Lucene search
K

4251 matches found

ICS
ICS
added 2025/03/18 6:0 a.m.15 views

Rockwell Automation Lifecycle Services with VMware

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with local administrative privileges to execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.9AI score
Exploits0References10
ICS
ICS
added 2025/03/13 6:0 a.m.47 views

Sungrow iSolarCloud Android App, WiNet Firmware

RISK EVALUATION Successful exploitation of these vulnerabilities could result in attackers being able to access and could modify sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

8.5AI score
Exploits0References10
ICS
ICS
added 2025/03/13 6:0 a.m.12 views

Philips Intellispace Cardiovascular (ISCV)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to replay the session of the logged in ISCV user and gain access to patient records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.1AI score
Exploits0References10
ICS
ICS
added 2025/03/13 12:0 a.m.7 views

Siemens Simcenter Femap

SUMMARY Siemens Simcenter Femap is affected by memory corruption vulnerability that could be triggered when the application reads files in .NEU format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to leak information or...

7.8CVSS8AI score0.00187EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 6:0 a.m.29 views

Optigo Networks Visual BACnet Capture Tool / Optigo Visual Networks Capture Tool

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, gain control over the products, or impersonate the web applications. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

8.7CVSS7.4AI score0.00362EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 4:0 a.m.12 views

Schneider Electric EcoStruxure Panel Server

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6CVSS6.9AI score0.00156EPSS
Exploits0References11
ICS
ICS
added 2025/03/11 4:0 a.m.8 views

Schneider Electric EcoStruxure Power Automation System

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS7.5AI score0.00497EPSS
Exploits0References11
ICS
ICS
added 2025/03/11 12:30 a.m.7 views

ABB RMC-100

SUMMARY An update is available that resolves a vulnerability in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could cause the web UI to stop. 2. WORKAROUNDS The vulnerability is only present when the REST interface is enabled...

7.5CVSS6.8AI score0.14663EPSS
Exploits2References10
ICS
ICS
added 2025/03/11 12:0 a.m.28 views

Siemens SCALANCE LPE9403

SUMMARY SCALANCE LPE9403 is affected by multiple vulnerabilities that could allow an attacker to impact its confidentiality, integrity and availability. Siemens has released a new version for SCALANCE LPE9403 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general...

7.3AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.9 views

Siemens SINAMICS S200

SUMMARY A specific range of produced SINAMICS S200 devices contains an unlocked bootloader vulnerability that could allow an attacker to download untrusted firmware that could damage or compromise the device. For delivered products listed below Siemens recommends countermeasures. 2. GENERAL...

9.8CVSS6.7AI score0.00513EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.12 views

Siemens OPC UA

SUMMARY The products listed below contain two authentication bypass vulnerabilities that could allow an attacker to gain access to the data managed by the server. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing...

6.9AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.16 views

Siemens SINEMA Remote Connect Client

SUMMARY SINEMA Remote Connect Client before V3.2 SP3 is affected by multiple vulnerabilities. Siemens has released a new version for SINEMA Remote Connect Client and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

9.4AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.7 views

Siemens SCALANCE M-800 and SC-600 Families

SUMMARY SCALANCE M-800 and SC-600 families are affected by improper input validation in the OpenVPN authentication. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific...

6.3CVSS6.5AI score0.00258EPSS
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.17 views

Siemens SiPass integrated AC5102/ACC-G2 and ACC-AP

SUMMARY SiPass integrated ACC Advanced Central Controller devices contain multiple vulnerabilities that could allow attackers to execute commands on the devices with root privileges and access sensitive data. Siemens has released new versions for the affected products and recommends to update to...

7.5AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.20 views

Siemens SIMATIC S7-1500 TM MFP

SUMMARY Multiple vulnerabilities have been identified in the BIOS of the SIMATIC S7-1500 TM MFP. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...

7.4AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.11 views

Siemens SIMATIC IPC Family, ITP1000, and Field PGs

SUMMARY Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations. Siemens has released new versions of BIOS for several affected products and...

6.5AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.11 views

Siemens Tecnomatix Plant Simulation

SUMMARY Siemens Tecnomatix Plant Simulation do not properly limit the access of the simulation model to the filesystem. This could allow an unauthorized attacker to read or delete arbitrary files or the entire filesystem of the device. Siemens has released new versions for the affected products...

