Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2022/06/14 12:0 a.m.124 views

Siemens Xpedition Designer

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.9AI score0.00201EPSS
Exploits0References12
ICS
ICS
added 2021/11/09 12:0 a.m.124 views

Siemens SCALANCE W1750D

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE W1750D Vulnerabilities: Improper Restriction of Operations Within the Bounds of a Memory Buffer, Command Injection, Path Traversal 2. UPDATE INFORMATION This updated advisory...

10CVSS8.9AI score0.02957EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.124 views

Siemens SIMATIC SmartVNC HMI WinCC Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC HMIs/WinCC Products Vulnerabilities: Access of Memory Location After End of Buffer, Improper Handling of Exceptional Conditions, Improper Restriction of Operations within the Bounds of a Memory...

9.8CVSS8.9AI score0.02538EPSS
Exploits0References11
ICS
ICS
added 2019/04/04 12:0 a.m.124 views

Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Stratix 5400/5410/5700/8000/8300, ArmorStratix 5700 Vulnerabilities: Resource Management Errors, Improper Input Validation 2. RISK EVALUATION Successful exploitation...

8.6CVSS8.5AI score0.04402EPSS
Exploits0References5
ICS
ICS
added 2024/03/12 12:0 a.m.123 views

Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.8CVSS9.8AI score0.12316EPSS
Exploits0References10
ICS
ICS
added 2020/02/25 12:0 a.m.123 views

Moxa MB3xxx Series Protocol Gateways

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow to Buffer Overflow,...

9.8CVSS9.4AI score0.03941EPSS
Exploits0References5
ICS
ICS
added 2017/04/27 12:0 a.m.123 views

GE Multilin SR, UR, and URplus Protective Relays (Update A)

CVSS v3 8.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: Multilin SR, UR, and URplus Protective Relays Vulnerabilities: Weak Cryptography for Passwords UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-117-01 GE...

9.8CVSS0.2AI score0.01281EPSS
Exploits0References27
ICS
ICS
added 2016/01/07 7:0 a.m.123 views

Pro-face GP-Pro EX HMI Vulnerabilities

OVERVIEW ZDI Zero Day Initiative has identified one information disclosure and two buffer overflow vulnerabilities, and independent researcher Jeremy Brown has identified hard-coded credentials in Pro-face’s GP-Pro EX HMI software. Pro-face has produced a module to mitigate these vulnerabilities...

8.8CVSS8.3AI score0.02332EPSS
Exploits0References10
ICS
ICS
added 2015/12/18 7:0 a.m.123 views

Honeywell XL Web Controller Directory Traversal Vulnerability

OVERVIEW Martin Jartelius of Outpost24 has identified a directory traversal vulnerability in Honeywell’s XL Web Controller. Honeywell has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following XLWeb controller versions...

10CVSS6.7AI score0.05612EPSS
Exploits2References10
ICS
ICS
added 2022/08/30 12:0 a.m.122 views

Mitsubishi Electric Multiple Factory Automation Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2...

10CVSS10AI score0.83223EPSS
Exploits7References4
ICS
ICS
added 2021/10/07 12:0 a.m.122 views

InHand Networks IR615 Router (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: InHand Networks Equipment: IR615 Router Vulnerabilities: Improper Restriction of Rendered UI Layers or Frames, Improper Authorization, Cross-site Request Forgery, Inadequate Encryption Strength, Imprope...

9.8CVSS9.6AI score0.02597EPSS
Exploits0References5
ICS
ICS
added 2021/03/09 12:0 a.m.122 views

Siemens Solid Edge File Parsing

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Improper Restriction of XML External Entity Reference, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

7.8CVSS7.6AI score0.01478EPSS
Exploits0References11
ICS
ICS
added 2020/08/27 12:0 a.m.122 views

Red Lion N-Tron 702-W, 702M12-W

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: N-Tron 702-W / 702M12-W Vulnerabilities: Reflected Cross-site Scripting, Stored Cross-site Scripting, Cross-site Request Forgery, Hidden Functionality, Use of Unmaintained...

10CVSS10AI score0.05492EPSS
Exploits4References5
ICS
ICS
added 2023/09/12 12:0 a.m.120 views

Siemens RUGGEDCOM APE1808 Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.5CVSS8.3AI score0.00178EPSS
Exploits0References12
ICS
ICS
added 2023/06/14 12:0 p.m.120 views

Understanding Ransomware Threat Actors: LockBit

SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services, food...

10CVSS9.5AI score0.99999EPSS
Exploits623References188
ICS
ICS
added 2021/11/04 12:0 a.m.120 views

VISAM VBASE Editor

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: VISAM Equipment: VBASE Vulnerabilities: Improper Access Control, Cross-site Scripting, Improper Restriction of XML External Entity Reference, Using Components with Known Vulnerabilities 2. RISK...

7.5CVSS7.8AI score0.00668EPSS
Exploits0References5
ICS
ICS
added 2021/10/05 12:0 a.m.120 views

Honeywell Experion PKS and ACE Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Relative Path Traversal, Improper...

