Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2026/01/29 7:0 a.m.8 views

Rockwell Automation ArmorStart LT

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/01/29 12:30 a.m.8 views

ABB B&R PVI

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. An attacker who successfully exploited this vulnerability could read sensitive information in the logging data of the...

5.1CVSS5.8AI score0.00103EPSS
Exploits0References10
ICS
ICS
added 2026/01/27 12:0 a.m.8 views

Hitachi Energy FOX61x

SUMMARY Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to...

9CVSS5.6AI score0.14859EPSS
Exploits2References10
ICS
ICS
added 2026/01/27 12:0 a.m.8 views

Hitachi Energy XMC20

SUMMARY Hitachi Energy is aware of a vulnerability that affects XMC20 product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to the...

9CVSS5.8AI score0.14859EPSS
Exploits2References10
ICS
ICS
added 2026/01/22 7:0 a.m.8 views

AutomationDirect CLICK Programmable Logic Controller

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to impersonate users, escalate privileges, gain unauthorized access to systems and services, and decrypt sensitive data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the...

5.7AI score
Exploits0References12
ICS
ICS
added 2026/01/15 7:59 p.m.8 views

NOAA PMEL Live Access Server (LAS) command injection

RISK EVALUATION Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. 2. RECOMMENDED PRACTICES...

9.8CVSS8.3AI score0.01199EPSS
Exploits0References1
ICS
ICS
added 2026/01/13 12:0 a.m.8 views

Siemens SIMATIC and SIPLUS products

SUMMARY Siemens ET 200SP contains a denial-of-service vulnerability that could be triggered by sending a valid S7 protocol Disconnect Request COTP DR TPDU, causing the device to become unresponsive and require a power cycle to recover. Siemens has released new versions for several affected...

8.7CVSS6.9AI score0.00397EPSS
Exploits0References10
ICS
ICS
added 2026/01/13 12:0 a.m.8 views

Siemens RUGGEDCOM APE1808 Devices

SUMMARY Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not...

5.8AI score
Exploits0References10
ICS
ICS
added 2026/01/08 12:0 a.m.8 views

Ideagen DevonWay stored XSS

RISK EVALUATION Ideagen DevonWay contains a stored cross site scripting vulnerability. A remote, authenticated attacker could craft a payload in the 'Reports' page that executes when another user views the report. Fixed in 2.62.4 and 2.62 LTS. 2. RECOMMENDED PRACTICES Update to 2.62.4 or 2.62...

5.5CVSS5.8AI score0.00202EPSS
Exploits0References1
ICS
ICS
added 2025/12/18 7:0 a.m.8 views

Advantech WebAccess/SCADA

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated attacker to read or modify a remote database. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.6AI score
Exploits0References13
ICS
ICS
added 2025/12/18 7:0 a.m.8 views

Axis Communications Camera Station Pro, Camera Station, and Device Manager (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code, executing a man-in-middle style attack, or bypass authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

8.9AI score
Exploits0References11
ICS
ICS
added 2025/12/09 8:0 a.m.8 views

Schneider Electric EcoStruxure Foxboro DCS Advisor

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

9.8CVSS7.6AI score0.99962EPSS
Exploits24References11
ICS
ICS
added 2025/11/25 7:0 a.m.8 views

Rockwell Automation Arena Simulation

RISK EVALUATION Successful exploitation of this vulnerability could allow local attackers to execute arbitrary code on affected installations of Arena. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

7.3CVSS7.5AI score0.00153EPSS
Exploits0References13
ICS
ICS
added 2025/11/25 7:0 a.m.8 views

Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

6AI score
Exploits0References13
ICS
ICS
added 2025/11/20 7:0 a.m.8 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to deceive a legitimate user into running malicious scripts or redirecting them to malicious websites. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7AI score
Exploits0References13
ICS
ICS
added 2025/11/13 7:0 a.m.8 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take over accounts, steal credentials, redirect users to a malicious website, or bypass MFA. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

6.2AI score
Exploits0References13
ICS
ICS
added 2025/11/11 8:0 a.m.8 views

Schneider Electric PowerChute Serial Shutdown

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.8AI score
Exploits0References11
ICS
ICS
added 2025/11/06 7:0 a.m.8 views

Ubia Ubox (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely view camera feeds or modify settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.1CVSS5.5AI score0.0025EPSS
Exploits0References11
ICS
ICS
added 2025/11/04 7:0 a.m.8 views

Radiometrics VizAir

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to manipulate critical weather parameters and runway settings, mislead air traffic control and pilots, extract sensitive meteorological data, and cause significant disruption to airport operations, leading to...

