Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2025/09/09 12:0 a.m.6 views

Siemens SINAMICS Drives

SUMMARY Siemens SINAMICS G220, SINAMICS S210, and SINAMICS S200 contains a privilege escalation vulnerability that could allow users to escalate their privileges. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing...

9.8CVSS7.1AI score0.00201EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 12:0 a.m.6 views

Siemens User Management Component (UMC)

SUMMARY Siemens' User Management Component UMC is affected by multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. Siemens has released a new version for User Management Component UMC and recommends to...

8.1AI score
Exploits0References10
ICS
ICS
added 2025/09/09 12:0 a.m.6 views

Siemens SIMATIC Virtualization as a Service (SIVaaS)

SUMMARY SIMATIC Virtualization as a Service SIVaaS is affected by a vulnerability which exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization. Siemens recommends to contact technical support to fix the...

9.3CVSS6.7AI score0.00384EPSS
Exploits0References10
ICS
ICS
added 2025/09/02 6:0 a.m.6 views

Fuji Electric FRENIC-Loader 4

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.4CVSS7.3AI score0.00186EPSS
Exploits0References10
ICS
ICS
added 2025/08/28 6:0 a.m.6 views

Delta Electronics CNCSoft-G2

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on affected installations of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds...

7.3CVSS7.8AI score0.00361EPSS
Exploits0References10
ICS
ICS
added 2025/08/28 6:0 a.m.6 views

Mitsubishi Electric MELSEC iQ-F Series CPU Module

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker the ability to obtain credential information by intercepting SLMP communication messages, and read or write the device values of the product by using the obtained credential information. In addition, the...

7.5CVSS6.2AI score0.00311EPSS
Exploits0References10
ICS
ICS
added 2025/08/26 12:0 a.m.6 views

Agiloft multiple vulnerabilities

RISK EVALUATION Agiloft is a web-based contract management platform. Multiple vulnerabilities were found in Agiloft that could allow an attacker to gain administrative access to Agiloft, execute operating system commands, or modify update packages. 2. RECOMMENDED PRACTICES These issues have been...

7.2CVSS7.6AI score0.00405EPSS
Exploits0References1
ICS
ICS
added 2025/08/21 6:0 a.m.6 views

Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in a remote attacker being able to delay the processing of the Web server function and prevent legitimate users from utilizing the Web server function by sending a specially crafted HTTP request. 2. RECOMMENDED PRACTICES...

5.3CVSS6.6AI score0.00546EPSS
Exploits0References10
ICS
ICS
added 2025/08/14 6:0 a.m.6 views

Rockwell Automation 1756-EN4TR, 1756-EN4TRXT (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker causing a denial of service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

6.5AI score
Exploits0References11
ICS
ICS
added 2025/08/12 4:0 a.m.6 views

Schneider Electric Modicon M340 Controller and Communication Modules (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.7CVSS5.6AI score0.00455EPSS
Exploits0References11
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SIMATIC RTLS Locating Manager

SUMMARY SIMATIC RTLS Locating Manager Before V3.2 contains an improper input validation vulnerability that could allow an authenticated remote attacker to execute arbitrary code with high privileges. Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to...

9.4CVSS7.9AI score0.00648EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens WIBU CodeMeter Runtime

SUMMARY WIBU Systems published information about a privilege escalation vulnerability under a certain circumstances and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products. Siemens has released new versions for affected...

8.2CVSS6.7AI score0.00135EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens Engineering Platforms

SUMMARY Affected products do not properly restrict access permissions to a local Windows Named Pipe and do not properly sanitize user-controllable input sent to that Named Pipe. This could allow a local authenticated attacker to cause a type confusion and execute arbitrary code within the...

8.6CVSS7.5AI score0.00164EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SIMATIC S7-PLCSIM

SUMMARY Affected products do not properly sanitize user-controllable input when parsing project files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends...