10CVSS9.6AI score0.00875EPSS
Exploits1References5
ICS
ICS
added 2021/04/13 12:0 a.m.120 views

ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR/SiVMS Video Server Vulnerabilities: Cleartext Storage in a File or on Disk, Path Traversal, Improper Input Validation, Weak Cryptography for Passwords 2. UPDATE...

9.9CVSS7.5AI score0.02735EPSS
Exploits0References12
ICS
ICS
added 2020/09/08 12:0 a.m.120 views

Siemens Industrial Products (Update F)

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Siemens Industrial Products containing certain processors Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

5.5CVSS7.3AI score0.0054EPSS
Exploits0References11
ICS
ICS
added 2019/10/24 12:0 a.m.120 views

Philips IntelliSpace Perinatal

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: IntelliSpace Perinatal Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker unauthorized access to system...

7.2CVSS6.8AI score0.00404EPSS
Exploits0References5
ICS
ICS
added 2019/08/27 12:0 a.m.120 views

Delta Controls enteliBUS Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Controls Equipment: enteliBUS Controllers Vulnerability: Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker on the same network to gain...

9.8CVSS10AI score0.04737EPSS
Exploits1References4
ICS
ICS
added 2015/12/06 7:0 a.m.120 views

Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability

OVERVIEW The “GHOST"Further information about the GHOST vulnerability: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235, web site last accessed March 05, 2015. vulnerability in the glibc library affects the Siemens SINUMERIK and SIMATIC HMI Basic applications. Siemens has produced an...

10CVSS7.2AI score0.94859EPSS
Exploits29References10
ICS
ICS
added 2020/12/01 12:0 p.m.119 views

Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of...

10CVSS9.4AI score0.99999EPSS
Exploits202References74
ICS
ICS
added 2020/10/22 12:0 a.m.119 views

B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low and high skill level to exploit Vendor: B. Braun Melsungen AG Equipment: SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus Vulnerabilities : Cross-site Scripting, Open Redirect, XPath Injection, Session Fixation,...

9CVSS8.8AI score0.01806EPSS
Exploits0References5
ICS
ICS
added 2019/09/10 12:0 a.m.119 views

ICSA-19-260-02 Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Information Exposure, Cross-Site Request Forgery, Use of Password Hash with Insufficient...

9.8CVSS6.6AI score0.01514EPSS
Exploits0References9
ICS
ICS
added 2018/06/12 12:0 a.m.119 views

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update D)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from the same local network segment OSI Layer 2 Vendor: Siemens Equipment: SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C Vulnerability: Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a...

8.8CVSS9.3AI score0.00954EPSS
Exploits0References9
ICS
ICS
added 2016/10/13 12:0 a.m.119 views

Kabona AB WDC Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-17-287-07 Kabona AB WDC Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. Martin Jartelius and John Stock of Outpost 24 have identified vulnerabilities in Kabona AB’s...

9.8CVSS0.6AI score0.02275EPSS
Exploits0References19
ICS
ICS
added 2015/11/20 7:0 a.m.119 views

Yokogawa HART Device DTM Vulnerability

OVERVIEW Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library utilized in Yokogawa’s HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which both companies have begun t...

2.1CVSS6.7AI score0.00374EPSS
Exploits0References10
ICS
ICS
added 2024/07/08 12:0 p.m.118 views

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, the United States Cybersecurity and Infrastructure Security Agency CISA, the United States National Security Agency NSA, the United States Federal Bureau of Investigati...

10CVSS10AI score0.99999EPSS
Exploits412References115
ICS
ICS
added 2022/07/21 12:0 a.m.118 views

ABB Drive Composer, Automation Builder, Mint Workbench

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ABB Equipment: Drive Composer, Automation Builder, Mint Workbench Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3...

7.8CVSS8AI score0.00315EPSS
Exploits0References5
ICS
ICS
added 2019/10/29 12:0 a.m.118 views

PHOENIX CONTACT Automation Worx Software Suite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the availability, integrity, or...

7.8CVSS7.8AI score0.03306EPSS
Exploits0References5
ICS
ICS
added 2014/01/08 12:0 p.m.118 views

Stuxnet Malware Mitigation (Update B)

Overview In July, ICS-CERT published an advisory and a series of updates regarding the Stuxnet malware entitled “ICSA-10-201 USB Malware Targeting Siemens Control Software.” Since then, ICS-CERT has continued analysis of the Stuxnet malware in an effort to determine more about its capabilities an...

8.7AI score
Exploits0References22
ICS
ICS
added 2013/12/27 7:0 a.m.118 views

Siemens CP 1604 and CP 1616 Improper Access Control

Overview This advisory provides mitigation details for a vulnerability that impacts the Siemens CP 1604 and CP 1616 communication modules. Siemens has identified a vulnerability in the debugging interface of the CP 1604 and CP 1616 communications modules. Independent researchers Christopher...

10CVSS7.8AI score0.0592EPSS
Exploits0References10
ICS
ICS
added 2023/01/12 12:0 a.m.117 views

SAUTER Controls Nova 200 - 220 Series (PLC 6)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: Nova 200–220 Series PLC 6 Vulnerabilities: Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful...

