Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/03/11 4:0 a.m.8 views

Schneider Electric EcoStruxure Power Automation System

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS7.5AI score0.00497EPSS
Exploits0References11
ICS
ICS
added 2025/01/28 7:0 a.m.8 views

Rockwell Automation FactoryTalk

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code on the device with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

8.6CVSS8AI score0.00174EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 12:0 a.m.8 views

Schneider Electric EcoStruxure Power Build Rapsody

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

4.6CVSS7.7AI score0.00228EPSS
Exploits0References11
ICS
ICS
added 2025/01/14 12:0 a.m.8 views

Siemens SIPROTEC 5 Products

SUMMARY Affected SIPROTEC 5 devices do not properly limit the access of the web server to the filesystem. This could allow an authenticated remote attacker to read arbitrary files or the entire filesystem of the device. Siemens has released new versions for several affected products and...

7.1CVSS6.7AI score0.00593EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.8 views

Schneider Electric Harmony HMI and Pro-Face HMI Products

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.8CVSS7AI score0.00636EPSS
Exploits0References11
ICS
ICS
added 2024/11/20 6:33 p.m.8 views

Versa Networks Versa Director insecure default PostgreSQL configuration

RISK EVALUATION Versa Networks Versa Director, by default, configures PostgreSQL to listen on all network interfaces using database credentials shared by multiple installations. From Advising Vulnerability In Versa Director: "This combination allows an unauthenticated attacker to access and...

10CVSS7AI score0.00557EPSS
Exploits0References1
ICS
ICS
added 2024/11/14 7:0 a.m.8 views

Rockwell Automation Arena Input Analyzer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code on the program. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

7.3CVSS7.8AI score0.00249EPSS
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.8 views

2N Access Commander (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate their privileges, execute arbitrary code, or gain root access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.5AI score
Exploits0References10
ICS
ICS
added 2024/11/12 12:0 a.m.8 views

Siemens SCALANCE M-800 Family

SUMMARY SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...

9.6AI score
Exploits0References10
ICS
ICS
added 2024/11/07 7:0 a.m.8 views

Beckhoff Automation TwinCAT Package Manager

RISK EVALUATION Successful exploitation this vulnerability could allow a local attacker with administrative access rights to execute arbitrary OS commands on the affected system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

6.5CVSS7.4AI score0.00189EPSS
Exploits0References10
ICS
ICS
added 2024/10/08 4:0 a.m.8 views

Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update B)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.3CVSS6.9AI score0.00328EPSS
Exploits0References11
ICS
ICS
added 2024/10/08 12:0 a.m.8 views

Schneider Electric System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS7AI score0.00587EPSS
Exploits0References11
ICS
ICS
added 2024/09/10 4:3 p.m.8 views

TopQuadrant TopBraid EDG Insecure External Password Storage and XXE Vulnerabilities

RISK EVALUATION TopQuadrant TopBraid EDG stores credentials for external services insecurely and processes untrusted XML entities. An authenticated attacker could obtain credentials for remote services, read local files, or access URLs. 2. RECOMMENDED PRACTICES Upgrade to TopQuadrant TopBraid...

5CVSS6.9AI score0.00278EPSS
Exploits0References1
ICS
ICS
added 2024/06/11 12:30 p.m.8 views

Hitachi Energy FOX61x, FOXCST, and FOXMAN-UN Products

SUMMARY Hitachi Energy is aware of a vulnerability that affects the FOXMAN-UN/FOXCST versions listed below. If exploited an attacker could potentially intercept or falsify data exchanges between the client and the server. Please refer to the “Recommended Immediate Actions” for information about...

6.8CVSS6.9AI score0.00219EPSS
Exploits0References9
ICS
ICS
added 2011/06/10 12:0 a.m.8 views

Siemens SIMATIC S7-1200 CPU V1/V2 Devices

SUMMARY SIMATIC S7-1200 CPU V1/V2 controllers contain two vulnerabilities that could allow an unauthenticated remote attacker - to trigger functions by record and playback of legitimate network communication, or - to place the controller in stop/defect state by causing a communications error...

7.2AI score
Exploits0References10
ICS
ICS
added 2026/06/10 12:30 a.m.7 views

XZ Utils vulnerability impacting B&R Products

SUMMARY An update is available that resolves vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the product to stop or corrupt memory data. 2. FREQUENTLY ASKED QUESTIONS Could the vulnerability be...

