Lucene search
K
IcsMost viewed

4255 matches found

ICS
ICS
added 2025/09/30 8:50 a.m.6 views

Hitachi Energy Asset Suite (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in the manipulation of content or the injection of data with the potential of carrying out further malicious attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

6CVSS6.7AI score0.00277EPSS
Exploits0References9
ICS
ICS
added 2025/09/30 6:0 a.m.6 views

National Instruments Circuit Design Suite

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption, potentially leading to information disclosure and execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.5CVSS7.4AI score0.00171EPSS
Exploits0References11
ICS
ICS
added 2025/09/30 5:0 a.m.6 views

LG Innotek Camera Multiple Models

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

8.8CVSS7.1AI score0.00578EPSS
Exploits0References11
ICS
ICS
added 2025/09/25 6:0 a.m.6 views

Dingtian DT-R002

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve credentials without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.1AI score
Exploits0References11
ICS
ICS
added 2025/09/23 6:0 a.m.6 views

Viessmann Vitogate 300

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify an intended OS command when it is sent to a downstream component, or allow an attacker to cause unexpected interactions between the client and server. 2. RECOMMENDED PRACTICES CISA recommends users...

7AI score
Exploits0References13
ICS
ICS
added 2025/09/15 6:41 p.m.6 views

psPAS does not enforce TLS 1.2 within Get-PASSAMLResponse

RISK EVALUATION psPAS is a PowerShell module for the CyberArk API. psPAS does not explicitly enforce TLS 1.2 when using the 'Get-PASSAMLResponse' function. An unauthenticated attacker in a 'Man-in-the-Middle' position could manipulate the TLS handshake and downgrade TLS to a deprecated protocol...

3.1CVSS6.8AI score0.00221EPSS
Exploits0References1
ICS
ICS
added 2025/09/11 6:0 a.m.6 views

Daikin Europe N.V Security Gateway

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

9.8CVSS7AI score0.00607EPSS
Exploits1References10
ICS
ICS
added 2025/09/09 8:48 p.m.6 views

OPEXUS FOIAXpress Public Access Link (PAL) SQL injection

RISK EVALUATION Successful exploitation could allow a remote, unauthenticated attacker to read, write, or delete any content in the underlying database. 2. RECOMMENDED PRACTICES Upgrade to FOIAXpress PAL version 11.13.1.0. 3. DESCRIPTION OPEXUS FOIAXpress Public Access Link PAL before version...

9.8CVSS7.6AI score0.00616EPSS
Exploits0References1
ICS
ICS
added 2025/09/09 6:0 a.m.6 views

Rockwell Automation ControlLogix 5580

RISK EVALUATION Successful exploitation of this vulnerability could result in a major nonrecoverable fault on the controller. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

8.2CVSS6.8AI score0.00386EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 6:0 a.m.6 views

Rockwell Automation Analytics LogixAI

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

8.8CVSS6.5AI score0.00269EPSS
Exploits0References13
ICS
ICS
added 2025/09/09 6:0 a.m.6 views

Rockwell Automation Stratix IOS

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to run malicious configurations without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.6CVSS7.7AI score0.00605EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 12:0 a.m.6 views

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management is affected by a vulnerability that could allow a remote attacker to cause a denial of service condition. Siemens recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS As a general security...

7.5CVSS6.8AI score0.64718EPSS
Exploits1References10
ICS
ICS
added 2025/09/09 12:0 a.m.6 views

Siemens SINAMICS Drives

SUMMARY Siemens SINAMICS G220, SINAMICS S210, and SINAMICS S200 contains a privilege escalation vulnerability that could allow users to escalate their privileges. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing...

9.8CVSS7.1AI score0.00201EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 12:0 a.m.6 views

Siemens SIMATIC Virtualization as a Service (SIVaaS)

SUMMARY SIMATIC Virtualization as a Service SIVaaS is affected by a vulnerability which exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization. Siemens recommends to contact technical support to fix the...

9.3CVSS6.7AI score0.00384EPSS
Exploits0References10
ICS
ICS
added 2025/09/09 12:0 a.m.6 views

Siemens User Management Component (UMC)

SUMMARY Siemens' User Management Component UMC is affected by multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. Siemens has released a new version for User Management Component UMC and recommends to...

