Lucene search
K

4251 matches found

ICS
ICS
added 2025/08/12 12:0 a.m.9 views

Siemens Simcenter Femap

SUMMARY Simcenter Femap contains a file parsing vulnerability that could be triggered when the application reads files in STP or BMP file format. If a user is tricked to open a malicious file with the affected application, this could lead the application to crash or potentially lead to arbitrary...

7.7AI score
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens Engineering Platforms

SUMMARY Affected products do not properly restrict access permissions to a local Windows Named Pipe and do not properly sanitize user-controllable input sent to that Named Pipe. This could allow a local authenticated attacker to cause a type confusion and execute arbitrary code within the...

8.6CVSS7.5AI score0.00164EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.8 views

Siemens RUGGEDCOM ROX II

SUMMARY RUGGEDCOM ROX II devices do not properly limit access through their Built-In-Self-Test BIST mode. This could allow a local attacker to bypass authentication and access a root shell on the device. Siemens is preparing fix versions and recommends specific countermeasures for products where...

8.6CVSS7.3AI score0.00237EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens RUGGEDCOM ROX II

SUMMARY RUGGEDCOM ROX II devices does not properly enforce limitations on type and size of files that can be uploaded through their web interface. This could allow an attacker with a legitimate, highly privileged account on the web interface to upload arbitrary files onto the filesystem of the...

5.1CVSS7.3AI score0.00292EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SIMATIC S7-PLCSIM

SUMMARY Affected products do not properly sanitize user-controllable input when parsing project files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends...

8.5CVSS7.8AI score0.00185EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.5 views

Siemens RUGGEDCOM CROSSBOW Station Access Controller

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station...

8.8AI score
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.8 views

Siemens Third-Party Components in SINEC OS

SUMMARY SINEC OS before V3.2 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

7CVSS8.6AI score0.0041EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.10 views

Siemens SIMATIC RTLS Locating Manager

SUMMARY Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate...

7.7AI score
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens SINUMERIK

SUMMARY Siemens SINUMERIK Controllers are affected by an improper VNC password check vulnerability. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

8.7CVSS7.8AI score0.00242EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.7 views

Siemens SICAM Q100/Q200

SUMMARY SICAM Q100 and Q200 devices are affected by two information disclosure vulnerabilities that could allow an authenticated local attacker to extract the SMTP account password and use the configured SMTP service for arbitrary purposes. Siemens has released new versions for the affected...

7.2AI score
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.5 views

Siemens SIMATIC RTLS Locating Manager

SUMMARY SIMATIC RTLS Locating Manager Before V3.2 contains an improper input validation vulnerability that could allow an authenticated remote attacker to execute arbitrary code with high privileges. Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to...

9.4CVSS7.9AI score0.00648EPSS
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.5 views

Siemens RUGGEDCOM APE1808

SUMMARY Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not...

8.4AI score
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.13 views

Siemens Opcenter Quality

SUMMARY The Opcenter Quality is affected by multiple vulnerabilities in the SmartClient modules Opcenter QL Home SC, SOA Audit and SOA Cockpit. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...

7.7AI score
Exploits0References10
ICS
ICS
added 2025/08/12 12:0 a.m.6 views

Siemens COMOS

SUMMARY COMOS before V10.6 is affected by a local arbitrary code execution vulnerability in the integrated Open Design Alliance Drawings SDK. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure,...

8.1CVSS8AI score0.00192EPSS
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.44 views

Dreame Technology iOS and Android Mobile Applications (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in unauthorized information disclosure. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.5CVSS5.8AI score0.00117EPSS
Exploits0References11
ICS
ICS
added 2025/08/07 6:0 a.m.5 views

Johnson Controls FX Server, FX80 and FX90 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise the device's configuration files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

6.6AI score
Exploits0References11
ICS
ICS
added 2025/08/07 6:0 a.m.7 views

Rockwell Automation Arena

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

8.4CVSS8AI score0.00261EPSS
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.6 views

EG4 Electronics EG4 Inverters (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to intercept and manipulate critical data, install malicious firmware, hijack device access, and gain unauthorized control over the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

6.7AI score
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.4 views

Burk Technology ARC Solo

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker gaining access to the device, locking out authorized users, or disrupting operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS7.6AI score0.00928EPSS
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.9 views

Delta Electronics DIAView

RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to read or write files on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations...

