS
Exploits0References10
ICS
ICS
added 2025/07/01 6:0 a.m.9 views

Voltronic Power and PowerShield UPS monitoring software

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker remotely to make configuration changes, resulting in shutting down UPS connected devices or execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...

10AI score
Exploits0References10
ICS
ICS
added 2025/06/26 6:0 a.m.9 views

Mitsubishi Electric Air Conditioning Systems (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to control the air conditioning system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform...

9.8CVSS7.7AI score0.0109EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.9 views

Siemens VersiCharge AC Series EV Chargers

SUMMARY VersiCharge AC Series EV Chargers contain two vulnerabilities that could allow an attacker to gain control of the chargers through default Modbus port or execute arbitrary code by manipulating the M0 firmware. Siemens has released new versions for several affected products and recommends...

7.9AI score
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.9 views

Siemens SCALANCE LPE9403

SUMMARY SCALANCE LPE9403 is affected by multiple vulnerabilities which lead to a compromise in availability, integrity and confidentiality. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS...

8.8AI score
Exploits0References10
ICS
ICS
added 2025/04/24 6:0 a.m.9 views

Vestel AC Charger

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could subsequently enable them to cause a denial of service or partial loss of integrity of the charger. 2. RECOMMENDED PRACTICES CISA reminds...

8.7CVSS7AI score0.00343EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 4:0 a.m.9 views

Schneider Electric ConneXium Network Manager Software

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.9AI score
Exploits0References11
ICS
ICS
added 2025/03/25 6:0 a.m.9 views

Rockwell Automation Verve Asset Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.5CVSS7.4AI score0.00663EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.9 views

Siemens SINAMICS S200

SUMMARY A specific range of produced SINAMICS S200 devices contains an unlocked bootloader vulnerability that could allow an attacker to download untrusted firmware that could damage or compromise the device. For delivered products listed below Siemens recommends countermeasures. 2. GENERAL...

9.8CVSS6.7AI score0.00513EPSS
Exploits0References10
ICS
ICS
added 2025/03/04 7:0 a.m.9 views

GMOD Apollo

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, bypass authentication, upload malicious files, or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.1CVSS7.8AI score0.00256EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 12:0 a.m.9 views

Siemens Siveillance Video Camera

SUMMARY Several camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions. Siemens has released an update...

7.8CVSS6.9AI score0.00145EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 12:0 a.m.9 views

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management is affected by a reflected cross-site scripting XSS vulnerability that could allow an attacker to extract sensitive information by tricking users into accessing a malicious link. Siemens recommends countermeasures for products where fixes are not, or not yet...

6.1CVSS6.1AI score0.00273EPSS
Exploits0References10
ICS
ICS
added 2024/12/17 7:0 a.m.9 views

Rockwell Automation PowerMonitor 1000 Remote

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform edit operations, create admin users, perform factory reset, execute arbitrary code, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...

8.6AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.9 views

Siemens Parasolid

SUMMARY Parasolid is affected by out of bounds write vulnerability that could be triggered when the application reads files in PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker could perform remote code execution in the context of the current...

7.8CVSS7.8AI score0.00176EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.9 views

Siemens COMOS 

SUMMARY COMOS is affected by XXE injection vulnerabilities that could allow an attacker to extract arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for...

7.3AI score
Exploits0References10
ICS
ICS
added 2024/12/03 11:0 a.m.9 views

FESTO CODESYS

GENERAL RECOMMENDATION As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside - Use...

7.3AI score
Exploits0References12
ICS
ICS
added 2024/12/03 7:0 a.m.9 views

Fuji Electric Tellus Lite V-Simulator (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

8.1AI score
Exploits0References10
ICS
ICS
added 2024/11/26 6:15 p.m.9 views

Valor Apps Easy Folder Listing Pro Joomla! extension deserialization vulnerability

RISK EVALUATION Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows any external user can gain console access to vulnerable web servers that could potentially lead to total compromise of the web server, potential privilege escalation, and initial access into...

9.8CVSS8AI score0.00975EPSS
Exploits0References1
ICS
ICS
added 2024/11/21 7:0 a.m.9 views

OSCAT Basic Library

RISK EVALUATION Successful exploitation of this vulnerability allows an local, unprivileged attacker to access limited internal data of the PLC, which may lead to a crash of the affected service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

4.4CVSS6.6AI score0.00189EPSS
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.9 views

2N Access Commander (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate their privileges, execute arbitrary code, or gain root access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.5AI score
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.9 views

Schneider Electric PowerLogic PM5300 Series

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.7CVSS6.9AI score0.00776EPSS
Exploits0References11
ICS
ICS
added 2024/11/12 12:0 a.m.9 views

Siemens SCALANCE M-800 Family

SUMMARY SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...

9.6AI score
Exploits0References10
ICS
ICS
added 2024/10/08 12:0 a.m.9 views

Siemens HiMed Cockpit

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.3CVSS7.1AI score0.0017EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.9 views

Schneider Electric Vijeo Designer and EcoStruxureâ„¢ Machine Expert (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.8CVSS6.7AI score0.00209EPSS
Exploits0References11
ICS
ICS
added 2024/08/21 12:0 p.m.9 views

Best Practices for Event Logging and Threat Detection

Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC in cooperation with the following international partners: United States US...