8.7CVSS7AI score0.00647EPSS
Exploits0References11
ICS
ICS
added 2026/06/09 12:0 a.m.7 views

Siemens SIPROTEC 5 Using DIGSI5 Protocol

SUMMARY SIPROTEC 5 is vulnerable to arbitrary file uploads by authenticated users using the DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, potentially causing a permanent denial of service condition. As a mitigation measure, users of the CP050 and CP150...

6.9CVSS6.2AI score0.00186EPSS
Exploits0References10
ICS
ICS
added 2026/04/23 6:0 a.m.7 views

Yadea T5 Electric Bicycle

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker being able to unlock and start the bicycle, leading to vehicle theft. 2. RECOMMENDED PRACTICES CISA provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics...

7.3CVSS5.7AI score0.00275EPSS
Exploits0References10
ICS
ICS
added 2026/04/21 6:0 a.m.7 views

Silex Technology SD-330AC and AMC Manager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

6.1AI score
Exploits0References13
ICS
ICS
added 2026/04/16 6:0 a.m.7 views

AVEVA Pipeline Simulation

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.3CVSS5.8AI score0.00388EPSS
Exploits0References11
ICS
ICS
added 2026/04/16 6:0 a.m.7 views

Anviz Multiple Products

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or...

6.5AI score
Exploits0References11
ICS
ICS
added 2026/04/13 12:30 a.m.7 views

ABB Ability Symphony Plus Engineering

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. The ABB S+ Engineering product versions are affected by vulnerabilities in PostgreSQL version 13.11 and earlier versions. If an attacker gains access to a site’s S+ Client Server network, they...

8.4AI score
Exploits0References18
ICS
ICS
added 2026/04/09 6:0 a.m.7 views

Contemporary Controls BASC 20T

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated with the PLC, reconfigure, rename, delete, perform file transfers, and make remote procedure calls. 2. RECOMMENDED PRACTICES CISA recommends users...

9.8CVSS6AI score0.00443EPSS
Exploits0References13
ICS
ICS
added 2026/03/31 6:0 a.m.7 views

PX4 Autopilot

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with access to the MAVLink interface to execute arbitrary shell commands without cryptographic authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

9.8CVSS6.2AI score0.00926EPSS
Exploits0References13
ICS
ICS
added 2026/03/25 12:0 a.m.7 views

Nanoleaf Lines unauthenticated firmware file store

RISK EVALUATION Nanoleaf Lines 12.3.2 does not authenticate firmware file uploads. A remote, unauthenticated attacker can upload firmware files on the device and consume storage resources. 2. RECOMMENDED PRACTICES Update to 12.3.6. 3. DESCRIPTION Nanoleaf Lines 12.3.2 does not authenticate...

6.9CVSS5.9AI score0.0034EPSS
Exploits0References1
ICS
ICS
added 2026/03/23 8:0 a.m.7 views

WAGO GmbH & Co. KG Industrial Managed Switches

SUMMARY A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function. 2. IMPACT This could lead to a full System compromise of the affected devices. 3. REMEDIATION Please update your devices to the...

10CVSS5.8AI score0.00679EPSS
Exploits0References12
ICS
ICS
added 2026/03/19 6:0 a.m.7 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read, intercept, or modify communications. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.7CVSS5.8AI score0.00151EPSS
Exploits0References13
ICS
ICS
added 2026/03/17 5:2 p.m.7 views

Multiple IP-KVM Vulnerabilities

RISK EVALUATION Multiple KVM products GL-iNet GL-RM1, Angeet ES3 KVM, Sipeed NanoKVM, and JetKVM are affected by multiple vulnerabilities. The most severe of these vulnerabilities could allow a remote, unauthenticated attacker to take complete control of a vulnerable product. 2. RECOMMENDED...

7CVSS6.2AI score0.0016EPSS
Exploits0References1
ICS
ICS
added 2026/03/10 7:0 a.m.7 views

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

5.4CVSS6.2AI score0.00225EPSS
Exploits0References11
ICS
ICS
added 2026/03/10 7:0 a.m.7 views

Schneider Electric EcoStruxure Foxboro DCS

GENERAL SECURITY RECOMMENDATIONS Schneider Electric strongly recommends the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business...