8.1AI score
Exploits0References10
ICS
ICS
added 2025/09/02 6:0 a.m.6 views

Fuji Electric FRENIC-Loader 4

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.4CVSS7.3AI score0.00186EPSS
Exploits0References10
ICS
ICS
added 2025/08/28 6:0 a.m.6 views

Mitsubishi Electric MELSEC iQ-F Series CPU Module

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker the ability to obtain credential information by intercepting SLMP communication messages, and read or write the device values of the product by using the obtained credential information. In addition, the...

7.5CVSS6.2AI score0.00311EPSS
Exploits0References10
ICS
ICS
added 2025/08/28 6:0 a.m.6 views

Delta Electronics CNCSoft-G2

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on affected installations of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds...

7.3CVSS7.8AI score0.00361EPSS
Exploits0References10
ICS
ICS
added 2025/08/26 12:0 a.m.6 views

Agiloft multiple vulnerabilities

RISK EVALUATION Agiloft is a web-based contract management platform. Multiple vulnerabilities were found in Agiloft that could allow an attacker to gain administrative access to Agiloft, execute operating system commands, or modify update packages. 2. RECOMMENDED PRACTICES These issues have been...

7.2CVSS7.6AI score0.00405EPSS
Exploits0References1
ICS
ICS
added 2025/08/21 6:0 a.m.6 views

FUJIFILM Healthcare Americas Synapse Mobility

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access information beyond their assigned roles. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

5.3CVSS7.9AI score0.0023EPSS
Exploits0References10
ICS
ICS
added 2025/08/21 6:0 a.m.6 views

Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in a remote attacker being able to delay the processing of the Web server function and prevent legitimate users from utilizing the Web server function by sending a specially crafted HTTP request. 2. RECOMMENDED PRACTICES...

5.3CVSS6.6AI score0.00546EPSS
Exploits0References10
ICS
ICS
added 2025/08/14 6:0 a.m.6 views

Rockwell Automation ArmorBlock 5000 I/O - Webserver

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to predict session numbers or perform privileged actions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

7.2AI score
Exploits0References10
ICS
ICS
added 2025/08/12 4:0 a.m.6 views

Schneider Electric Modicon M340 Controller and Communication Modules (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.7CVSS5.6AI score0.00455EPSS
Exploits0References11
ICS
ICS
added 2025/08/12 4:0 a.m.6 views

Schneider Electric SESU

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.3CVSS6.9AI score0.00198EPSS
Exploits0References11
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SIMATIC S7-PLCSIM

SUMMARY Affected products do not properly sanitize user-controllable input when parsing project files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends...

8.5CVSS7.8AI score0.00185EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens WIBU CodeMeter Runtime

SUMMARY WIBU Systems published information about a privilege escalation vulnerability under a certain circumstances and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products. Siemens has released new versions for affected...

8.2CVSS6.7AI score0.00135EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens Engineering Platforms

SUMMARY Affected products do not properly restrict access permissions to a local Windows Named Pipe and do not properly sanitize user-controllable input sent to that Named Pipe. This could allow a local authenticated attacker to cause a type confusion and execute arbitrary code within the...

8.6CVSS7.5AI score0.00164EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SINUMERIK

SUMMARY Siemens SINUMERIK Controllers are affected by an improper VNC password check vulnerability. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

8.7CVSS7.8AI score0.00242EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SIMATIC RTLS Locating Manager

SUMMARY SIMATIC RTLS Locating Manager Before V3.2 contains an improper input validation vulnerability that could allow an authenticated remote attacker to execute arbitrary code with high privileges. Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to...

9.4CVSS7.9AI score0.00648EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens COMOS

SUMMARY COMOS before V10.6 is affected by a local arbitrary code execution vulnerability in the integrated Open Design Alliance Drawings SDK. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure,...

8.1CVSS8AI score0.00192EPSS
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.6 views

EG4 Electronics EG4 Inverters (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to intercept and manipulate critical data, install malicious firmware, hijack device access, and gain unauthorized control over the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

6.7AI score
Exploits0References10
ICS
ICS
added 2025/07/29 6:0 a.m.6 views

Samsung HVAC DMS

RISK EVALUATION Successful exploitation of these vulnerabilities can lead to unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

8.1AI score
Exploits0References10
ICS
ICS
added 2025/07/22 6:0 a.m.6 views

DuraComm DP-10iN-100-MU

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

6.5AI score
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens RUGGEDCOM ROS Devices

SUMMARY Multiple vulnerabilities affect the RUGGEDCOM Operating System ROS. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not,...

