Lucene search
K
IcsMost viewed

4251 matches found

ICS
ICS
added 2015/12/06 7:0 a.m.115 views

Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-064-01 Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability that was published March 5, 2015, on the NCCIC/ICS-CERT web site. The “GHOST”Further information about the GHOST vulnerability:...

10CVSS8AI score0.94859EPSS
Exploits29References10
ICS
ICS
added 2015/10/16 6:0 a.m.115 views

Phoenix Contact Software ProConOs and MultiProg Authentication Vulnerability

OVERVIEW Reid Wightman of Digital Bond has identified an authentication vulnerability in Phoenix Contact Software’s ProConOs and MultiProg applications. KW-Software originally wrote these applications without authentication intentionally. This vulnerability could be exploited remotely. AFFECTED...

10CVSS6.8AI score0.80689EPSS
Exploits6References10
ICS
ICS
added 2014/02/08 7:0 a.m.115 views

Digi International OpenSSL Vulnerability

OVERVIEW Digi International has identified five products that are vulnerable to the OpenSSL Heartbleed bug. Digi International has produced downloadable firmware upgrade versions that mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this...

7.5CVSS8.1AI score0.99999EPSS
Exploits88References10
ICS
ICS
added 2023/11/16 12:0 p.m.114 views

Scattered Spider

SUMMARY The Federal Bureau of Investigation FBI and Cybersecurity and Infrastructure Security Agency CISA are releasing this joint Cybersecurity Advisory CSA in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory...

10AI score
Exploits0References134
ICS
ICS
added 2023/09/07 6:0 a.m.114 views

Socomec MOD3GP-SY-120K

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Socomec Equipment : MOD3GP-SY-120K Vulnerabilities : Cross-Site Scripting XSS, Cross-Site Request Forgery CSRF, Insecure Storage of Sensitive Information, Reliance on Cookies without Validation and...

10CVSS9.3AI score0.00579EPSS
Exploits0References10
ICS
ICS
added 2019/07/23 12:0 a.m.114 views

Mitsubishi Electric FR Configurator2

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric FR Configurator2 Vulnerabilities: Improper Restriction of XML External Entity Reference, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation...

7.1CVSS6AI score0.01019EPSS
Exploits0References6
ICS
ICS
added 2012/11/02 6:0 a.m.114 views

Siemens SIMATIC WinCC Vulnerabilities

Overview This advisory is a follow-up to a previous advisory titled “ICSA-11-356-01 – Siemens HMI Authentication Vulnerabilities” that was published December 22, 2011, and an alert titled "ICS-ALERT-11-332-02A – Siemens SIMATIC WinCC Flexible Vulnerabilities" that was published December 2, 2011...

10CVSS8.5AI score0.14013EPSS
Exploits0References10
ICS
ICS
added 2024/02/13 12:0 a.m.113 views

Siemens SIDIS Prime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS8.1AI score0.70561EPSS
Exploits7References12
ICS
ICS
added 2022/09/14 12:0 p.m.113 views

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory CSA is the result of an analytic effort among t...

10CVSS10AI score0.99999EPSS
Exploits397References88
ICS
ICS
added 2020/06/02 12:0 a.m.113 views

ABB Multiple System 800xA Products

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: System 800xA Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to make the system node inaccessible or tamper with...

7.8CVSS6.5AI score0.00389EPSS
Exploits0References5
ICS
ICS
added 2019/05/16 12:0 a.m.113 views

Fuji Electric Alpha7 PC Loader

1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: Alpha7 PC Loader Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

6.6CVSS6.4AI score0.00593EPSS
Exploits0References5
ICS
ICS
added 2019/02/05 12:0 a.m.113 views

Rockwell Automation EtherNet/IP Web Server Modules

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: EtherNet/IP Web Server Modules Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker...

7.8CVSS7.7AI score0.03185EPSS
Exploits0References5
ICS
ICS
added 2015/11/01 6:0 a.m.113 views

Honeywell HART DTM Vulnerability

OVERVIEW Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library used in Honeywell’s HART DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which Honeywell validated and released for...

2.1CVSS6.3AI score0.00374EPSS
Exploits0References10
ICS
ICS
added 2022/05/31 12:0 a.m.112 views

BD Synapsys

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Synapsys Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or delete...

