Lucene search
K

4251 matches found

ICS
ICS
added 2025/07/08 4:0 a.m.25 views

Schneider Electric EcoStruxture IT Data Center Expert

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.8AI score
Exploits0References11
ICS
ICS
added 2025/07/08 4:0 a.m.5 views

Schneider Electric System Monitor Application

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.9CVSS7.3AI score0.8383EPSS
Exploits6References12
ICS
ICS
added 2025/07/08 4:0 a.m.8 views

Schneider Electric EcoStruxure

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

5.3CVSS6.8AI score0.00271EPSS
Exploits0References11
ICS
ICS
added 2025/07/08 12:0 a.m.7 views

Siemens SINEC NMS

SUMMARY Siemens SINEC NMS before V4.0 is affected by multiple vulnerabilities which could allow an attacker to elevate privilege and exceute arbitrary code. Siemens has released a new version for SINEC NMS and recommends to update to the latest version. Siemens is preparing further fix versions...

9.2AI score
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.9 views

Siemens SIPROTEC 5

SUMMARY A sensitive data exposure vulnerability in SIPROTEC 5 can allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access. Siemens is preparing fix versions and recommends countermeasures for...

6CVSS7.1AI score0.00277EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.8 views

Siemens SIMATIC CN 4100

SUMMARY A vulnerability in SIMATIC CN 4100 could allow an attacker to cause a denial of service condition. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

7.1CVSS7.7AI score0.00323EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as PAR or CFG format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a...

8AI score
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.8 views

Siemens TIA Project-Server and TIA Portal

SUMMARY A vulnerability in TIA Project Server and TIA Portal could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends...

5.3CVSS7.5AI score0.0027EPSS
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens TIA Administrator

SUMMARY Siemens TIA Administrator before V3.0.6 contains multiple vulnerabilities which could allow an attacker to escalate privilege or exceute arbitrary code during installations. Siemens has released a new version for TIA Administrator and recommends to update to the latest version. 2...

8AI score
Exploits0References10
ICS
ICS
added 2025/07/08 12:0 a.m.6 views

Siemens RUGGEDCOM ROS Devices

SUMMARY Multiple vulnerabilities affect the RUGGEDCOM Operating System ROS. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not,...

6.8AI score
Exploits0References10
ICS
ICS
added 2025/07/03 6:0 a.m.17 views

Mitsubishi Electric MELSOFT Update Manager (Update B)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, disclose information, alter information, or cause a denial-of-service DoS condition. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk...

7.8CVSS7.9AI score0.21985EPSS
Exploits1References9
ICS
ICS
added 2025/07/03 6:0 a.m.5 views

Mitsubishi Electric MELSEC iQ-F Series

RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition for legitimate users for a certain period by repeatedly attempting to log in with incorrect passwords. When the product repeatedly receives unauthorized logins from an attacker, legitimate...

5.3CVSS7AI score0.00373EPSS
Exploits0References10
ICS
ICS
added 2025/07/03 6:0 a.m.6 views

Hitachi Energy MicroSCADA X SYS600

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to tamper with the system file, overwrite files, create a denial-of-service condition, or leak file content. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.3AI score
Exploits0References10
ICS
ICS
added 2025/07/03 12:30 a.m.7 views

ABB RMC-100 (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain unauthenticated access to the MQTT configuration data, cause a denial-of-service condition on the MQTT configuration web server REST interface, or decrypt encrypted MQTT broker credentials. 2...

8.2CVSS6AI score0.00326EPSS
Exploits0References10
ICS
ICS
added 2025/07/02 8:57 p.m.8 views

Versa Networks Versa Director multiple vulnerabilities

RISK EVALUATION Versa Networks Versa Director contains a variety of vulnerabilities. In the most severe cases, a remote, unauthenticated attacker could execute arbitrary code with administrative privileges. 2. RECOMMENDED PRACTICES Upgrade to fixed versions of Versa Director. See...

8.6AI score
Exploits0References5
ICS
ICS
added 2025/07/01 6:0 a.m.9 views

Voltronic Power and PowerShield UPS monitoring software

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker remotely to make configuration changes, resulting in shutting down UPS connected devices or execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...

10AI score
Exploits0References10
ICS
ICS
added 2025/06/26 6:0 a.m.9 views

Mitsubishi Electric Air Conditioning Systems (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to control the air conditioning system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform...

