4251 matches found
Siemens Xpedition Designer
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SCALANCE W1750D
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE W1750D Vulnerabilities: Improper Restriction of Operations Within the Bounds of a Memory Buffer, Command Injection, Path Traversal 2. UPDATE INFORMATION This updated advisory...
Siemens SIMATIC SmartVNC HMI WinCC Products (Update B)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC HMIs/WinCC Products Vulnerabilities: Access of Memory Location After End of Buffer, Improper Handling of Exceptional Conditions, Improper Restriction of Operations within the Bounds of a Memory...
Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Stratix 5400/5410/5700/8000/8300, ArmorStratix 5700 Vulnerabilities: Resource Management Errors, Improper Input Validation 2. RISK EVALUATION Successful exploitation...
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Moxa MB3xxx Series Protocol Gateways
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow to Buffer Overflow,...
GE Multilin SR, UR, and URplus Protective Relays (Update A)
CVSS v3 8.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: Multilin SR, UR, and URplus Protective Relays Vulnerabilities: Weak Cryptography for Passwords UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-117-01 GE...
Pro-face GP-Pro EX HMI Vulnerabilities
OVERVIEW ZDI Zero Day Initiative has identified one information disclosure and two buffer overflow vulnerabilities, and independent researcher Jeremy Brown has identified hard-coded credentials in Pro-face’s GP-Pro EX HMI software. Pro-face has produced a module to mitigate these vulnerabilities...
Honeywell XL Web Controller Directory Traversal Vulnerability
OVERVIEW Martin Jartelius of Outpost24 has identified a directory traversal vulnerability in Honeywell’s XL Web Controller. Honeywell has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following XLWeb controller versions...
Mitsubishi Electric Multiple Factory Automation Products (Update B)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2...
InHand Networks IR615 Router (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: InHand Networks Equipment: IR615 Router Vulnerabilities: Improper Restriction of Rendered UI Layers or Frames, Improper Authorization, Cross-site Request Forgery, Inadequate Encryption Strength, Imprope...
Siemens Solid Edge File Parsing
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Improper Restriction of XML External Entity Reference, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
Red Lion N-Tron 702-W, 702M12-W
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: N-Tron 702-W / 702M12-W Vulnerabilities: Reflected Cross-site Scripting, Stored Cross-site Scripting, Cross-site Request Forgery, Hidden Functionality, Use of Unmaintained...
Siemens RUGGEDCOM APE1808 Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Understanding Ransomware Threat Actors: LockBit
SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services, food...
VISAM VBASE Editor
1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: VISAM Equipment: VBASE Vulnerabilities: Improper Access Control, Cross-site Scripting, Improper Restriction of XML External Entity Reference, Using Components with Known Vulnerabilities 2. RISK...
Honeywell Experion PKS and ACE Controllers
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Relative Path Traversal, Improper...
ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR/SiVMS Video Server Vulnerabilities: Cleartext Storage in a File or on Disk, Path Traversal, Improper Input Validation, Weak Cryptography for Passwords 2. UPDATE...
Siemens Industrial Products (Update F)
1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Siemens Industrial Products containing certain processors Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. UPDATE INFORMATION This updated advisory is a follow-up to the...
Philips IntelliSpace Perinatal
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: IntelliSpace Perinatal Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker unauthorized access to system...
Delta Controls enteliBUS Controllers
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Controls Equipment: enteliBUS Controllers Vulnerability: Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker on the same network to gain...
Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability
OVERVIEW The “GHOST"Further information about the GHOST vulnerability: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235, web site last accessed March 05, 2015. vulnerability in the glibc library affects the Siemens SINUMERIK and SIMATIC HMI Basic applications. Siemens has produced an...
Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets
Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of...
B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low and high skill level to exploit Vendor: B. Braun Melsungen AG Equipment: SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus Vulnerabilities : Cross-site Scripting, Open Redirect, XPath Injection, Session Fixation,...
ICSA-19-260-02 Siemens SINEMA Remote Connect Server
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Information Exposure, Cross-Site Request Forgery, Use of Password Hash with Insufficient...
Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update D)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from the same local network segment OSI Layer 2 Vendor: Siemens Equipment: SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C Vulnerability: Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a...