9.8CVSS9.2AI score0.0071EPSS
Exploits0References4
ICS
ICS
added 2022/09/08 12:0 p.m.117 views

#StopRansomware: Vice Society

Note: This joint Cybersecurity Advisory CSA is part of an ongoing StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These StopRansomware advisories include recently and historically observed tactics, techniques,...

9.3CVSS10AI score0.99759EPSS
Exploits75References56
ICS
ICS
added 2022/06/10 12:0 p.m.117 views

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Summary Best Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China PRC state-sponsored...

10CVSS10AI score0.99999EPSS
Exploits140References117
ICS
ICS
added 2021/09/14 12:0 a.m.117 views

Siemens SINEC NMS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS Vulnerabilities: Path Traversal, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to manipulate the...

8.8CVSS8.9AI score0.3738EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.117 views

Siemens SNMP Implementation of WinCC Runtime

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SNMP Implementation of WinCC Runtime Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the SNMP service and require a...

5.3CVSS5.6AI score0.0102EPSS
Exploits0References11
ICS
ICS
added 2019/06/27 12:0 a.m.117 views

ABB PB610 Panel Builder 600

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: PB610 Panel Builder 600 Vulnerabilities: Use of Hard-coded Credentials, Improper Authentication, Relative Path Traversal, Improper Input Validation, Stack-based Buffer Overflow 2. RISK EVALUATION An...

8.8CVSS9.2AI score0.52093EPSS
Exploits13References5
ICS
ICS
added 2019/04/16 12:0 a.m.117 views

PLC Cycle Time Influences (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO Equipment: Programmable Logic Controllers Vulnerability: Uncontrolled Resource Consumption 2. UPDATE...

7.5CVSS7.9AI score0.03671EPSS
Exploits0References5
ICS
ICS
added 2019/03/05 12:0 a.m.117 views

Rockwell Automation RSLinx Classic

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: RSLinx Classic Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute...

9.8CVSS9.8AI score0.50031EPSS
Exploits0References5
ICS
ICS
added 2018/07/31 12:0 a.m.117 views

AVEVA InTouch Access Anywhere

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: AVEVA Software, LLC AVEVA Equipment: InTouch Access Anywhere Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability may allow attackers to obtain...

6.1CVSS7.5AI score0.29726EPSS
Exploits2References5
ICS
ICS
added 2020/11/17 12:0 a.m.116 views

Real Time Automation EtherNet/IP

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Real Time Automation RTA Equipment: 499ES EtherNet/IP ENIP Adaptor Source Code Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could...

9.8CVSS10AI score0.029EPSS
Exploits0References5
ICS
ICS
added 2020/03/24 12:0 a.m.116 views

VISAM Automation Base (VBASE) (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: VISAM Equipment: VBASE Vulnerabilities: Relative Path Traversal, Incorrect Default Permissions, Inadequate Encryption Strength, Insecure Storage of Sensitive Information, Stack-based Buffer Overflow...

9.8CVSS9.4AI score0.02515EPSS
Exploits0References5
ICS
ICS
added 2019/06/11 12:0 a.m.116 views

Siemens LOGO!8 Devices

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO!8 devices Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation 2. RISK EVALUATION Successful exploitation of these...

8.8CVSS8.5AI score0.01599EPSS
Exploits0References9
ICS
ICS
added 2014/10/24 6:0 a.m.116 views

Rockwell RSLogix 5000 Password Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on January 21, 2014, and is now being released to the NCCIC/ICS-CERT Web site. Independent researcher Stephen Dunlap has identified a password vulnerability in the Rockwell Automation RSLogix 5000 software. Rockwell...

6.9CVSS5.9AI score0.00563EPSS
Exploits0References10
ICS
ICS
added 2022/06/21 12:0 a.m.115 views

Siemens WinCC OA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC OA Vulnerability: Use of Client-side Authentication CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational...

9.8CVSS10AI score0.01174EPSS
Exploits0References11
ICS
ICS
added 2022/04/19 12:0 a.m.115 views

FANUC ROBOGUIDE Simulation Platform

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: FANUC Corporation / FANUC America Corporation Equipment: ROBOGUIDE Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Improper Access Control, Path Traversal, Improper Restriction o...

7CVSS7.2AI score0.0084EPSS
Exploits0References5
ICS
ICS
added 2021/05/13 12:0 a.m.115 views

Johnson Controls Sensormatic Tyco AI

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Tyco AI Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local attacker could use this vulnerability to obtain super-user access to the underlying...

7.8CVSS8AI score0.99295EPSS
Exploits81References4
ICS
ICS
added 2019/01/03 12:0 a.m.115 views

Yokogawa Vnet/IP Open Communication Driver

1. EXECUTIVE SUMMARY CVSS v7.5 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Yokogawa Equipment: Vnet/IP Open Communication Driver Vulnerability: Resource Management Error 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause...

7.5CVSS7.7AI score0.03342EPSS
Exploits0References5
Total number of security vulnerabilities4251