6.8AI score
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as PAR or CFG format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a...

8AI score
Exploits0References10
ICS
ICS
added 2025/07/03 6:0 a.m.6 views

Hitachi Energy MicroSCADA X SYS600

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to tamper with the system file, overwrite files, create a denial-of-service condition, or leak file content. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.3AI score
Exploits0References10
ICS
ICS
added 2025/06/17 6:0 a.m.6 views

Fuji Electric Smart Editor

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

8.4CVSS7.7AI score0.00161EPSS
Exploits0References10
ICS
ICS
added 2025/05/13 12:0 a.m.6 views

Siemens Desigo

SUMMARY Desigo CC deployments that use Installed Client are impacted by an information disclosure vulnerability which could result in information leak from the Desigo CC server. The other Desigo CC client options, Windows App Client and Flex Client, are not affected by this vulnerability...

8.7CVSS8.1AI score0.00469EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.6 views

Siemens Industrial Edge Device Kit

SUMMARY Industrial Edge Device Kit contains a weak authentication vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Industrial Edge Device Builders integrate Industrial Edge Device Kit into their offerings...

9.8CVSS7.3AI score0.00744EPSS
Exploits0References10
ICS
ICS
added 2025/04/08 12:0 a.m.6 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by an out of bounds write vulnerability that could be triggered when the application is parsing XT data or a specially crafted file in XT format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the...

7.8CVSS7.9AI score0.00176EPSS
Exploits0References10
ICS
ICS
added 2025/03/20 6:0 a.m.6 views

SMA Sunny Portal

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload and remotely execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

6.5CVSS7AI score0.00695EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens OpenV2G

SUMMARY The open source software OpenV2G contains a buffer overflow vulnerability that could allow an attacker to trigger a memory corruption. Siemens has released an update for the OpenV2G and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure,...

9.8CVSS7.6AI score0.00385EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens SIMATIC

SUMMARY The webserver of several SIMATIC products is affected by a user enumeration vulnerability that could allow an unauthenticated remote attacker to identify valid usernames. Siemens has released new versions for several affected products and recommends to update to the latest versions...

6.9CVSS7.2AI score0.00486EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens SIPROTEC 5 Devices

SUMMARY An information disclosure vulnerability in SIPROTEC 5 devices could allow an unauthenticated, remote attacker to retrieve sensitive information of the device. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is...

8.7CVSS7AI score0.00563EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.6 views

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices contain a development shell which is accessible via a physical interface which is not properly restricted. This could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device. Siemens has released...

7CVSS7.9AI score0.00308EPSS
Exploits0References10
ICS
ICS
added 2025/01/30 7:0 a.m.6 views

New Rock Technologies Cloud Connected Devices

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker full control of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

9.8CVSS7.3AI score0.00598EPSS
Exploits1References10
ICS
ICS
added 2025/01/16 7:0 a.m.6 views

Fuji Electric Alpha5 SMART

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.5CVSS7.6AI score0.00341EPSS
Exploits0References10
ICS
ICS
added 2025/01/14 5:0 a.m.6 views

Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service of the product when an unauthenticated user sends a crafted HTTPS packet to the webserver. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior...

8.7CVSS7.7AI score0.00605EPSS
Exploits0References11
ICS
ICS
added 2025/01/14 12:0 a.m.6 views

Schneider Electric RemoteConnect and SCADAPack x70 Utilities (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could lead to loss of confidentiality, integrity and potential remote code execution on workstation when a non-admin authenticated user opens a malicious project file. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

8.5CVSS6.3AI score0.00305EPSS
Exploits0References11
ICS
ICS
added 2025/01/14 12:0 a.m.6 views

Schneider Electric Pro-face GP-Pro EX and Remote HMI (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow man-in-the-middle attacks which could result in information disclosure, integrity issues and operational failures. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

7.1CVSS6.4AI score0.00166EPSS
Exploits0References11
Total number of security vulnerabilities4255