5.7CVSS5.4AI score0.00223EPSS
Exploits0References5
ICS
ICS
added 2021/10/12 12:0 a.m.112 views

Siemens SINEC NMS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS network management software Vulnerabilities: Improper Limitation of a Pathname to a Restricted Directory, Improper Authorization, Exposure of Sensitive Information to an...

9.1CVSS8.3AI score0.46587EPSS
Exploits0References11
ICS
ICS
added 2021/03/25 12:0 a.m.112 views

Philips Gemini PET/CT Family

1. EXECUTIVE SUMMARY CVSS v3 2.4 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Gemini PET/CT Family Vulnerability: Storage of Sensitive Data in a Mechanism Without Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability involving removable media could...

2.4CVSS3.3AI score0.00231EPSS
Exploits0References4
ICS
ICS
added 2020/03/19 12:0 a.m.112 views

Systech NDS-5000 Terminal Server

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Systech Corporation Equipment: NDS-5000 Terminal Server Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure,...

8.4CVSS8.6AI score0.01729EPSS
Exploits0References5
ICS
ICS
added 2020/03/12 12:0 a.m.112 views

ICSA-20-072-01_ABB eSOMS

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: eSOMS Vulnerabilities: Use of Web Browser Cache Containing Sensitive Information, Improper Restriction of Rendered UI Layers or Frames, Improper Neutralization of HTTP Headers for...

7.6CVSS7.8AI score0.01532EPSS
Exploits0References2
ICS
ICS
added 2020/03/03 12:0 a.m.112 views

Moxa AWK-3131A Series Industrial AP/Bridge/Client

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low skill level is needed to exploit/public exploits are available Vendor: Moxa Equipment: Moxa AWK-3131A Vulnerabilities: Improper Access Control, Use of Hard-coded Cryptographic Key, OS Command Injection, Use of Hard-coded...

9.9CVSS9.5AI score0.06892EPSS
Exploits14References5
ICS
ICS
added 2019/04/16 12:0 a.m.112 views

ICSA-19-106-01_Delta Industrial Automation CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: Delta Industrial Automation CNCSoft Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these...

7.8CVSS8AI score0.03666EPSS
Exploits0References2
ICS
ICS
added 2017/11/16 12:0 a.m.112 views

Moxa NPort 5110, 5130, and 5150

CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Moxa Equipment: NPort 5110, 5130, 5150 Vulnerabilities: Injection, Information Exposure, Resource Exhaustion AFFECTED PRODUCTS The following versions of NPort, a serial network interface, are affected: NPort 5110...

8.6CVSS8.3AI score0.01711EPSS
Exploits0References3
ICS
ICS
added 2022/05/12 12:0 a.m.111 views

Siemens Desigo PXC and DXR Devices

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: PXC and DXR Devices Vulnerabilities: Special Element Injection, Uncontrolled Resource Consumption, Use of Password Hash with Insufficient Computational Effort, Insufficient Session...

9.1CVSS8.3AI score0.01856EPSS
Exploits0References5
ICS
ICS
added 2019/05/21 12:0 a.m.111 views

Mitsubishi Electric MELSEC-Q Series Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC-Q series Ethernet module Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may render the...

7.8CVSS7.7AI score0.0354EPSS
Exploits0References5
ICS
ICS
added 2019/02/19 12:0 a.m.111 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Rockwell Automation Equipment: Allen-Bradley PowerMonitor 1000 Vulnerabilities: Cross-site Scripting and Authentication Bypass 2. UPDATE INFORMATION This updated...

8.1CVSS7.9AI score0.30295EPSS
Exploits5References5
ICS
ICS
added 2019/02/12 12:0 a.m.111 views

WIBU SYSTEMS AG WibuKey Digital Rights Management (Update D)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: WIBU-SYSTEMS AG Equipment: WibuKey Digital Rights Management DRM Vulnerabilities: Information Exposure, Out-of-bounds Write, Heap-based Buffer Overflow 2. UPDATE...

10CVSS8.4AI score0.34329EPSS
Exploits3References6
ICS
ICS
added 2014/01/16 7:0 a.m.111 views

Innominate mGuard OpenSSL HeartBleed Vulnerability

OVERVIEW Researcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Innominate has released a new firmware version that mitigates the OpenSSL HeartBleed vulnerability in the mGuard products. --------- Begin Update A Part 1 of 4 -------- Phoenix Contact branded devices are not...

