Lucene search
K

4251 matches found

ICS
ICS
added 2026/06/10 12:30 a.m.9 views

ABB Freelance Security Lock

SUMMARY ABB is aware of a vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the product to stop or make the product inaccessible. 2. FREQUENTLY ASKED QUESTIONS What causes the vulnerability? - The...

7.1CVSS5.8AI score0.00116EPSS
Exploits0References15
ICS
ICS
added 2026/06/09 7:0 a.m.5 views

Schneider Electric EcoStruxure IT Data Center Expert

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

7.1CVSS6.7AI score0.00233EPSS
Exploits0References11
ICS
ICS
added 2026/06/09 7:0 a.m.5 views

Schneider Electric EasyLogic T150 and Saitel DP RTU

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

8.7CVSS6.5AI score0.00247EPSS
Exploits0References11
ICS
ICS
added 2026/06/09 7:0 a.m.18 views

Schneider Electric PowerLogic P7

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.3AI score
Exploits0References11
ICS
ICS
added 2026/06/09 12:0 a.m.13 views

Siemens SINEC INS

SUMMARY SINEC INS before V1.0 SP2 Update 6 is affected by multiple vulnerabilities. Siemens has released a new version for SINEC INS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network access to...

6.3AI score
Exploits0References10
ICS
ICS
added 2026/06/09 12:0 a.m.9 views

Siemens WinCC Certificate Manager

SUMMARY WinCC Certificate Manager insufficiently protects key material that could allow an attacker to extract sensitive information. Siemens has released a new version for SIMATIC WinCC Unified PC Runtime V21 and recommends to update to the latest version. Siemens recommends specific...

8.2CVSS5.9AI score0.00057EPSS
Exploits0References10
ICS
ICS
added 2026/06/09 12:0 a.m.10 views

Siemens Products using OpenSSL

SUMMARY OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service DoS or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest...

9.8CVSS6.6AI score0.47621EPSS
Exploits7References10
ICS
ICS
added 2026/06/09 12:0 a.m.7 views

Siemens SIPROTEC 5 Using DIGSI5 Protocol

SUMMARY SIPROTEC 5 is vulnerable to arbitrary file uploads by authenticated users using the DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, potentially causing a permanent denial of service condition. As a mitigation measure, users of the CP050 and CP150...

6.9CVSS6.2AI score0.00186EPSS
Exploits0References10
ICS
ICS
added 2026/06/04 2:10 p.m.13 views

SQLite sqldiff remote code execution via argument injection

RISK EVALUATION An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being misinterpreted as command line options. 2. RECOMMENDED PRACTICES Fixed on 2025-12-26. 3. DESCRIPTION SQLite 'sqldiff.exe'...

9.8CVSS5.6AI score0.00384EPSS
Exploits0References1
ICS
ICS
added 2026/06/04 6:0 a.m.14 views

NAVTOR NavBox

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a local attacker to gain unauthorized access to SOAP methods, resulting in a disruption of operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

6.3CVSS5.3AI score0.00122EPSS
Exploits0References13
ICS
ICS
added 2026/06/02 12:0 a.m.14 views

Siemens SINEC OS

SUMMARY SINEC OS before V4.0 contains multiple vulnerabilities. Siemens has released a new version for RUGGEDCOM RST2428P and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network access to devices...

6.2AI score
Exploits0References10
ICS
ICS
added 2026/06/01 7:57 p.m.14 views

DeepAI.org CSRF

RISK EVALUATION The DeepAI.org endpoint https://api.deepai.org/changeuseremail accepts POST requests without any CSRF protection. If a logged-in user is tricked into visiting a malicious HTML page, an attacker can change the user's email address to their own and take over the account via...

5CVSS5.8AI score0.00107EPSS
Exploits0References1
ICS
ICS
added 2026/05/28 6:0 a.m.23 views

Fourth Frontier Frontier X Mobile Application, Frontier X2

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to read and write arbitrary handle values and change clinical readings, which could result in taking control of the device and lead to patient harm. 2. RECOMMENDED PRACTICES CISA recommends users take...

8.8CVSS5.9AI score0.0028EPSS
Exploits0References11
ICS
ICS
added 2026/05/28 6:0 a.m.20 views

CP Plus 8 Ch. Network Video Recorder

ADVISORY SUMMARY Successful exploitation of this vulnerability allows an attacker's malicious script to execute in the browser of any authenticated user or administrator who accesses the affected interface. This could lead to compromise of user sessions, execution of unauthorized actions with...