10CVSS7.1AI score0.00751EPSS
Exploits0References11
ICS
ICS
added 2025/11/04 7:0 a.m.8 views

Fuji Electric Monitouch V-SFT-6 (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the accessed device; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive...

8.4CVSS8.1AI score0.00219EPSS
Exploits0References10
ICS
ICS
added 2025/11/04 7:0 a.m.8 views

Delta Electronics CNCSoft-G2

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to execute arbitrary code in the context of the current process. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

7.8CVSS7.5AI score0.00284EPSS
Exploits0References11
ICS
ICS
added 2025/11/03 12:30 a.m.8 views

ABB PCM600

SUMMARY An update is available that resolves vulnerability in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could insert and run arbitrary code in the system. 2. MITIGATING FACTORS Mitigating factors describe conditions and...

5.5CVSS6.7AI score0.08926EPSS
Exploits1References11
ICS
ICS
added 2025/10/30 6:0 a.m.8 views

Hitachi Energy TropOS

RISK EVALUATION Successful exploitation of these vulnerabilities could allow command injections and privilege escalation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for...

8AI score
Exploits0References13
ICS
ICS
added 2025/10/16 6:0 a.m.8 views

Rockwell Automation FactoryTalk Linx

RISK EVALUATION Successful exploitation of these vulnerabilities may allow full access to all files, processes, and system resources. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also...

8.5CVSS6.5AI score0.00176EPSS
Exploits0References10
ICS
ICS
added 2025/10/14 12:0 a.m.8 views

Siemens HyperLynx and Industrial Edge App Publisher

SUMMARY Multiple Siemens products are affected by a type confusion vulnerability in Google Chrome prior to 138.0.7204.96. This could allow a remote attacker to perform arbitrary code execution via a crafted HTML page. Siemens has released a new version for Industrial Edge App Publisher and...

8.1CVSS6.8AI score0.06564EPSS
Exploits5References10
ICS
ICS
added 2025/10/09 7:50 p.m.8 views

Newforma Project Center multiple vulnerabilities

RISK EVALUATION Newforma Project Center contains multiple vulnerabilities. In the worst case, successful exploitation could allow unauthenticated, remote code execution. 2. RECOMMENDED PRACTICES Follow updated hardening guides and upgrade to most recent version of Newforma Project Center. 3...

9.8CVSS8.2AI score0.00861EPSS
Exploits0References1
ICS
ICS
added 2025/09/30 6:0 a.m.8 views

Festo Controller CECC-S,-LK,-D Family Firmware (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash services, escalate privileges, bypass authentication, or gain unauthorized access to sensitive systems and data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

8.2AI score
Exploits0References10
ICS
ICS
added 2025/09/30 6:0 a.m.8 views

MegaSys Enterprises Telenium Online Web Application

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to inject arbitrary operating system commands through a crafted HTTP request, leading to remote code execution on the server in the security context of the web application service account. 2...

9.8CVSS8.2AI score0.01161EPSS
Exploits0References13
ICS
ICS
added 2025/09/23 6:0 a.m.8 views

Mitsubishi Electric MELSEC-Q Series CPU Module

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial of service DoS. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

6.8CVSS6.9AI score0.00952EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 6:0 a.m.8 views

Rockwell Automation FactoryTalk Activation Manager

RISK EVALUATION Successful exploitation of this vulnerability could result in in data exposure, session hijacking, or full communication compromise. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.7CVSS6.5AI score0.00341EPSS
Exploits0References10
ICS
ICS
added 2025/08/28 6:0 a.m.8 views

Mitsubishi Electric MELSEC iQ-F Series CPU Module

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read or write the device values of the product. In addition, the attacker may be able to stop the operation of the programs. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

7.3CVSS6.8AI score0.00428EPSS
Exploits0References10
ICS
ICS
added 2025/08/26 9:52 a.m.8 views

Remote Code Execution Vulnerability in Hitachi Energy Service Suite Product

SUMMARY Hitachi Energy is aware of a remote code execution vulnerability that affects the Oracle WebLogic component in the Service Suite product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability...

9.8CVSS8AI score0.94928EPSS
Exploits11References9
ICS
ICS
added 2025/08/12 12:0 a.m.8 views

Siemens SIPROTEC 4 and SIPROTEC 4 Compact

SUMMARY SIPROTEC 4 and SIPROTEC 4 Compact devices contain a vulnerability that could allow an unauthenticated remote attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is...

8.7CVSS7.7AI score0.00441EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.8 views

Siemens RUGGEDCOM ROX II

SUMMARY RUGGEDCOM ROX II devices do not properly limit access through their Built-In-Self-Test BIST mode. This could allow a local attacker to bypass authentication and access a root shell on the device. Siemens is preparing fix versions and recommends specific countermeasures for products where...