7.5CVSS7.8AI score0.99999EPSS
Exploits88References10
ICS
ICS
added 2012/04/26 6:0 a.m.111 views

Siemens WinCC Insecure SQL Server Authentication

Overview Siemens has released a software update for an insecure SQL server authentication vulnerability in Siemens’ SIMATIC WinCC and SIMATIC PCS 7 software. Previous versions of SIMATIC WinCC use default SQL server credentials that allowed administrative access to the database. The default...

7.8CVSS8.2AI score0.0055EPSS
Exploits2References10
ICS
ICS
added 2023/03/21 12:0 p.m.110 views

Siemens RUGGEDCOM APE1808 Product Family

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7CVSS7.7AI score0.00132EPSS
Exploits0References51
ICS
ICS
added 2022/12/13 12:0 a.m.110 views

Siemens SCALANCE X-200RNA Switch Devices

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Siemens Equipment: SCALANCE X-200RNA switch devices before V3.2.7 Vulnerabilities: Observable Timing Discrepancy; Race Condition; Improper Restriction of Operations within...

7.6CVSS10AI score0.98631EPSS
Exploits33References11
ICS
ICS
added 2015/06/18 12:0 a.m.110 views

Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-169-01A Wind River VxWorks TCP Predictability Vulnerability in ICS Devices that was published November 5, 2015, on the NCCIC/ICS-CERT web site. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a...

5.8CVSS0.03743EPSS
Exploits0References19
ICS
ICS
added 2022/02/24 12:0 a.m.109 views

Schneider Electric Easergy P5 and P3

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Easergy P5 and P3 --------- Begin Update A Part 1 of 4 --------- Vulnerabilities: Use of Hard-Coded Credentials, Classic Buffer Overflow, and Improper Input Validation --------- End Update A...

8.8CVSS8.7AI score0.02822EPSS
Exploits0References4
ICS
ICS
added 2022/02/08 12:0 a.m.109 views

Siemens SIMATIC WinCC and PCS

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC and PCS Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Externally-Accessible File or Directory 2...

8.8CVSS8.6AI score0.00682EPSS
Exploits0References11
ICS
ICS
added 2020/02/11 12:0 a.m.109 views

Siemens OZW Web Server

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: OZW web server Vulnerability: Information disclosure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated users to access project files...

7.5CVSS7.7AI score0.01617EPSS
Exploits0References9
ICS
ICS
added 2017/05/09 12:0 a.m.109 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update B)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

7.1CVSS0.4AI score0.01149EPSS
Exploits0References60
ICS
ICS
added 2023/01/27 12:0 p.m.108 views

Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

Summary Actions for ZCS administrators to take today to mitigate malicious cyber activity: • Patch all systems and prioritize patching known exploited vulnerabilities. • Deploy detection signatures and hunt for indicators of compromise IOCs. • If ZCS was compromised, remediate malicious activity...

9.8CVSS9.5AI score0.98975EPSS
Exploits30References56
ICS
ICS
added 2021/12/14 12:0 a.m.108 views

Siemens Capital VSTAR

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely / Low attack complexity Vendor: Siemens Equipment: Capital VSTAR Vulnerabilities: Access of Resource Using Incompatible Type, Improper Validation of Specified Quantity in Input, Out-of-Bounds Read, Improper Restriction of Operations...

9.8CVSS8.8AI score0.0215EPSS
Exploits0References10
ICS
ICS
added 2021/07/13 12:0 a.m.108 views

Wibu-Systems CodeMeter Runtime

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Wibu-Systems AG Equipment: CodeMeter Runtime Vulnerabilities: Buffer Over-read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read data from the heap of...

9.1CVSS9.3AI score0.33304EPSS
Exploits2References11
ICS
ICS
added 2017/10/12 12:0 a.m.108 views

NXP Semiconductors MQX RTOS (Update A)

CVSS v3 8.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: NXP Semiconductors Equipment: MQX RTOS Vulnerabilities: Classic Buffer Overflow, Out-of-Bounds Read UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-285-04 NXP...