6.6AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.7 views

Siemens SINEMA Remote Connect Server

SUMMARY SINEMA Remote Connect Server before V3.2 SP3 is affected by multiple vulnerabilities. Siemens has released a new version for SINEMA Remote Connect Server and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends...

9.5AI score
Exploits0References10
ICS
ICS
added 2025/03/11 12:0 a.m.52 views

Siemens Teamcenter Visualization and Tecnomatix

SUMMARY Siemens Teamcenter Visualization and Tecnomatrix Plant Simulation contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the...

7.1AI score
Exploits0References10
ICS
ICS
added 2025/03/04 7:0 a.m.9 views

GMOD Apollo

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, bypass authentication, upload malicious files, or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.1CVSS7.8AI score0.00256EPSS
Exploits0References10
ICS
ICS
added 2025/03/04 7:0 a.m.13 views

Keysight Ixia Vision Product Family (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these...

10AI score
Exploits0References13
ICS
ICS
added 2025/03/04 7:0 a.m.24 views

Edimax IC-7100 IP Camera

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send specially crafted requests to achieve remote code execution on the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS8AI score0.7227EPSS
Exploits2References10
ICS
ICS
added 2025/03/04 7:0 a.m.11 views

Delta Electronics CNCSoft-G2

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code remotely. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

8.4CVSS7.1AI score0.00266EPSS
Exploits0References10
ICS
ICS
added 2025/03/04 7:0 a.m.23 views

Carrier Block Load

RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious actor to execute arbitrary code with escalated privileges . 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

7.8CVSS8AI score0.00356EPSS
Exploits0References10
ICS
ICS
added 2025/02/27 7:0 a.m.23 views

Schneider Electric communication modules for Modicon M580 and Quantum controllers (Update B)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS9.1AI score0.01789EPSS
Exploits0References10
ICS
ICS
added 2025/02/27 7:0 a.m.68 views

Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to expose information, inject code, manipulate data, or achieve cross-site scripting XSS, resulting in full session compromise. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

7AI score
Exploits0References10
ICS
ICS
added 2025/02/25 1:30 p.m.35 views

Hitachi Energy Service Suite

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities related to open-source Apache Tomcat components that affect the Service Suite product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability...

7.5AI score
Exploits0References9
ICS
ICS
added 2025/02/25 1:30 p.m.27 views

Hitachi Energy PCU400

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities related to various versions of OpenSSL library components used in PCU400 versions listed in this document below for IEC62351-3 secure for IEC104/DNP3 or PCULogger tool. These vulnerabilities if exploited, can cause confidentiality...

8.2AI score
Exploits0References9
ICS
ICS
added 2025/02/25 1:30 p.m.22 views

Hitachi Energy MACH GWS products

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the MACH GWS product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability impacts. Please refer to the Recommended Immediate...

6.7AI score
Exploits0References9
ICS
ICS
added 2025/02/25 1:30 p.m.23 views

Hitachi Energy MACH PS700

SUMMARY Hitachi Energy is aware of a vulnerability in third party component Intel Chipset Device Software, that affects MACH PS700 v2 product versions listed in this document. Authenticated malicious clients successfully exploiting this vulnerability could escalate the privilege to cause...

7.8CVSS7.7AI score0.00191EPSS
Exploits0References9
ICS
ICS
added 2025/02/25 7:0 a.m.7 views

Rockwell Automation PowerFlex 755

RISK EVALUATION Successful exploitation of this vulnerability could result in exposure of sensitive data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

8.7CVSS6.9AI score0.00265EPSS
Exploits0References10
ICS
ICS
added 2025/02/20 7:0 a.m.28 views

Carrier Block Load

RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious actor to execute arbitrary code with escalated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

7.8CVSS8AI score0.00356EPSS
Exploits0References10
ICS
ICS
added 2025/02/20 7:0 a.m.11 views

Rapid Response Monitoring My Security Account App

RISK EVALUATION Successful exploitation of this vulnerability could allow attacker to access sensitive information of other users. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

8.7CVSS7.6AI score0.0033EPSS
Exploits0References10
ICS
ICS
added 2025/02/20 7:0 a.m.18 views

Medixant RadiAnt DICOM Viewer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform a machine-in-the-middle attack MITM, resulting in malicious updates being delivered to the user. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

5.7CVSS5.8AI score0.00133EPSS
Exploits0References10
ICS
ICS
added 2025/02/18 7:0 a.m.10 views

Elseta Vinci Protocol Analyzer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges and perform code execution on the affected system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

9.9CVSS10AI score0.01325EPSS
Exploits0References10
ICS
ICS
added 2025/02/17 12:0 a.m.12 views

Siemens SiPass Integrated

SUMMARY SiPass integrated is affected by a directory traversal vulnerability in the third-party component DotNetZip. The vulnerability could allow an attacker to execute arbitrary code on the application server, if a specially crafted backup set is used for a restore. Siemens has released a new...