8.6CVSS7.3AI score0.00237EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.8 views

Siemens Third-Party Components in SINEC OS

SUMMARY SINEC OS before V3.2 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

7CVSS8.6AI score0.0041EPSS
Exploits0References10
ICS
ICS
added 2025/07/15 6:0 a.m.8 views

LITEON IC48A and IC80A EV Chargers

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information when accessing the Liteon EV chargers. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.7CVSS6.8AI score0.0036EPSS
Exploits0References10
ICS
ICS
added 2025/07/10 6:0 a.m.8 views

KUNBUS RevPi Webstatus

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to bypass authentication and gain unauthorized access to the application. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

9.8CVSS7.7AI score0.40725EPSS
Exploits2References10
ICS
ICS
added 2025/07/08 4:0 a.m.8 views

Schneider Electric EcoStruxure

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

5.3CVSS6.8AI score0.00271EPSS
Exploits0References11
ICS
ICS
added 2025/07/08 12:0 a.m.8 views

Siemens SIMATIC CN 4100

SUMMARY A vulnerability in SIMATIC CN 4100 could allow an attacker to cause a denial of service condition. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

7.1CVSS7.7AI score0.00323EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.8 views

Siemens TIA Project-Server and TIA Portal

SUMMARY A vulnerability in TIA Project Server and TIA Portal could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends...

5.3CVSS7.5AI score0.0027EPSS
Exploits0References10
ICS
ICS
added 2025/07/02 8:57 p.m.8 views

Versa Networks Versa Director multiple vulnerabilities

RISK EVALUATION Versa Networks Versa Director contains a variety of vulnerabilities. In the most severe cases, a remote, unauthenticated attacker could execute arbitrary code with administrative privileges. 2. RECOMMENDED PRACTICES Upgrade to fixed versions of Versa Director. See...

8.6AI score
Exploits0References5
ICS
ICS
added 2025/06/26 5:0 a.m.8 views

TrendMakers Sight Bulb Pro

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to capture sensitive information and execute arbitrary shell commands on the target device as root if connected to the local network segment. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform...

7.6CVSS6.8AI score0.00078EPSS
Exploits0References10
ICS
ICS
added 2025/06/24 12:0 a.m.8 views

Hitachi Energy Relion 670/650 and SAM600-IO Series

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Relion 670/650 and SAM600-IO series IED device versions that are listed in this document. An authenticated attacker successfully exploiting this vulnerability via FTP access can cause the device to reboot due to improper disk...

7.1CVSS5.7AI score0.00346EPSS
Exploits0References9
ICS
ICS
added 2025/06/12 6:0 a.m.8 views

AVEVA PI Connector for CygNet

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to persist arbitrary code in the administrative portal of the product or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

5.8AI score
Exploits0References10
ICS
ICS
added 2025/06/12 12:0 a.m.8 views

Siemens Mendix Studio Pro

SUMMARY Mendix Studio Pro contains a vulnerability in the module installation process, that could allow an attacker to write or modify arbitrary files in directories outside a developer’s project directory. Siemens has released new versions for several affected products and recommends to update...

6.1CVSS6.6AI score0.00395EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 12:0 a.m.8 views

Siemens SCALANCE and RUGGEDCOM

SUMMARY Several Industrial Communication Devices based on SINEC OS before V3.1 contain an incorrect authorization check vulnerability that could allow an attacker to perform actions that exceed the permissions of the "guest" role. Siemens has released new versions for the affected products and...

5.3CVSS5.1AI score0.00317EPSS
Exploits0References10
ICS
ICS
added 2025/06/03 6:0 a.m.8 views

Schneider Electric Wiser Home Automation

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Passwords should include upper case, lower case, number and special characters, a length of 20 characters is ideal. A default Admin password must be changed immediately when first received...

9.8CVSS7.3AI score0.00333EPSS
Exploits0References10
ICS
ICS
added 2025/05/29 6:0 a.m.8 views

Santesoft Sante DICOM Viewer Pro

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

8.4CVSS7.7AI score0.00177EPSS
Exploits0References10
ICS
ICS
added 2025/05/15 6:0 a.m.8 views

Schneider Electric EcoStruxure Power Build Rapsody

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

4.6CVSS7.6AI score0.00162EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.8 views

Siemens SIPROTEC and SICAM

SUMMARY This advisory documents the impact of CVE-2024-3596 also dubbed "Blastradius", a vulnerability in the RADIUS protocol, to SIPROTEC, SICAM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server the RADIUS client, e.g., a SICAM device...

9CVSS8.7AI score0.14859EPSS
Exploits2References10
Total number of security vulnerabilities4251