NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency NSA and Cybersecurity and Infrastructure Security Agency CISA are releasing this joint cybersecurity advisory CSA to highlight the most common cybersecurity...

Qognify NiceVision

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Qognify Equipment : NiceVision Vulnerability : Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve sensitive...

Hitachi Energy AFS65x,AFF66x, AFS67x, and AFR67x Series Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : AFS65x, AFF66x, AFS67x, AFR67x Series Vulnerabilities : Incorrect Calculation, Integer Overflow or Wraparound, Improper Encoding or Escaping of Output, Exposure of...

Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : CC-Link IE TSN Industrial Managed Switch Vulnerabilities : Observable Timing Discrepancy, Double Free 2. RISK EVALUATION Successful exploitation of these...

Rockwell Automation PanelView 800

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : PanelView 800 Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose...

People's Republic of China-Linked Cyber Actors Hide in Router Firmware

Executive Summary The United States National Security Agency NSA, the U.S. Federal Bureau of Investigation FBI, the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Japan National Police Agency NPA, and the Japan National Center of Incident Readiness and Strategy for Cybersecurity...

Suprema BioStar 2

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Suprema Inc. Equipment : BioStar 2 Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

DEXMA DexGate

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : DEXMA Equipment : DEXGate Vulnerabilities : Cross-Site Scripting, Cross-Site Request Forgery, Improper Authentication, Cleartext Transmission of Sensitive Information, Exposure of Sensitive...

Hitachi Energy Asset Suite 9

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : Asset Suite 9 Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to enter...

Baker Hughes Bently Nevada 3500

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Baker Hughes - Bently Nevada Equipment : Bently Nevada 3500 System Vulnerabilities : Exposure of Sensitive Information to an Unauthorized Actor, Cleartext Transmission of Sensitive...

Mitsubishi Electric FA Engineering Software (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to...

Advantech EKI-1524-CE series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Advantech Equipment : EKI-1524-CE, EKI-1522-CE, EKI-1521-CE Vulnerabilities : Cross-Site Scripting 2. RISK EVALUATION Successful exploitation of these...

Rockwell Automation Select Logix Communication Modules

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR,...

Rockwell Automation Connected Components Workbench

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : Rockwell Automation Equipment : Connected Components Workbench Vulnerabilities : Use After Free, Out-of-bounds Write 2. RISK...

Rockwell Automation FactoryTalk View Machine Edition

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View Machine Edition Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Delta Electronics DIAScreen

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : DIAScreen Vulnerability : Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Real Time Automation 460 Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Real Time Automation Equipment : 460MCBS Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

#StopRansomware: Snatch Ransomware

Actions to take today to mitigate malicious cyber activity: 1. Secure and closely monitor Remote Desktop Protocol RDP. 2. Maintain offline backups of data. 3. Enable and enforce phishing-resistant multifactor authentication MFA...

Omron CJ/CS/CP Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Omron Equipment : Sysmac CJ/CS/CP Series Vulnerability : Improper Control of Interaction Frequency 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Omron Engineering Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION : Low attack complexity Vendor : Omron Equipment : Sysmac Studio Vulnerability : Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS...

Omron Engineering Software Zip-Slip

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION : Low attack complexity Vendor : Omron Equipment : Sysmac Studio, NX-IO Configurator Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to overwrite files on a system. 3...

Rockwell Automation Pavilion8

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion8 Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve other...

Siemens Spectrum Power 7

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC PCS neo Administration Console

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Hitachi Energy Lumada APM Edge

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : Lumada Asset Performance Management APM Edge Vulnerabilities : Use After Free, Double Free, Type Confusion, Observable Discrepancy 2. RISK EVALUATION Successful...

Fujitsu Software Infrastructure Manager

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Low attack complexity Vendor: Fujitsu Software Equipment: Infrastructure Manager Vulnerability: Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker retrieving...