8.5CVSS7.8AI score0.00185EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SINUMERIK

SUMMARY Siemens SINUMERIK Controllers are affected by an improper VNC password check vulnerability. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

8.7CVSS7.8AI score0.00242EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens COMOS

SUMMARY COMOS before V10.6 is affected by a local arbitrary code execution vulnerability in the integrated Open Design Alliance Drawings SDK. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure,...

8.1CVSS8AI score0.00192EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens RUGGEDCOM APE1808

SUMMARY Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not...

8.4AI score
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.6 views

EG4 Electronics EG4 Inverters (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to intercept and manipulate critical data, install malicious firmware, hijack device access, and gain unauthorized control over the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

6.7AI score
Exploits0References10
ICS
ICS
added 2025/07/29 6:0 a.m.6 views

Samsung HVAC DMS

RISK EVALUATION Successful exploitation of these vulnerabilities can lead to unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

8.1AI score
Exploits0References10
ICS
ICS
added 2025/07/22 6:0 a.m.6 views

DuraComm DP-10iN-100-MU

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

6.5AI score
Exploits0References10
ICS
ICS
added 2025/07/10 6:0 a.m.6 views

Delta Electronics DTM Soft

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to encrypt files referencing the application in order to extract information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

7.8CVSS7.2AI score0.00203EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as PAR or CFG format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a...

8AI score
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens TIA Administrator

SUMMARY Siemens TIA Administrator before V3.0.6 contains multiple vulnerabilities which could allow an attacker to escalate privilege or exceute arbitrary code during installations. Siemens has released a new version for TIA Administrator and recommends to update to the latest version. 2...

8AI score
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens RUGGEDCOM ROS Devices

SUMMARY Multiple vulnerabilities affect the RUGGEDCOM Operating System ROS. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not,...

6.8AI score
Exploits0References10
ICS
ICS
added 2025/07/03 6:0 a.m.6 views

Hitachi Energy MicroSCADA X SYS600

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to tamper with the system file, overwrite files, create a denial-of-service condition, or leak file content. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.3AI score
Exploits0References10
ICS
ICS
added 2025/06/24 12:30 p.m.6 views

Hitachi Energy Relion 670/650 and SAM600-IO Series (Update A)

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Relion 670/650 and SAM600-IO series IED device versions that are listed in this document. An authenticated attacker successfully exploiting this vulnerability via FTP access can cause the device to reboot due to improper disk...

8.7CVSS6.8AI score0.00316EPSS
Exploits0References9
ICS
ICS
added 2025/06/17 6:0 a.m.6 views

Fuji Electric Smart Editor

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

8.4CVSS7.7AI score0.00161EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.6 views

Siemens Desigo

SUMMARY Desigo CC deployments that use Installed Client are impacted by an information disclosure vulnerability which could result in information leak from the Desigo CC server. The other Desigo CC client options, Windows App Client and Flex Client, are not affected by this vulnerability...

8.7CVSS8.1AI score0.00469EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.6 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by an out of bounds write vulnerability that could be triggered when the application is parsing XT data or a specially crafted file in XT format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the...

7.8CVSS7.9AI score0.00176EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.6 views

Siemens Industrial Edge Device Kit

SUMMARY Industrial Edge Device Kit contains a weak authentication vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Industrial Edge Device Builders integrate Industrial Edge Device Kit into their offerings...

9.8CVSS7.3AI score0.00744EPSS
Exploits0References10
ICS
ICS
added 2025/03/20 6:0 a.m.6 views

SMA Sunny Portal

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload and remotely execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

6.5CVSS7AI score0.00695EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices contain a development shell which is accessible via a physical interface which is not properly restricted. This could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device. Siemens has released...

7CVSS7.9AI score0.00308EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens SIMATIC

SUMMARY The webserver of several SIMATIC products is affected by a user enumeration vulnerability that could allow an unauthenticated remote attacker to identify valid usernames. Siemens has released new versions for several affected products and recommends to update to the latest versions...

