Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/12/18 12:0 a.m.7 views

BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities

RISK EVALUATION BullWall Ransomware Containment and Server Intrusion Protection are products used for ransomware containment. Multiple vulnerabilities were reported that when used individually or in conjunction could allow a remote attacker with valid credentials to log in to a system with...

8.8CVSS6.8AI score0.00326EPSS
Exploits0References1
ICS
ICS
added 2025/12/16 7:0 a.m.7 views

Mitsubishi Electric GT Designer3

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker obtain plaintext credentials from the project file for GT Designer3, which could result in illegally operating GOT2000 and GOT1000 series devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

5.1CVSS6.8AI score0.00081EPSS
Exploits0References11
ICS
ICS
added 2025/12/16 7:0 a.m.7 views

Güralp Systems Fortimus Series, Minimus Series, and Certimus Series

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

6.9CVSS6.9AI score0.0034EPSS
Exploits0References11
ICS
ICS
added 2025/12/12 8:27 p.m.7 views

CISA Software Acquisition Guide Supplier Response Web Tool XSS

RISK EVALUATION The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The...

6.1CVSS6AI score0.00162EPSS
Exploits0References1
ICS
ICS
added 2025/12/11 7:0 a.m.7 views

Johnson Controls iSTAR Ultra

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.2AI score
Exploits0References11
ICS
ICS
added 2025/12/11 7:0 a.m.7 views

Varex Imaging Panoramic Dental Imaging Software

RISK EVALUATION Successful exploitation of this vulnerability could allow a standard user to obtain NT Authority/SYSTEM privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.8CVSS6.7AI score0.00494EPSS
Exploits1References11
ICS
ICS
added 2025/12/09 7:0 a.m.7 views

Universal Boot Loader (U-Boot) (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

7.6CVSS7.5AI score0.00248EPSS
Exploits0References11
ICS
ICS
added 2025/12/09 12:0 a.m.7 views

Siemens SINEC Security Monitor

SUMMARY SINEC Security Monitor before V4.10.0 contains multiple vulnerabilities. Siemens has released a new version for SINEC Security Monitor and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...

6.5AI score
Exploits0References10
ICS
ICS
added 2025/12/09 12:0 a.m.7 views

Siemens Gridscale X Prepay

SUMMARY Gridscale X Prepay contains multiple vulnerabilities that could allow an attacker to enumerate valid user names and to bypass locked-out user sessions. Siemens has released a new version for Gridscale X Prepay and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS...

7AI score
Exploits0References10
ICS
ICS
added 2025/12/09 12:0 a.m.7 views

Siemens Advanced Licensing (SALT) Toolkit

SUMMARY Multiple Siemens products are affected by improper certificate validation in Siemens Advanced Licensing SALT Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for several affected products and recommends...

9.2CVSS6.8AI score0.00239EPSS
Exploits0References10
ICS
ICS
added 2025/12/04 7:0 a.m.7 views

Sunbird DCIM dcTrack and Power IQ

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access or steal credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.4AI score
Exploits0References13
ICS
ICS
added 2025/12/04 7:0 a.m.7 views

Mitsubishi Electric GX Works2

RISK EVALUATION Successful exploitation of this vulnerability could open project files protected by user authentication using disclosed credential information, and obtain or modify project information. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk...

5.5CVSS6.5AI score0.00092EPSS
Exploits0References10
ICS
ICS
added 2025/12/04 7:0 a.m.7 views

SolisCloud Monitoring Platform

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information by manipulating API requests. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.3CVSS6.6AI score0.00227EPSS
Exploits0References13
ICS
ICS
added 2025/12/02 7:0 a.m.7 views

Mirion Medical EC2 Software NMIS BioDose

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to modify program executables, gain access to sensitive information, gain unauthorized access to the application, and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

8.4AI score
Exploits0References13
ICS
ICS
added 2025/11/25 6:0 a.m.7 views

Opto 22 groov View

RISK EVALUATION Successful exploitation of this vulnerability could result in credential exposure, key exposure, and privilege escalation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.6CVSS6.8AI score0.00236EPSS
Exploits0References11
ICS
ICS
added 2025/11/20 7:0 a.m.7 views

Emerson Appleton UPSMON-PRO

RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS7.9AI score0.01699EPSS
Exploits0References11
ICS
ICS
added 2025/11/13 7:0 a.m.7 views

*Rockwell Automation AADvance-Trusted SIS Workstation *

RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...