8.4CVSS5.9AI score0.00373EPSS
Exploits0References13
ICS
ICS
added 2026/05/28 6:0 a.m.32 views

Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter

ADVISORY SUMMARY Successful exploitation of this vulnerability could result in an attacker gaining administrator access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

9.8CVSS5.8AI score0.00415EPSS
Exploits0References11
ICS
ICS
added 2026/05/28 6:0 a.m.21 views

MacGregor Voyage Data Recorder (VDR) G4e

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could result in an attacker gaining administrator access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References11
ICS
ICS
added 2026/05/28 6:0 a.m.19 views

KMW CCTV Security Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

9.1CVSS5.8AI score0.00624EPSS
Exploits0References13
ICS
ICS
added 2026/05/28 6:0 a.m.19 views

XCharge C6

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to gain administrator rights or execute code on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

6.3AI score
Exploits0References13
ICS
ICS
added 2026/05/26 6:0 a.m.17 views

Eppendorf BioFlo 320

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to gain full access to functionality and data with the bioreactor. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References13
ICS
ICS
added 2026/05/26 12:30 a.m.12 views

B&R PPT30 Operating System

SUMMARY B&R is aware of a vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploits this vulnerability could make the OPC-UA server of the product inaccessible. 2. FREQUENTLY ASKED QUESTIONS What causes the vulnerability? - The vulnerability...

8.7CVSS5.7AI score0.00322EPSS
Exploits0References11
ICS
ICS
added 2026/05/26 12:0 a.m.28 views

Hitachi Energy MACH HiDraw

SUMMARY Hitachi Energy is aware of a buffer overflow vulnerability that affects MACH HiDraw product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages denial of service and...

4.4CVSS6.3AI score0.00103EPSS
Exploits0References10
ICS
ICS
added 2026/05/26 12:0 a.m.34 views

Hitachi Energy RTU500

SUMMARY Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. If exploited, these vulnerabilities primarily impact product availability, with potential secondary impacts on confidentiality and integrity. Please refer to the Recommended Immediate...

6.2AI score
Exploits0References10
ICS
ICS
added 2026/05/26 12:0 a.m.24 views

Hitachi Energy ITT600 Explorer

SUMMARY Hitachi Energy is aware of vulnerabilities that affect ITT600 Explorer product versions listed in this document. These vulnerabilities can be exploited to carry out Denial of Service DoS attack on the product. The vulnerabilities only affect Hitachi Energy Integrated Testing Tool ITT600...

5.5AI score
Exploits0References10
ICS
ICS
added 2026/05/19 1:33 p.m.16 views

Tyler Technologies Tyler Identity Default Administrative Credentials

RISK EVALUATION Tyler Identity provider TID-L uses a documented, default administrative IDP credential. Users are not required to change the credentials before deployment. 2. RECOMMENDED PRACTICES Change default passwords. TID-L has not been distributed since December 2020, and has not been...

9.8CVSS5.8AI score0.00477EPSS
Exploits0References1
ICS
ICS
added 2026/05/19 1:27 p.m.14 views

Technitium DNS Amplification

RISK EVALUATION Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. 2. RECOMMENDED PRACTICES Fixed in version 15.0. 3. DESCRIPTION Technitium...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References1
ICS
ICS
added 2026/05/19 6:0 a.m.26 views

ScadaBR

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

6.3AI score
Exploits0References13
ICS
ICS
added 2026/05/19 6:0 a.m.18 views

Kieback & Peter DDC Building Controllers

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

5.3CVSS5.6AI score0.00271EPSS
Exploits0References13
ICS
ICS
added 2026/05/19 4:0 a.m.19 views

ZKTeco CCTV Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.1CVSS5.8AI score0.00507EPSS
Exploits0References11
ICS
ICS
added 2026/05/14 6:0 a.m.9 views

Universal Robots Polyscope 5

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for...