6.9CVSS7.2AI score0.00486EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens OpenV2G

SUMMARY The open source software OpenV2G contains a buffer overflow vulnerability that could allow an attacker to trigger a memory corruption. Siemens has released an update for the OpenV2G and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure,...

9.8CVSS7.6AI score0.00385EPSS
Exploits0References10
ICS
ICS
added 2025/01/30 7:0 a.m.6 views

New Rock Technologies Cloud Connected Devices

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker full control of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

9.8CVSS7.3AI score0.00598EPSS
Exploits1References10
ICS
ICS
added 2025/01/16 7:0 a.m.6 views

Fuji Electric Alpha5 SMART

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.5CVSS7.6AI score0.00341EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 5:0 a.m.6 views

Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service of the product when an unauthenticated user sends a crafted HTTPS packet to the webserver. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior...

8.7CVSS7.7AI score0.00605EPSS
Exploits0References11
ICS
ICS
added 2025/01/14 12:0 a.m.6 views

Schneider Electric RemoteConnect and SCADAPack x70 Utilities (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could lead to loss of confidentiality, integrity and potential remote code execution on workstation when a non-admin authenticated user opens a malicious project file. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

8.5CVSS6.3AI score0.00305EPSS
Exploits0References11
ICS
ICS
added 2025/01/14 12:0 a.m.6 views

Schneider Electric Pro-face GP-Pro EX and Remote HMI (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow man-in-the-middle attacks which could result in information disclosure, integrity issues and operational failures. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

7.1CVSS6.4AI score0.00166EPSS
Exploits0References11
ICS
ICS
added 2024/12/19 7:0 a.m.6 views

Tibbo AggreGate Network Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve code execution on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

8.8CVSS7.6AI score0.00575EPSS
Exploits0References10
ICS
ICS
added 2024/12/17 7:0 a.m.6 views

Hitachi Energy TropOS Devices Series 1400/2400/6400

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

5CVSS7.1AI score0.97549EPSS
Exploits23References10
ICS
ICS
added 2024/12/10 5:0 a.m.6 views

Schneider Electric Modicon

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS6.5AI score0.00641EPSS
Exploits0References11
ICS
ICS
added 2024/12/10 12:0 a.m.6 views

Siemens Siemens Engineering Platforms

SUMMARY Affected products do not properly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens is preparing fix versions and recommends countermeasures for products where...

8.4CVSS8AI score0.00218EPSS
Exploits0References10
ICS
ICS
added 2024/11/21 7:0 a.m.6 views

mySCADA myPRO Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

8.2AI score
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.6 views

Rockwell Automation FactoryTalk Updater (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an authentication bypass, remote code execution, and/or a local privilege escalation 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.3AI score
Exploits0References10
ICS
ICS
added 2024/11/12 7:0 a.m.6 views

Subnet Solutions PowerSYSTEM Center

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause an integer overflow on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

9.8CVSS8AI score0.01686EPSS
Exploits0References10
ICS
ICS
added 2024/09/10 12:0 a.m.6 views

Siemens Automation License Manager

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.2CVSS7.7AI score0.10609EPSS
Exploits0References10
ICS
ICS
added 2024/06/11 12:0 a.m.6 views

Schneider Electric Modicon M340, BMXNOE0100, and BMXNOE0110 (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.5CVSS6.7AI score0.00348EPSS
Exploits0References11
ICS
ICS
added 2024/01/21 7:0 a.m.6 views

Traffic Alert and Collision Avoidance System (TCAS) II

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to manipulate safety systems and cause a denial-of-service condition. 2. VULNERABILITY SUMMARY By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed...

7.1CVSS6.9AI score0.00275EPSS
Exploits0References10
ICS
ICS
added 2022/11/29 11:49 a.m.6 views

Festo Firmware

SUMMARY Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation to some extent. Update A, 2022-12-13 Added affected device "Bus module CPX-E-PN,...

9.8CVSS6.7AI score0.01053EPSS
Exploits0References12
Total number of security vulnerabilities4251