9.8CVSS7.7AI score0.0109EPSS
Exploits0References10
ICS
ICS
added 2025/06/26 5:0 a.m.8 views

TrendMakers Sight Bulb Pro

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to capture sensitive information and execute arbitrary shell commands on the target device as root if connected to the local network segment. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform...

7.6CVSS6.8AI score0.00078EPSS
Exploits0References10
ICS
ICS
added 2025/06/24 12:30 p.m.7 views

Hitachi Energy MSM

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2020-11022 that affects MSM versions as listed below. If an attacker successfully exploits this vulnerability, it could impact the confidentiality, integrity or availability of MSM. Please consult the Recommended Immediate Actions Section...

6.9CVSS7.1AI score0.99019EPSS
Exploits7References9
ICS
ICS
added 2025/06/24 12:30 p.m.6 views

Hitachi Energy Relion 670/650 and SAM600-IO Series (Update A)

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Relion 670/650 and SAM600-IO series IED device versions that are listed in this document. An authenticated attacker successfully exploiting this vulnerability via FTP access can cause the device to reboot due to improper disk...

8.7CVSS6.8AI score0.00316EPSS
Exploits0References9
ICS
ICS
added 2025/06/24 6:0 a.m.7 views

Kaleris Navis N4 Terminal Operating System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely exploit the operating system, achieve remote code execution, or extract sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.6AI score
Exploits0References10
ICS
ICS
added 2025/06/24 6:0 a.m.7 views

Delta Electronics CNCSoft

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code within the context of the current process. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds...

7.3CVSS7.4AI score0.00202EPSS
Exploits0References10
ICS
ICS
added 2025/06/24 6:0 a.m.7 views

Parsons AccuWeather widget

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to insert a malicious link that users might access through the RSS feed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

8.8CVSS6.8AI score0.00346EPSS
Exploits0References10
ICS
ICS
added 2025/06/24 6:0 a.m.5 views

ControlID iDSecure On-premises

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, retrieve information, leak arbitrary data, or perform SQL injections. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

8.4AI score
Exploits0References10
ICS
ICS
added 2025/06/24 6:0 a.m.10 views

MICROSENS NMP Web+

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain system access, overwrite files or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

8.3AI score
Exploits0References10
ICS
ICS
added 2025/06/24 12:0 a.m.8 views

Hitachi Energy Relion 670/650 and SAM600-IO Series

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Relion 670/650 and SAM600-IO series IED device versions that are listed in this document. An authenticated attacker successfully exploiting this vulnerability via FTP access can cause the device to reboot due to improper disk...

7.1CVSS5.7AI score0.00346EPSS
Exploits0References9
ICS
ICS
added 2025/06/20 12:0 a.m.4 views

ClamAV

RISK EVALUATION ClamAV is an open source antivirus maintained by Cisco. A heap-based buffer overflow vulnerability in the PDF scanning process of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service or possibly execute arbitrary code. 2. RECOMMENDED PRACTICES...

9.8CVSS10AI score0.01535EPSS
Exploits0References1
ICS
ICS
added 2025/06/17 6:0 a.m.12 views

Dover Fueling Solutions ProGauge MagLink LX consoles

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker gaining control of the monitoring device, manipulating fueling operations, deleting system configurations, or deploying malware. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

9.8CVSS7.5AI score0.00727EPSS
Exploits0References10
ICS
ICS
added 2025/06/17 6:0 a.m.4 views

LS Electric GMWin 4

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.2AI score
Exploits0References10
ICS
ICS
added 2025/06/17 6:0 a.m.6 views

Fuji Electric Smart Editor

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

8.4CVSS7.7AI score0.00161EPSS
Exploits0References10
ICS
ICS
added 2025/06/12 6:0 a.m.17 views

AVEVA PI Web API

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disable content security policy protections. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

6.5CVSS6.6AI score0.00205EPSS
Exploits0References10
ICS
ICS
added 2025/06/12 6:0 a.m.11 views

PTZOptics and Other Pan-Tilt-Zoom Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leak sensitive data, execute arbitrary commands, and access the admin web interface using hard-coded credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the...

9.1CVSS9.8AI score0.60879EPSS
Exploits1References10
ICS
ICS
added 2025/06/12 6:0 a.m.8 views

AVEVA PI Connector for CygNet

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to persist arbitrary code in the administrative portal of the product or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

5.8AI score
Exploits0References10
ICS
ICS
added 2025/06/12 6:0 a.m.2 views

AVEVA PI Data Archive

RISK EVALUATION Successful exploitation of these vulnerabilities could shut down necessary subsystems and cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.1AI score
Exploits0References10
ICS
ICS
added 2025/06/12 12:0 a.m.8 views

Siemens Mendix Studio Pro

SUMMARY Mendix Studio Pro contains a vulnerability in the module installation process, that could allow an attacker to write or modify arbitrary files in directories outside a developer’s project directory. Siemens has released new versions for several affected products and recommends to update...