9.8CVSS5.9AI score0.01829EPSS
Exploits0References13
ICS
ICS
added 2026/05/12 7:0 a.m.52 views

Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

8.7CVSS5.4AI score0.00312EPSS
Exploits0References11
ICS
ICS
added 2026/05/12 7:0 a.m.15 views

Schneider Electric EcoStruxure Panel Server

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

8.2CVSS5.6AI score0.00291EPSS
Exploits0References11
ICS
ICS
added 2026/05/12 7:0 a.m.15 views

Schneider Electric EasyLogic T150 and Saitel DP

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

7.1CVSS5.5AI score0.00303EPSS
Exploits0References11
ICS
ICS
added 2026/05/12 7:0 a.m.33 views

Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

7.5CVSS5.9AI score0.00125EPSS
Exploits0References11
ICS
ICS
added 2026/05/12 6:0 a.m.14 views

Fuji Electric Tellus

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to elevate privileges from user to system, which may then enable the attacker to cause a temporary denial of service, open files, or delete files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

7.8CVSS5.7AI score0.00146EPSS
Exploits0References12
ICS
ICS
added 2026/05/12 6:0 a.m.22 views

Subnet Solutions PowerSYSTEM Center

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an authenticated attacker to expose sensitive information or cause a CRLF injection. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

5.8AI score
Exploits0References13
ICS
ICS
added 2026/05/12 12:0 a.m.10 views

Siemens RUGGEDCOM APE1808 Devices

SUMMARY A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted...

6.6AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.12 views

Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox before v2.17.1 contain multiple third-party vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...

5.5CVSS7.7AI score0.00439EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.12 views

Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox contains an input validation vulnerability in the feature key installation process that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected...

7.7CVSS8AI score0.00442EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens SIMATIC

SUMMARY SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general...

6.7AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.13 views

Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox contains an improper access control vulnerability that could allow an authenticated remote attacker to read arbitrary files with root privileges from the underlying operating system's filesystem. Siemens has released new versions for the affected products and recommends to...

6.8CVSS7.4AI score0.00286EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.12 views

Siemens KACO Blueplanet Inverters

SUMMARY KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the devices serial number and misuse them to gain unauthorized access. KACO new energy GmbH has released new versions for several affected products and recommends to...

5.6AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.12 views

Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox contains an input validation vulnerability in the Scheduler functionality that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected products and...

9.1CVSS7.5AI score0.00543EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.12 views

Siemens Siemens ROS#

SUMMARY ROS contains a ROS service fileserver, that before version 2.2.2 contains a path traversal vulnerability which could allow an attacker to access, i.e. read and write, arbitrary files, which are accessible with the user rights of the user that runs the service, on the system that hosts...

9.3CVSS7.4AI score0.00487EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.23 views

Siemens gWAP

SUMMARY Siemens gPROMS Web Applications Publisher gWAP is affected by a remote code execution vulnerability introduced through a third-party component, namely the Axios HTTP client library. The vulnerability stems from a specific "Gadget" attack chain that allows prototype pollution in other...

9CVSS7.7AI score0.01815EPSS
Exploits5References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens SIMATIC S7 PLC Web Server

SUMMARY SIMATIC S7 PLCs contain multiple vulnerabilities in the web server that could allow an attacker to perform cross-site scripting attacks. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix...

5.8AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.15 views

Siemens SENTRON 7KT PAC1261 Data Manager

SUMMARY The web server in SENTRON 7KT PAC1261 Data Manager Before V2.1.0 contains a request smuggling vulnerability in the Go Project's net/http package that could allow an attacker to retrieve authorization tokens that can be used to gain administrative control over the device. Siemens has...

9.1CVSS6.7AI score0.00778EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.33 views

Siemens SIPROTEC 5

SUMMARY The SIPROTEC 5 devices do not use sufficiently random numbers to generate session identifiers. This could facilitate a brute-force attack against a valid session identifier which could allow an unauthenticated remote attacker to hijack a valid user session. The affected session...

6.9CVSS7.2AI score0.00306EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.27 views

Siemens SIMATIC

SUMMARY SIMATIC HMI Unified Comfort Panels before V21.0 are affected by a vulnerability that allows an unauthenticated attacker to access the web browser via the help link. This vulnerability allows an attacker to access the web browser through the Control Panel if it is not protected by the...

7.7CVSS7.3AI score0.00113EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.12 views

Siemens Industrial Devices

SUMMARY Multiple industrial devices contain a vulnerability that could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and...

8.7CVSS7.3AI score0.00324EPSS
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.13 views

Siemens Simcenter Femap

SUMMARY Simcenter Femap is affected by heap based buffer overflow vulnerability in Datakit library that could be triggered when the application reads files in IPT format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to...

7.9AI score
Exploits0References10
Total number of security vulnerabilities4251