9.8CVSS6.4AI score0.02061EPSS
Exploits0References11
ICS
ICS
added 2025/11/13 7:0 a.m.7 views

Siemens Spectrum Power 4

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute code as application administrator or locally execute code as operating system administrator. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8AI score
Exploits0References13
ICS
ICS
added 2025/11/13 7:0 a.m.7 views

Brightpick Mission Control / Internal Logic Control (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in the exposure of sensitive information and the manipulation of critical functions by an attacker. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

7.1CVSS5.8AI score0.00233EPSS
Exploits0References11
ICS
ICS
added 2025/11/11 12:0 a.m.7 views

Siemens Software Center and Solid Edge

SUMMARY Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest...

8.5CVSS7.7AI score0.00158EPSS
Exploits0References10
ICS
ICS
added 2025/11/11 12:0 a.m.7 views

Siemens LOGO! 8 BM Devices

SUMMARY LOGO! 8 BM incl. SIPLUS variants contains multiple vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state, or change the behavior of the device. Siemens is preparing fix versions and recommends specific countermeasures for...

7.5AI score
Exploits0References10
ICS
ICS
added 2025/10/31 4:57 p.m.7 views

ELOG multiple vulnerabilities

RISK EVALUATION ELOG the Electronic Logbook package contains multiple vulnerabilities. Regardless of configuration, low-privileged attackers can modify user profiles, escalate privileges, and deny access to ELOG. If the execute facility is specifically enabled with the "-x" command line flag,...

8.6CVSS7.4AI score0.00291EPSS
Exploits0References1
ICS
ICS
added 2025/10/23 12:0 a.m.7 views

Frontier Airlines website publicly available email address validation

RISK EVALUATION The Frontier Airlines website has a publicly available endpoint that validates if an email addresses is associated with an account. An unauthenticated, remote attacker could determine valid email addresses, possibly aiding in further attacks. 2. RECOMMENDED PRACTICES Use a...

6.9CVSS7.1AI score0.00303EPSS
Exploits0References1
ICS
ICS
added 2025/10/22 6:45 p.m.7 views

IBM DOORS Next Generation multiple vulnerabilities

RISK EVALUATION IBM Engineering Requirements Management DOORS contains multiple vulnerabilities that require authentication. These vulnerabilities include the ability to cause an application denial of service and JavaScript execution in the victim's browser through stored cross site scripting...

6.5AI score
Exploits0References1
ICS
ICS
added 2025/10/16 4:43 p.m.7 views

OPEXUS FOIAXpress unauthenticated administrator password reset

RISK EVALUATION OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password and gain full administrative access to a vulnerable system. 2. RECOMMENDED PRACTICES Update to FOIAXpress version 11.13.2.0 or later. 3. DESCRIPTION OPEXUS FOIAXpress allows a remote,...

9.8CVSS6.9AI score0.00672EPSS
Exploits0References1
ICS
ICS
added 2025/10/14 6:0 a.m.7 views

Rockwell Automation 1715 EtherNet/IP Comms Module

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause the web server to crash, requiring a restart to recover. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

6.6AI score
Exploits0References13
ICS
ICS
added 2025/10/14 12:0 a.m.7 views

Siemens SINEC NMS

SUMMARY SINEC NMS is affected by SQL injection vulnerability that could allow an authenticated low privileged attacker to exploit by inserting malicious data and achieve privilege escalation. Siemens has released a new version for SINEC NMS and recommends to update to the latest version. 2...

8.8CVSS7.6AI score0.00346EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 6:0 a.m.7 views

Rockwell Automation ThinManager

RISK EVALUATION Successful exploitation of this vulnerability could expose the ThinServer service account NTLM hash. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

8.8CVSS6.6AI score0.00431EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 4:0 a.m.7 views

Schneider Electric Altivar Products, ATVdPAC Module, ILC992 InterLink Converter (Update B)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

5.3CVSS5.9AI score0.00399EPSS
Exploits0References11
ICS
ICS
added 2025/08/28 6:0 a.m.7 views

GE Vernova CIMPLICITY

RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

5.3CVSS6.9AI score0.00339EPSS
Exploits0References10
ICS
ICS
added 2025/08/26 6:0 a.m.7 views

INVT VT-Designer and HMITool

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code in the context of the current process. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

7.8CVSS8AI score0.00205EPSS
Exploits0References10
ICS
ICS
added 2025/08/14 6:0 a.m.7 views

Rockwell FactoryTalk Linx

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to to create, update, and delete FTLinx drivers. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

9.1CVSS7.2AI score0.00479EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens SINEC Traffic Analyzer

SUMMARY SINEC Traffic Analyzer before V3.0 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are...