6.1CVSS6.6AI score0.00395EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 6:0 a.m.11 views

MicroDicom DICOM Viewer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.8CVSS9.1AI score0.00599EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 5:0 a.m.11 views

SinoTrack GPS Receiver

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access device profiles for which they are not authorized through the common web management interface. Access to the device profile may allow an attacker to perform some remote functions on connected...

8.3CVSS6.8AI score0.00415EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 4:0 a.m.7 views

Schneider Electric EVLink WallBox (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Passwords should include upper case, lower case, number and special characters, a length of 20 characters is ideal. A default Admin password must be changed immediately when first received...

6.9AI score
Exploits0References11
ICS
ICS
added 2025/06/10 4:0 a.m.7 views

Schneider Electric Modicon Controllers (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.1AI score
Exploits0References11
ICS
ICS
added 2025/06/10 12:0 a.m.5 views

Siemens SCALANCE and RUGGEDCOM

SUMMARY Several Industrial Communication Devices based on SINEC OS before V3.2 contain multiple vulnerabilities that could allow an attacker to circumvent authorization checks and perform actions that exceed the permissions of the "guest" role. Siemens has released new versions for the affected...

5.2AI score
Exploits0References10
ICS
ICS
added 2025/06/10 12:0 a.m.4 views

Siemens Tecnomatix Plant Simulation

SUMMARY Siemens Tecnomatix Plant Simulation contains a out-of-bound read vulnerability that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially...

7.8CVSS8AI score0.00152EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 12:0 a.m.11 views

Siemens RUGGEDCOM APE1808

SUMMARY Palo Alto Networks has published 1 information on cross-site scripting vulnerability in PAN-OS. This advisory lists the related Siemens Industrial products affected by this vulnerability. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not,...

5.6AI score
Exploits0References10
ICS
ICS
added 2025/06/10 12:0 a.m.13 views

Siemens Energy Services

SUMMARY Siemens Energy Services previously known as Managed Applications and Services, sell solutions using Elspec G5 Digital Fault Recorder which contains default credentials with admin privileges. A client configuration with remote access could allow an attacker to gain remote control of the...

9.9CVSS9.9AI score0.00326EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 12:0 a.m.8 views

Siemens SCALANCE and RUGGEDCOM

SUMMARY Several Industrial Communication Devices based on SINEC OS before V3.1 contain an incorrect authorization check vulnerability that could allow an attacker to perform actions that exceed the permissions of the "guest" role. Siemens has released new versions for the affected products and...

5.3CVSS5.1AI score0.00317EPSS
Exploits0References10
ICS
ICS
added 2025/06/10 12:0 a.m.17 views

Siemens SIMATIC S7-1500 CPU family

SUMMARY Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP incl. SIPLUS variant. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not...

9.3CVSS7.7AI score0.44963EPSS
Exploits7References10
ICS
ICS
added 2025/06/05 6:0 a.m.7 views

CyberData 011209 SIP Emergency Intercom

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, cause a denial-of-service condition, or achieve code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

8.1AI score
Exploits0References10
ICS
ICS
added 2025/06/03 6:0 a.m.11 views

Mitsubishi Electric MELSEC iQ-F Series

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read confidential information, cause a denial-of-service condition, or stop operations by sending specially crafted packets. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact...

9.1CVSS6.6AI score0.00719EPSS
Exploits0References10
ICS
ICS
added 2025/06/03 6:0 a.m.8 views

Schneider Electric Wiser Home Automation

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Passwords should include upper case, lower case, number and special characters, a length of 20 characters is ideal. A default Admin password must be changed immediately when first received...

9.8CVSS7.3AI score0.00333EPSS
Exploits0References10
ICS
ICS
added 2025/05/29 6:0 a.m.12 views

Instantel Micromate (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the device's configuration port and execute commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

9.8CVSS10AI score0.00808EPSS
Exploits1References10
ICS
ICS
added 2025/05/29 6:0 a.m.15 views

Consilium Safety CS5000 Fire Panel (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain high-level access to and remotely operate the device, potentially putting it into a non-functional state. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk...

9.9AI score
Exploits0References11
Total number of security vulnerabilities4251