Kabona AB WDC Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-17-287-07 Kabona AB WDC Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. Martin Jartelius and John Stock of Outpost 24 have identified vulnerabilities in Kabona AB’s...
Yokogawa HART Device DTM Vulnerability
OVERVIEW Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library utilized in Yokogawa’s HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which both companies have begun t...
People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action
Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, the United States Cybersecurity and Infrastructure Security Agency CISA, the United States National Security Agency NSA, the United States Federal Bureau of Investigati...
ABB Drive Composer, Automation Builder, Mint Workbench
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ABB Equipment: Drive Composer, Automation Builder, Mint Workbench Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3...
PHOENIX CONTACT Automation Worx Software Suite
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the availability, integrity, or...
Stuxnet Malware Mitigation (Update B)
Overview In July, ICS-CERT published an advisory and a series of updates regarding the Stuxnet malware entitled “ICSA-10-201 USB Malware Targeting Siemens Control Software.” Since then, ICS-CERT has continued analysis of the Stuxnet malware in an effort to determine more about its capabilities an...
Siemens CP 1604 and CP 1616 Improper Access Control
Overview This advisory provides mitigation details for a vulnerability that impacts the Siemens CP 1604 and CP 1616 communication modules. Siemens has identified a vulnerability in the debugging interface of the CP 1604 and CP 1616 communications modules. Independent researchers Christopher...
SAUTER Controls Nova 200 - 220 Series (PLC 6)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: Nova 200–220 Series PLC 6 Vulnerabilities: Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful...
#StopRansomware: Vice Society
Note: This joint Cybersecurity Advisory CSA is part of an ongoing StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These StopRansomware advisories include recently and historically observed tactics, techniques,...
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
Summary Best Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China PRC state-sponsored...
Siemens SINEC NMS
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS Vulnerabilities: Path Traversal, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to manipulate the...
Siemens SNMP Implementation of WinCC Runtime
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SNMP Implementation of WinCC Runtime Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the SNMP service and require a...
ABB PB610 Panel Builder 600
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: PB610 Panel Builder 600 Vulnerabilities: Use of Hard-coded Credentials, Improper Authentication, Relative Path Traversal, Improper Input Validation, Stack-based Buffer Overflow 2. RISK EVALUATION An...
PLC Cycle Time Influences (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO Equipment: Programmable Logic Controllers Vulnerability: Uncontrolled Resource Consumption 2. UPDATE...
Rockwell Automation RSLinx Classic
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: RSLinx Classic Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute...
AVEVA InTouch Access Anywhere
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: AVEVA Software, LLC AVEVA Equipment: InTouch Access Anywhere Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability may allow attackers to obtain...
Real Time Automation EtherNet/IP
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Real Time Automation RTA Equipment: 499ES EtherNet/IP ENIP Adaptor Source Code Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could...
VISAM Automation Base (VBASE) (Update B)
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: VISAM Equipment: VBASE Vulnerabilities: Relative Path Traversal, Incorrect Default Permissions, Inadequate Encryption Strength, Insecure Storage of Sensitive Information, Stack-based Buffer Overflow...
Siemens LOGO!8 Devices
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO!8 devices Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation 2. RISK EVALUATION Successful exploitation of these...
Rockwell RSLogix 5000 Password Vulnerability
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on January 21, 2014, and is now being released to the NCCIC/ICS-CERT Web site. Independent researcher Stephen Dunlap has identified a password vulnerability in the Rockwell Automation RSLogix 5000 software. Rockwell...
Siemens WinCC OA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC OA Vulnerability: Use of Client-side Authentication CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational...
FANUC ROBOGUIDE Simulation Platform
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: FANUC Corporation / FANUC America Corporation Equipment: ROBOGUIDE Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Improper Access Control, Path Traversal, Improper Restriction o...
Johnson Controls Sensormatic Tyco AI
1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Tyco AI Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local attacker could use this vulnerability to obtain super-user access to the underlying...
Yokogawa Vnet/IP Open Communication Driver
1. EXECUTIVE SUMMARY CVSS v7.5 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Yokogawa Equipment: Vnet/IP Open Communication Driver Vulnerability: Resource Management Error 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause...