Lucene search
K

4251 matches found

ICS
ICS
added 2025/01/07 7:0 a.m.7 views

Nedap Librix Ecoreader

RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

8.8CVSS8AI score0.00504EPSS
Exploits0References10
ICS
ICS
added 2024/12/19 7:0 a.m.7 views

Ossur Mobile Logic Application

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker unauthorized access to sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

5.6CVSS7.2AI score0.00188EPSS
Exploits0References10
ICS
ICS
added 2024/12/19 7:0 a.m.7 views

Delta Electronics DTM Soft

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

8.5CVSS7.5AI score0.00333EPSS
Exploits0References10
ICS
ICS
added 2024/12/19 7:0 a.m.12 views

Schneider Electric Modicon Controllers (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.1CVSS6AI score0.00259EPSS
Exploits0References13
ICS
ICS
added 2024/12/19 7:0 a.m.6 views

Tibbo AggreGate Network Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve code execution on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

8.8CVSS7.6AI score0.00575EPSS
Exploits0References10
ICS
ICS
added 2024/12/19 7:0 a.m.25 views

Hitachi Energy RTU500 series CMU

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform...

7.5CVSS7.1AI score0.00669EPSS
Exploits0References10
ICS
ICS
added 2024/12/17 7:0 a.m.7 views

BD Diagnostic Solutions Products (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use default credentials to access, modify, or delete sensitive data, which could impact the availability of the system or cause a system shutdown. 2. RECOMMENDED PRACTICES CISA recommends users take...

8CVSS6.8AI score0.00237EPSS
Exploits0References10
ICS
ICS
added 2024/12/17 7:0 a.m.9 views

Rockwell Automation PowerMonitor 1000 Remote

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform edit operations, create admin users, perform factory reset, execute arbitrary code, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures...

8.6AI score
Exploits0References10
ICS
ICS
added 2024/12/17 7:0 a.m.6 views

Hitachi Energy TropOS Devices Series 1400/2400/6400

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

5CVSS7.1AI score0.97549EPSS
Exploits23References10
ICS
ICS
added 2024/12/17 7:0 a.m.7 views

ThreatQuotient ThreatQ Platform

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

8.8CVSS7.9AI score0.00706EPSS
Exploits0References10
ICS
ICS
added 2024/12/16 12:0 a.m.13 views

Siemens User Management Component

SUMMARY Siemens User Management Component UMC is affected by a heap-based buffer overflow vulnerability which could allow an unauthenticated remote attacker arbitrary code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions...

9.8CVSS8.4AI score0.01521EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 7:0 a.m.15 views

Rockwell Automation Arena (Update C)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all control...

6.5AI score
Exploits0References13
ICS
ICS
added 2024/12/10 7:0 a.m.19 views

National Instruments LabVIEW

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.4AI score
Exploits0References10
ICS
ICS
added 2024/12/10 7:0 a.m.12 views

MOBATIME Network Master Clock - DTS 4801

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take control of the operating system for this product. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

9.8CVSS7.3AI score0.00432EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 7:0 a.m.14 views

Horner Automation Cscape

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

8.5CVSS7.8AI score0.00189EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 5:0 a.m.6 views

Schneider Electric Modicon

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

9.8CVSS6.5AI score0.00641EPSS
Exploits0References11
ICS
ICS
added 2024/12/10 12:0 a.m.5 views

Siemens SENTRON Powercenter 1000

SUMMARY SENTRON Powercenter devices are affected by a denial of service vulnerability that can be triggered during BLE Bluetooth Low Energy pairing. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL...

6.5CVSS6.7AI score0.00189EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.34 views

Siemens Engineering Platforms

SUMMARY Affected products contain a local arbitrary code execution vulnerability that could allow an attacker to perform actions against the operation system of that environment. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet...

7.3CVSS7.8AI score0.00179EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.10 views

Siemens CPCI85 Central Processing/Communication 

SUMMARY The SICAM A8000 CP-8031 and CP-8050 devices are affected by a vulnerability that could allow an attacker with physical access to the device to decrypt the firmware. Siemens has released new firmware and hardware versions for the affected products and recommends to update to the latest...

5.1CVSS7.1AI score0.00292EPSS
Exploits1References10
ICS
ICS
added 2024/12/10 12:0 a.m.8 views

Schneider Electric Harmony HMI and Pro-Face HMI Products

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

8.8CVSS7AI score0.00636EPSS
Exploits0References11
ICS
ICS
added 2024/12/10 12:0 a.m.12 views

Schneider Electric PowerChute Serial Shutdown

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.3CVSS6.8AI score0.00978EPSS
Exploits0References11
ICS
ICS
added 2024/12/10 12:0 a.m.13 views

Siemens Teamcenter Visualization 

SUMMARY Siemens Teamcenter Visualization contains multiple file parsing vulnerabilities that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially...

8.3AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.9 views

Siemens COMOS 

SUMMARY COMOS is affected by XXE injection vulnerabilities that could allow an attacker to extract arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for...

7.3AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.5 views

Siemens Simcenter Femap

SUMMARY Simcenter Femap contains multiple memory corruption vulnerabilities that could be triggered when the application reads files in BDF file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead...

8.2AI score
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.6 views

Siemens Siemens Engineering Platforms

SUMMARY Affected products do not properly sanitize user-controllable input when parsing files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens is preparing fix versions and recommends countermeasures for products where...

8.4CVSS8AI score0.00218EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.9 views

Siemens Parasolid

SUMMARY Parasolid is affected by out of bounds write vulnerability that could be triggered when the application reads files in PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker could perform remote code execution in the context of the current...

7.8CVSS7.8AI score0.00176EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.5 views

Siemens RUGGEDCOM ROX II 

SUMMARY The CLI feature in the web interface of RUGGEDCOM ROX II devices is vulnerable to cross-site request forgery CSRF, which could allow an attacker to perform administrative actions if an authenticated user is tricked into accessing a malicious link. Siemens has released new versions for...

8.8CVSS6.9AI score0.00204EPSS
Exploits0References10
ICS
ICS
added 2024/12/10 12:0 a.m.10 views

Siemens Solid Edge SE2024

SUMMARY Siemens Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads malicious PAR or ASM files. If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially lead to...

7.9AI score
Exploits0References10
ICS
ICS
added 2024/12/05 7:0 a.m.10 views

Planet Technology Planet WGS-804HPT

RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all control system...

8.6AI score
Exploits0References10
ICS
ICS
added 2024/12/05 7:0 a.m.20 views

AutomationDirect C-More EA9 Programming Software

RISK EVALUATION Successful exploitation of these vulnerabilities could result in memory corruption; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

7.8CVSS8.7AI score0.00307EPSS
Exploits0References10
ICS
ICS
added 2024/12/03 11:0 a.m.9 views

FESTO CODESYS

GENERAL RECOMMENDATION As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside - Use...

7.3AI score
Exploits0References12
ICS
ICS
added 2024/12/03 7:0 a.m.9 views

Fuji Electric Tellus Lite V-Simulator (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

8.1AI score
Exploits0References10
ICS
ICS
added 2024/12/03 7:0 a.m.11 views

Fuji Electric Monitouch V-SFT (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

8AI score
Exploits0References10
ICS
ICS
added 2024/12/03 7:0 a.m.15 views

Open Automation Software

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker executing code with escalated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to...

8.5CVSS6.9AI score0.00152EPSS
Exploits0References10
ICS
ICS
added 2024/12/03 7:0 a.m.21 views

Ruijie Reyee OS (Update A)

RISK EVALUATION Successful exploitation of this vulnerabilities could allow attackers to take near full control over the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.3AI score
Exploits0References10
ICS
ICS
added 2024/12/03 12:0 a.m.7 views

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact...

7.5AI score
Exploits0References8
ICS
ICS
added 2024/11/26 6:15 p.m.9 views

Valor Apps Easy Folder Listing Pro Joomla! extension deserialization vulnerability

RISK EVALUATION Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows any external user can gain console access to vulnerable web servers that could potentially lead to total compromise of the web server, potential privilege escalation, and initial access into...

9.8CVSS8AI score0.00975EPSS
Exploits0References1
ICS
ICS
added 2024/11/22 12:0 a.m.18 views

Siemens RUGGEDCOM APE1808

SUMMARY Palo Alto Networks has published 1 information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet...

7.2CVSS8.6AI score0.94766EPSS
Exploits14References10
ICS
ICS
added 2024/11/21 7:0 a.m.6 views

mySCADA myPRO Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands or disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

8.2AI score
Exploits0References10
ICS
ICS
added 2024/11/21 7:0 a.m.9 views

OSCAT Basic Library

RISK EVALUATION Successful exploitation of this vulnerability allows an local, unprivileged attacker to access limited internal data of the PLC, which may lead to a crash of the affected service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

4.4CVSS6.6AI score0.00189EPSS
Exploits0References10
ICS
ICS
added 2024/11/21 7:0 a.m.10 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary commands on the server hosting WebCTRL or redirect legitimate users to malicious sites. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

8.1AI score
Exploits0References10
ICS
ICS
added 2024/11/20 6:33 p.m.8 views

Versa Networks Versa Director insecure default PostgreSQL configuration

RISK EVALUATION Versa Networks Versa Director, by default, configures PostgreSQL to listen on all network interfaces using database credentials shared by multiple installations. From Advising Vulnerability In Versa Director: "This combination allows an unauthenticated attacker to access and...

10CVSS7AI score0.00557EPSS
Exploits0References1
ICS
ICS
added 2024/11/19 12:0 a.m.13 views

Mitsubishi Electric MELSEC iQ-F Series (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition in Ethernet communication on the module. A system reset of the module is required for recovery. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

7.5CVSS5.8AI score0.00656EPSS
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.11 views

Rockwell Automation Verve Reporting (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could lead to arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

9.1CVSS8.1AI score0.01648EPSS
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.11 views

Baxter Life2000 Ventilation System

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to information disclosure and/or disruption of the device's function without detection. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying...

7.5AI score
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.8 views

Rockwell Automation Arena Input Analyzer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code on the program. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

7.3CVSS7.8AI score0.00249EPSS
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.6 views

Rockwell Automation FactoryTalk Updater (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an authentication bypass, remote code execution, and/or a local privilege escalation 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.3AI score
Exploits0References10
ICS
ICS
added 2024/11/14 7:0 a.m.9 views

2N Access Commander (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate their privileges, execute arbitrary code, or gain root access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

8.5AI score
Exploits0References10
ICS
ICS
added 2024/11/13 8:32 p.m.10 views

Ivanti Connect Secure and Ivanti Policy Secure Multiple Vulnerabilities

RISK EVALUATION Ivanti Connect Secure and Ivanti Policy Secure contain multiple vulnerabilities that allow a remote, authenticated attacker to execute arbitrary code. All of the vulnerabilities except for CVE-2024-39709 require the attacker to be authenticated with administrative privileges to...

7.8CVSS7.7AI score0.00298EPSS
Exploits0References1
ICS
ICS
added 2024/11/12 7:0 a.m.22 views

Hitachi Energy TRO600

RISK EVALUATION Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensive...

7.2CVSS7.7AI score0.01561EPSS
Exploits0References10
Total number of security vulnerabilities4251