7.1AI score
Exploits0References60
ICS
ICS
added 2024/07/09 12:0 a.m.9 views

Schneider Electric Wiser Home Controller WHC-5918A

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS6.7AI score0.00426EPSS
Exploits0References11
ICS
ICS
added 2024/06/11 12:30 p.m.9 views

Hitachi Energy FOX61x Products

SUMMARY Hitachi Energy is aware of a vulnerability that affects the XMC20 versions listed below. Please refer to the “Recommended Immediate Actions” for information about the remediation. 2. GENERAL MITIGATION FACTORS/WORKAROUNDS Recommended security practices and firewall configurations can...

6.9CVSS6.9AI score0.00498EPSS
Exploits0References9
ICS
ICS
added 2024/06/11 12:0 a.m.9 views

Schneider Electric PowerLogic P5

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.8CVSS7.1AI score0.00164EPSS
Exploits0References11
ICS
ICS
added 2024/04/30 12:30 p.m.9 views

Hitachi Energy SDM600

SUMMARY Hitachi Energy is aware of multiple vulnerabilities that affect the SDM600 versions listed below. An attacker who managed to be authenticated to SDM600 and successfully exploit these vulnerabilities could elevate privileges and gain unauthorized access to the system. SDM600 version 1.3.4...

8AI score
Exploits0References9
ICS
ICS
added 2024/04/30 12:0 a.m.9 views

Hitachi Energy RTU500 Series Product (Update B)

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2024-2617 in the RTU500 Web server component, that affects the RTU500 versions that are listed below. An attacker successfully exploiting this vulnerability could bypass secure update. Please refer to the Recommended Immediate Actions for...

7.2CVSS6.2AI score0.00666EPSS
Exploits0References9
ICS
ICS
added 2023/12/19 1:30 p.m.9 views

Hitachi Energy RTU500 Scripting Interface

SUMMARY Hitachi Energy is aware of a reported vulnerability in the RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a Certification Authority CA,...

7.5CVSS6.6AI score0.00316EPSS
Exploits1References9
ICS
ICS
added 2026/06/30 6:0 a.m.8 views

Delta Electronics DVP12SE PLC

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to remotely issue commands, modify operational values, interfere with control logic, and alter device behavior without authentication or privilege enforcement. 2. RECOMMENDED PRACTICES CISA recommends users...

9.3CVSS5.8AI score0.0031EPSS
Exploits0References13
ICS
ICS
added 2026/06/26 4:8 p.m.8 views

extract-zip unvalidated symlink path traversal

RISK EVALUATION extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like '../../../../etc/passwd', extract-zip will extract the symlink without validation, allowing it to point outside the...

8.6CVSS5.9AI score0.00346EPSS
Exploits1References1
ICS
ICS
added 2026/06/25 6:0 a.m.8 views

Delta Electronics DTM Soft

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system...

8.4CVSS6.2AI score0.00388EPSS
Exploits0References13
ICS
ICS
added 2026/06/17 6:58 p.m.8 views

ServerCo getssl ACME shell script path injection

RISK EVALUATION In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used in challenge-file handling, allowing a maliciously crafted token to influence local path/filename usage during validation. An...

9.8CVSS6AI score0.00934EPSS
Exploits0References1
ICS
ICS
added 2026/04/28 12:0 a.m.8 views

Hitachi Energy PCM600

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Hitachi Energy PCM600 product versions listed in this document. An attacker successfully exploiting this vulnerability can impact integrity of the product. Please refer to the Recommended Immediate Actions for information about...

5.5CVSS6.7AI score0.08926EPSS
Exploits1References9
ICS
ICS
added 2026/04/23 6:0 a.m.8 views

Carlson Software VASCO-B GNSS Receiver

RISK EVALUATION Successful exploitation of this vulnerability could enable a remote attacker to alter critical system functions or disrupt device operation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.4CVSS5.8AI score0.00373EPSS
Exploits0References11
ICS
ICS
added 2026/04/23 6:0 a.m.8 views

SpiceJet Online Booking System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for all...

5.5AI score
Exploits0References13
ICS
ICS
added 2026/04/16 6:0 a.m.8 views

AVEVA Pipeline Simulation

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.3CVSS5.8AI score0.00388EPSS
Exploits0References11
ICS
ICS
added 2026/04/16 6:0 a.m.8 views

Anviz Multiple Products

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or...

6.5AI score
Exploits0References11
ICS
ICS
added 2026/04/14 12:0 a.m.8 views

Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller SAC and recommends...

7.7CVSS7.3AI score0.73495EPSS
Exploits3References10
ICS
ICS
added 2026/04/07 8:51 p.m.8 views

IBM Maximo Application Suite Sensitive Tokens without 'Secure' Attribute

RISK EVALUATION IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. An unauthenticated attacker can steal cookies by directing users to a malicious http:// link and snooping user traffic. 2. RECOMMENDED PRACTICES...

4.3CVSS5.9AI score0.00118EPSS
Exploits0References1
ICS
ICS
added 2026/03/26 6:0 a.m.8 views

PTC Windchill Product Lifecycle Management

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

9.3CVSS6.5AI score0.00756EPSS
Exploits0References13
ICS
ICS
added 2026/03/26 12:0 a.m.8 views

Siemens SICAM 8 Products

SUMMARY Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - RTUM85 for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 -...

8.7CVSS5.9AI score0.00358EPSS
Exploits3References10
ICS
ICS
added 2026/03/24 6:0 a.m.8 views

Pharos Controls Mosaic Show Controller

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary commands with root privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.3CVSS6AI score0.00573EPSS
Exploits0References13
ICS
ICS
added 2026/03/19 5:0 a.m.8 views

IGL-Technologies eParking.fi

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
Total number of security vulnerabilities4251