9.3CVSS7AI score0.11131EPSS
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.9 views

Yealink IP Phones and RPS (Redirect and Provisioning Service)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an information disclosure. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

7.3AI score
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.6 views

Packet Power EMX and EG

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full access to the device without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimizing...

9.8CVSS7.6AI score0.00527EPSS
Exploits0References10
ICS
ICS
added 2025/08/07 12:0 a.m.5 views

Tyler Technologies ERP Pro 9

RISK EVALUATION Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands. 2. RECOMMENDED PRACTICES Tyler Technologies deployed hardened environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01...

7.4CVSS6.6AI score0.00211EPSS
Exploits0References1
ICS
ICS
added 2025/08/05 6:0 a.m.19 views

Tigo Energy Cloud Connect Advanced (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to gain unauthorized administrative access using hard-coded credentials, escalate privileges to take full control of the device, modify system settings, disrupt solar energy production, interfere with safety...

10AI score
Exploits0References10
ICS
ICS
added 2025/08/05 5:0 a.m.9 views

Mitsubishi Electric Iconics Digital Solutions Multiple Products (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems...

5.9CVSS6.1AI score0.00192EPSS
Exploits0References9
ICS
ICS
added 2025/08/04 6:0 a.m.7 views

Honeywell OneWireless Wireless Device Manager (WDM)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in information exposure, denial of service, or remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

8.6CVSS7.8AI score0.00423EPSS
Exploits0References10
ICS
ICS
added 2025/07/31 5:1 p.m.7 views

OPEXUS FOIAXpress Public Access Link (PAL) multiple vulnerabilities

RISK EVALUATION Multiple vulnerabilities could allow unauthenticated attackers to bypass rate-limiting measures for login attempts, or check for the existence of other users. Low-privileged users can modify certain site content without authorization. 2. RECOMMENDED PRACTICES Upgrade to OPEXUS...

7.5CVSS6.6AI score0.00534EPSS
Exploits0References1
ICS
ICS
added 2025/07/31 6:0 a.m.4 views

Rockwell Automation Lifecycle Services with VMware

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to code execution on the host or leakage of memory from processes communicating with vSockets. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

7.8AI score
Exploits0References10
ICS
ICS
added 2025/07/31 6:0 a.m.5 views

Güralp Systems FMUS Series and MIN Series Devices (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS6.8AI score0.01217EPSS
Exploits0References11
ICS
ICS
added 2025/07/29 6:0 a.m.6 views

Samsung HVAC DMS

RISK EVALUATION Successful exploitation of these vulnerabilities can lead to unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

8.1AI score
Exploits0References10
ICS
ICS
added 2025/07/29 6:0 a.m.4 views

National Instruments LabVIEW

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to the execution of arbitrary code on affected installations of LabVIEW, which could result in invalid memory reads. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8AI score
Exploits0References10
ICS
ICS
added 2025/07/29 6:0 a.m.4 views

Delta Electronics DTN Soft

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use a specially crafted project file to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

7.8CVSS7.8AI score0.0026EPSS
Exploits0References10
ICS
ICS
added 2025/07/25 5:0 a.m.17 views

LG Innotek Camera Model LNV5110R

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

8.3CVSS8.2AI score0.00629EPSS
Exploits0References10
ICS
ICS
added 2025/07/24 6:0 a.m.7 views

Network Thermostat X-Series WiFi Thermostats

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

9.8CVSS7AI score0.00463EPSS
Exploits0References10
ICS
ICS
added 2025/07/24 6:0 a.m.21 views

Honeywell Experion PKS (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in information exposure, denial of service, or remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

7.7AI score
Exploits0References10
ICS
ICS
added 2025/07/24 6:0 a.m.13 views

Mitsubishi Electric CNC Series (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious code by getting setup-launcher to load a malicious DLL. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