8.8CVSS7.3AI score0.01061EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens Web Installer

SUMMARY The installers used to install several Siemens products are affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected installer component. This vulnerability poses a risk only...

8.5CVSS7.5AI score0.00206EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their...

2.4CVSS7AI score0.00197EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens RUGGEDCOM ROX II

SUMMARY RUGGEDCOM ROX II devices does not properly enforce limitations on type and size of files that can be uploaded through their web interface. This could allow an attacker with a legitimate, highly privileged account on the web interface to upload arbitrary files onto the filesystem of the...

5.1CVSS7.3AI score0.00292EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens SICAM Q100/Q200

SUMMARY SICAM Q100 and Q200 devices are affected by two information disclosure vulnerabilities that could allow an authenticated local attacker to extract the SMTP account password and use the configured SMTP service for arbitrary purposes. Siemens has released new versions for the affected...

7.2AI score
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.7 views

Rockwell Automation Arena

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

8.4CVSS8AI score0.00261EPSS
Exploits0References10
ICS
ICS
added 2025/08/04 6:0 a.m.7 views

Honeywell OneWireless Wireless Device Manager (WDM)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in information exposure, denial of service, or remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

8.6CVSS7.8AI score0.00423EPSS
Exploits0References10
ICS
ICS
added 2025/07/31 5:1 p.m.7 views

OPEXUS FOIAXpress Public Access Link (PAL) multiple vulnerabilities

RISK EVALUATION Multiple vulnerabilities could allow unauthenticated attackers to bypass rate-limiting measures for login attempts, or check for the existence of other users. Low-privileged users can modify certain site content without authorization. 2. RECOMMENDED PRACTICES Upgrade to OPEXUS...

7.5CVSS6.6AI score0.00534EPSS
Exploits0References1
ICS
ICS
added 2025/07/24 6:0 a.m.7 views

Network Thermostat X-Series WiFi Thermostats

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

9.8CVSS7AI score0.00463EPSS
Exploits0References10
ICS
ICS
added 2025/07/17 6:0 a.m.7 views

Leviton AcquiSuite and Energy Monitoring Hub

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to craft a malicious payload in URL parameters that would get executed in a client browser when accessed by a user, steal session tokens and control the service. 2. RECOMMENDED PRACTICES CISA recommends users...

9.3CVSS6.1AI score0.0033EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.7 views

Siemens SINEC NMS

SUMMARY Siemens SINEC NMS before V4.0 is affected by multiple vulnerabilities which could allow an attacker to elevate privilege and exceute arbitrary code. Siemens has released a new version for SINEC NMS and recommends to update to the latest version. Siemens is preparing further fix versions...

9.2AI score
Exploits0References10
ICS
ICS
added 2025/07/03 12:30 a.m.7 views

ABB RMC-100 (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain unauthenticated access to the MQTT configuration data, cause a denial-of-service condition on the MQTT configuration web server REST interface, or decrypt encrypted MQTT broker credentials. 2...

8.2CVSS6AI score0.00326EPSS
Exploits0References10
ICS
ICS
added 2025/06/24 12:30 p.m.7 views

Hitachi Energy MSM

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2020-11022 that affects MSM versions as listed below. If an attacker successfully exploits this vulnerability, it could impact the confidentiality, integrity or availability of MSM. Please consult the Recommended Immediate Actions Section...

6.9CVSS7.1AI score0.99019EPSS
Exploits7References9
ICS
ICS
added 2025/06/24 6:0 a.m.7 views

Kaleris Navis N4 Terminal Operating System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely exploit the operating system, achieve remote code execution, or extract sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.6AI score
Exploits0References10
ICS
ICS
added 2025/06/24 6:0 a.m.7 views

Delta Electronics CNCSoft

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code within the context of the current process. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds...

7.3CVSS7.4AI score0.00202EPSS
Exploits0References10
ICS
ICS
added 2025/06/24 6:0 a.m.7 views

Parsons AccuWeather widget

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to insert a malicious link that users might access through the RSS feed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

8.8CVSS6.8AI score0.00346EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 4:0 a.m.7 views

Schneider Electric EVLink WallBox (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Passwords should include upper case, lower case, number and special characters, a length of 20 characters is ideal. A default Admin password must be changed immediately when first received...

6.9AI score
Exploits0References11
ICS
ICS
added 2025/06/10 4:0 a.m.7 views

Schneider Electric Modicon Controllers (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.1AI score
Exploits0References11
Total number of security vulnerabilities4251