8.1CVSS8.2AI score0.13021EPSS
Exploits3References6
ICS
ICS
added 2017/05/09 12:0 a.m.108 views

Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional

CVSS v3 4.9 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC WinCC Runtime Professional Vulnerability: Denial of Service AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of SIMATIC WinCC, SIMATI...

4.9CVSS5.6AI score0.01923EPSS
Exploits0References3
ICS
ICS
added 2011/07/09 6:0 a.m.108 views

CitectSCADA and Mitsubishi MX4 SCADA Batch Server Buffer Overflow

Overview ICS-CERT originally released Advisory ICSA-11-279-02P on the US-CERT secure Portal on October 06, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Taiwan’s Information and Communication Security Technology Cente...

4.6CVSS8.2AI score0.00471EPSS
Exploits0References10
ICS
ICS
added 2020/07/14 12:0 a.m.107 views

Siemens UMC Stack (Update H)

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: UMC Stack Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a...

8.2CVSS7.5AI score0.02484EPSS
Exploits0References11
ICS
ICS
added 2020/04/07 12:0 a.m.108 views

Advantech WebAccess/NMS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/NMS Vulnerabilities: Unrestricted Upload of File with Dangerous Type, SQL Injection, Relative Path Traversal, Missing Authentication for Critical Function, Improper...

10CVSS9.3AI score0.14327EPSS
Exploits0References5
ICS
ICS
added 2019/10/08 12:0 a.m.107 views

Siemens SIMATIC WinAC RTX (F) 2010 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinAC RTX F 2010 --------- Begin Update A Part 1 of 4 --------- Vulnerability: Insufficient Resource Pool --------- End Update A Part 1 of 4 --------- 2. UPDATE...

7.5CVSS7.8AI score0.01367EPSS
Exploits0References9
ICS
ICS
added 2019/09/12 12:0 a.m.107 views

3S-Smart Software Solutions GmbH CODESYS Control V3 OPC UA Server

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Control V3 OPC UA Server Vulnerability: NULL Pointer Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

6.5CVSS6.6AI score0.01365EPSS
Exploits0References4
ICS
ICS
added 2018/09/17 12:0 p.m.107 views

Rockwell Automation MicroLogix

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Rockwell Equipment : MicroLogix Controller Vulnerabilities : Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause denial of service,...

8.6CVSS7.3AI score0.06208EPSS
Exploits5References35
ICS
ICS
added 2017/06/29 12:0 a.m.107 views

ICSA-17-180-01A_Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320 (Update A)

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC Industrial PCs, SINUMERIK Panel Control Unit PCU, SIMOTION P320 Vulnerability: Permissions, Privileges, and Access Controls UPDATED INFORMATION This updated advisory is a follow-up to the...

10CVSS8.1AI score0.92189EPSS
Exploits7References2
ICS
ICS
added 2012/01/13 7:0 a.m.107 views

Koyo Ecom Modules Vulnerabilities

Overview This Advisory is a follow-up to the ICS-CERT Alert titled “ICS-ALERT-12-020-05A—Koyo Ecom100 Vulnerabilities” that was originally published January 20, 2012, on the ICS-CERT web page and updated on February 14, 2012. ICS-CERT is aware of a public report of vulnerabilities with...

10CVSS7.4AI score0.05561EPSS
Exploits0References10
ICS
ICS
added 2024/07/11 12:0 p.m.106 views

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency CISA conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch FCEB organization. During SILENTSHIELD assessments, the red team first performs a no-notice, long-term simulation of...

9.8CVSS9.9AI score0.98342EPSS
Exploits7References106
ICS
ICS
added 2020/12/18 12:0 a.m.106 views

Treck TCP/IP Stack (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Treck Inc. Equipment: TCP/IP Vulnerability : Heap-based Buffer Overflow, Out-of-bounds Read, Out-of-bounds Write The Treck TCP/IP stack may be known by other names such as Kasago TCP/IP, ELMIC, Net+ OS, Quadnet, GHNET v2,...

10CVSS7.7AI score0.03348EPSS
Exploits0References5
ICS
ICS
added 2020/12/08 12:0 a.m.106 views

Siemens LOGO! 8 BM

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! 8 BM Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently...

10CVSS8.2AI score0.01372EPSS
Exploits0References9
Total number of security vulnerabilities4251