7.8CVSS7.3AI score0.00503EPSS
Exploits0References9
ICS
ICS
added 2025/07/24 6:0 a.m.5 views

Medtronic MyCareLink Patient Monitor (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to system compromise, unauthorized access to sensitive data, and manipulation of the monitor's functionality. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

6.8CVSS5.7AI score0.00188EPSS
Exploits0References10
ICS
ICS
added 2025/07/23 12:30 a.m.10 views

ABB AC500 V2

SUMMARY ABB became aware of vulnerabilities in AC500 V2 listed as affected in the advisory. An attacker who successfully exploited this vulnerability could access fragments of Modbus telegrams that have been sent earlier by that PLC 2. MITIGATING FACTORS Mitigating factors describe conditions...

6.9CVSS5.8AI score0.00402EPSS
Exploits0References10
ICS
ICS
added 2025/07/22 6:0 a.m.9 views

Schneider Electric EcoStruxure Power Operation (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in the loss of system functionality or unauthorized access to system functions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA...

9.8CVSS8.7AI score0.03399EPSS
Exploits0References12
ICS
ICS
added 2025/07/22 6:0 a.m.6 views

DuraComm DP-10iN-100-MU

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities,...

6.5AI score
Exploits0References10
ICS
ICS
added 2025/07/22 6:0 a.m.11 views

Lantronix Provisioning Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker perform a cross-site scripting attack, which could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

8.6CVSS7.7AI score0.01667EPSS
Exploits2References10
ICS
ICS
added 2025/07/21 12:30 a.m.11 views

ABB Busch-Welcome 2 Wire Door Opener Actuator

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could gain physical, unauthorized access to a Building where the product is installed 2. MITIGATING FACTORS ABB recommends double check...

8.6CVSS5.8AI score0.00192EPSS
Exploits0References11
ICS
ICS
added 2025/07/17 6:0 a.m.93 views

Panoramic Corporation Digital Imaging Software

RISK EVALUATION Successful exploitation of this vulnerability could allow a standard user to obtain NT Authority/SYSTEM privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.8CVSS6.3AI score0.00494EPSS
Exploits1References10
ICS
ICS
added 2025/07/17 6:0 a.m.7 views

Leviton AcquiSuite and Energy Monitoring Hub

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to craft a malicious payload in URL parameters that would get executed in a client browser when accessed by a user, steal session tokens and control the service. 2. RECOMMENDED PRACTICES CISA recommends users...

9.3CVSS6.1AI score0.0033EPSS
Exploits0References10
ICS
ICS
added 2025/07/15 6:0 a.m.8 views

LITEON IC48A and IC80A EV Chargers

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information when accessing the Liteon EV chargers. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.7CVSS6.8AI score0.0036EPSS
Exploits0References10
ICS
ICS
added 2025/07/10 6:0 a.m.6 views

Delta Electronics DTM Soft

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to encrypt files referencing the application in order to extract information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

7.8CVSS7.2AI score0.00203EPSS
Exploits0References10
ICS
ICS
added 2025/07/10 6:0 a.m.8 views

KUNBUS RevPi Webstatus

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to bypass authentication and gain unauthorized access to the application. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

9.8CVSS7.7AI score0.40725EPSS
Exploits2References10
ICS
ICS
added 2025/07/10 6:0 a.m.14 views

Advantech iView

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, achieve remote code execution, or cause service disruptions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

6.1CVSS8.4AI score0.00194EPSS
Exploits0References10
ICS
ICS
added 2025/07/10 6:0 a.m.9 views

End-of-Train and Head-of-Train Remote Linking Protocol (Update C)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train device, causing a sudden stoppage of the train which may lead to a disruption of operations, or induce brake failure. 2. RECOMMENDED PRACTICES CISA...

8.1CVSS9.3AI score0.0053EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 6:0 a.m.12 views

Emerson ValveLink Products

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with access to the system to read sensitive information stored in cleartext, tamper with parameters, and run un-authorized code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

9.4CVSS6.6AI score0.00372EPSS
Exploits0References10
Total number of security vulnerabilities4251