9.8CVSS7.8AI score0.02061EPSS
Exploits0References10
ICS
ICS
added 2025/02/13 7:0 a.m.10 views

Dingtian DT-R0 Series

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify the device settings and gain administrator access. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

9.8CVSS7.3AI score0.0057EPSS
Exploits0References10
ICS
ICS
added 2025/02/13 7:0 a.m.11 views

ORing IAP-420

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to invoke commands to compromise the device via the management interface. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these...

8.3CVSS7.2AI score0.13165EPSS
Exploits3References10
ICS
ICS
added 2025/02/13 7:0 a.m.13 views

Outback Power Mojave Inverter

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data or inject commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Disable un-used...

8.7CVSS7.2AI score0.00446EPSS
Exploits0References10
ICS
ICS
added 2025/02/13 7:0 a.m.12 views

mySCADA myPRO Manager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary OS commands, upload files, and obtain sensitive information without providing associated credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

9.8CVSS8.4AI score0.01626EPSS
Exploits0References10
ICS
ICS
added 2025/02/13 7:0 a.m.18 views

Qardio Heart Health IOS and Android Application and QardioARM A100

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive information, cause a denial-of-service condition, and obtain firmware files. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

6.6CVSS6.9AI score0.00233EPSS
Exploits0References10
ICS
ICS
added 2025/02/12 7:44 p.m.18 views

Ivanti Connect Secure and Ivanti Policy Secure external file control vulnerability

RISK EVALUATION Ivanti Connect Secure and Ivanti Policy Secure contain a vulnerability that allows a remote, authenticated attacker to write arbitrary files. These vulnerabilities are addressed in Ivanti Connect Secure version 22.7R2.6 and Ivanti Policy Secure version 22.7R1.3. 2. RECOMMENDED...

9.1CVSS7.2AI score0.01259EPSS
Exploits0References1
ICS
ICS
added 2025/02/11 6:0 a.m.7 views

Schneider Electric Enerlin’X IFE and eIFE

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7AI score
Exploits0References11
ICS
ICS
added 2025/02/11 6:0 a.m.13 views

Schneider Electric EcoStruxure (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.5CVSS5.9AI score0.00162EPSS
Exploits0References11
ICS
ICS
added 2025/02/11 6:0 a.m.12 views

Schneider Electric ASCO 5310/5350 Remote Annunciator

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

7.4AI score
Exploits0References11
ICS
ICS
added 2025/02/11 5:0 a.m.15 views

Schneider Electric Uni-Telway Driver (Update D)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.8CVSS5.6AI score0.00149EPSS
Exploits0References11
ICS
ICS
added 2025/02/11 12:0 a.m.16 views

Siemens SCALANCE W700 IEEE 802.11ax

SUMMARY SCALANCE W-700 IEEE 802.11ax family devices are affected by multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

5.3CVSS9.6AI score0.02577EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.11 views

Siemens SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor

SUMMARY SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor contain a weak registry permission vulnerability that could allow an authenticated attacker to perform privilege escalation or bypass security measures. Siemens recommends specific countermeasures for products where fixes are not, or not...

7.3CVSS7.2AI score0.00146EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.7 views

Siemens Questa and ModelSim

SUMMARY Questa and ModelSim incl. OEM Editions are affected by a vulnerability that could allow a local attacker to inject arbitrary code and escalate privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL...

7.8CVSS7.3AI score0.00152EPSS
Exploits0References10
ICS
ICS
added 2025/02/11 12:0 a.m.5 views

Siemens Apogee PXC100 Devices

SUMMARY Apogee PXC and Talon TC contain a vulnerability that could allow an attacker to perform a denial of service using a out-of-bounds read forcing the device to enter a cold state and a vulnerability that would allow an attacker to decrypt the passwords of the device. Siemens recommends...

7.4AI score
Exploits0References10
Total number of security vulnerabilities4251