7CVSS6.6AI score0.00315EPSS
Exploits0References11
ICS
ICS
added 2026/03/03 6:0 a.m.7 views

ePower epower.ie

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

6AI score
Exploits0References11
ICS
ICS
added 2026/02/26 7:0 a.m.7 views

Mobility46 mobility46.se

RISK EVALUATION Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.9AI score
Exploits0References11
ICS
ICS
added 2026/02/19 7:0 a.m.7 views

EnOcean SmartServer IoT

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and bypass ASLR. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

6.5AI score
Exploits0References13
ICS
ICS
added 2026/02/17 7:0 a.m.7 views

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to write arbitrary data beyond the bounds of a stack-allocated buffer, leading to the corruption of a structured exception handler SEH. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

9.8CVSS6.3AI score0.00532EPSS
Exploits0References10
ICS
ICS
added 2026/02/17 7:0 a.m.7 views

GE Vernova Enervista UR Setup

RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

2.9CVSS6.4AI score0.00229EPSS
Exploits0References11
ICS
ICS
added 2026/02/10 7:0 a.m.7 views

AVEVA PI to CONNECT Agent

RISK EVALUATION Successful exploitation of this vulnerability could result in an unauthorized access to the proxy server. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

6.5CVSS5.7AI score0.00112EPSS
Exploits0References11
ICS
ICS
added 2026/02/10 7:0 a.m.7 views

ZOLL ePCR IOS Mobile Application

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to protected health information PHI or device telemetry. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

6.7CVSS5.8AI score0.00172EPSS
Exploits0References13
ICS
ICS
added 2026/02/10 12:0 a.m.7 views

Siemens Polarion

SUMMARY Polarion before V2506 contains a vulnerability that could allow authenticated remote attackers to conduct cross-site scripting attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...

7.6CVSS5.6AI score0.00264EPSS
Exploits0References10
ICS
ICS
added 2026/02/05 7:0 a.m.7 views

o6 Automation GmbH Open62541

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition and memory corruption. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

6.8CVSS5.5AI score0.00343EPSS
Exploits0References13
ICS
ICS
added 2026/02/05 7:0 a.m.7 views

Mitsubishi Electric MELSEC iQ-R Series

RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial-of-service condition on the affected product. 2. RECOMMENDED PRACTICES CISA...

8.8CVSS5.4AI score0.00539EPSS
Exploits0References10
ICS
ICS
added 2026/02/03 7:0 a.m.7 views

Mitsubishi Electric FREQSHIP-mini for Windows

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to, modify, delete, or destroy information stored on the system where the affected product is installed, or cause a denial-of-service condition on the affected system. 2. RECOMMENDED...

8.8CVSS6.5AI score0.00148EPSS
Exploits0References12
ICS
ICS
added 2026/01/27 7:0 a.m.7 views

iba Systems ibaPDA

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthorized actions on the file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

10CVSS5.8AI score0.00409EPSS
Exploits0References13
ICS
ICS
added 2026/01/22 7:0 a.m.7 views

Weintek cMT X Series HMI EasyWeb Service

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a low-level user to alter privileges and gain full control to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

5.7AI score
Exploits0References13
ICS
ICS
added 2026/01/22 7:0 a.m.7 views

Hubitat Elevation Hubs

RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to escalate their privileges and control devices outside of their authorized scope. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

9.4CVSS5.7AI score0.00465EPSS
Exploits0References13
ICS
ICS
added 2026/01/20 7:0 a.m.7 views

Rockwell Automation Verve Asset Manager

RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to access sensitive information stored in variables within the ADI server. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

5.7AI score
Exploits0References13
ICS
ICS
added 2026/01/19 12:30 a.m.7 views

ABB B&R Automation Studio

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. Successful exploitation of this vulnerability may enable an attacker to masquerade as a trusted party when B&R Automation Studio establishes...

9.1CVSS5.8AI score0.00206EPSS
Exploits0References10
ICS
ICS
added 2026/01/13 7:0 a.m.7 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthorized sensitive database operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.7CVSS6.6AI score0.0038EPSS
Exploits0References11
ICS
ICS
added 2025/12/18 7:0 a.m.7 views

Inductive Automation Ignition

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to be granted direct SYSTEM-level code execution on the host operating system running the Ignition Gateway service on Windows systems. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

7.3CVSS7AI score0.00221EPSS
Exploits0References13
ICS
ICS
added 2025/12/18 12:0 a.m.7 views

BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities

RISK EVALUATION BullWall Ransomware Containment and Server Intrusion Protection are products used for ransomware containment. Multiple vulnerabilities were reported that when used individually or in conjunction could allow a remote attacker with valid credentials to log in to a system with...

8.8CVSS6.8AI score0.00326EPSS
Exploits0References1
ICS
ICS
added 2025/12/16 7:0 a.m.7 views

Mitsubishi Electric GT Designer3

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker obtain plaintext credentials from the project file for GT Designer3, which could result in illegally operating GOT2000 and GOT1000 series devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.1CVSS6.8AI score0.00081EPSS
Exploits0References11
Total number of security vulnerabilities4251