Siemans QMS Automotive

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC, SIPLUS Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC IPCs

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens RUGGEDCOM APE1808 Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Parasolid

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemans WIBU Systems CodeMeter

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

Actions to take today to mitigate malicious cyber activity: 1. Patch all systems for known exploited vulnerabilities KEVs, including firewall security appliances. 2. Monitor for unauthorized use of remote access software using endpoint detection tools. 3. Remove unnecessary disabled accounts and...

Dover Fueling Solutions MAGLINK LX Console

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dover Fueling Solutions Equipment : MAGLINK LX - Web Console Configuration Vulnerabilities : Authentication Bypass using an Alternate Path or Channel, Authentication Bypass by Primary Weakness, Path...

Phoenix Contact TC ROUTER and TC CLOUD CLIENT

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Phoenix Contact Equipment : TC ROUTER and TC CLOUD CLIENT Vulnerabilities : Cross-site Scripting, XML Entity Expansion 2. RISK EVALUATION Successful exploitation of this...

Socomec MOD3GP-SY-120K

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Socomec Equipment : MOD3GP-SY-120K Vulnerabilities : Cross-Site Scripting XSS, Cross-Site Request Forgery CSRF, Insecure Storage of Sensitive Information, Reliance on Cookies without Validation and...

Festo MSE6-C2M/D2M/E2M

SUMMARY Incomplete user documentation of undocumented, authenticated test mode and further remote accessible functions. The supported features may be covered only partly by the corresponding user documentation. Festo developed the products according to the respective state of the art. As a...

Fujitsu Limited Real-time Video Transmission Gear "IP series"

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Fujitsu Limited Equipment: Real-time Video Transmission Gear "IP series" Vulnerability: Use Of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker logging into...

Softneta MedDream PACS Premium

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Softneta ​Equipment: MedDream PACS ​Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could...

Digi RealPort Protocol

1. EXECUTIVE SUMMARY ​CVSS v3 9.0 ​ATTENTION: Exploitable remotely ​Vendor: Digi International, Inc. ​Equipment: Digi RealPort Protocol ​Vulnerability: Use of Password Hash Instead of Password for Authentication 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow the...

GE Digital CIMPLICITY

1. EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: GE Digital ​Equipment: CIMPLICITY ​Vulnerability: Process Control 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3...

ARDEREG Sistemas SCADA

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: ARDEREG ​Equipment: Sistemas SCADA ​Vulnerability: SQL Injection 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to manipulate SQL query logic to extract...

PTC Kepware KepServerEX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : Kepware KepServerEX Vulnerabilities : Uncontrolled Search Path Element, Improper Input Validation, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of...

Identification and Disruption of QakBot Infrastructure

SUMMARY The Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI are releasing this joint Cybersecurity Advisory CSA to disseminate QakBot infrastructure indicators of compromise IOCs identified through FBI investigations as of August 2023. On August 25, F...

Festo LX Appliance

SUMMARY A vulnerability in the Video.js package could allow a user of LX Appliance, with a high privilege account i.e., with the "Teacher" role, to craft a malicious course and launch an XSS attack. 2. REMEDIATION Contact Festo Didactic services department at [email protected] to...

PTC Codebeamer

1. EXECUTIVE SUMMARY ​CVSS v3 8.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: PTC ​Equipment: Codebeamer ​Vulnerability: Cross site scripting 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to inject arbitrary JavaScript code, which...

CODESYS Development System

1. EXECUTIVE SUMMARY ​CVSS v3 7.3 ​ATTENTION: low attack complexity ​Vendor: CODESYS, GmbH ​Equipment: CODESYS Development System ​Vulnerability: Uncontrolled Search Path Element. 2. RISK EVALUATION ​Successful exploitation of this vulnerability could cause users to unknowingly launch a malicious...

OPTO 22 SNAP PAC S1

1. EXECUTIVE SUMMARY ​CVSS v3 7.5 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: OPTO 22 ​Equipment: SNAP PAC S1 ​Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Weak Password Requirements, Improper Access Control, Uncontrolled Resource Consumption 2...

KNX Protocol

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: KNX Association Equipment: KNX devices using KNX Connection Authorization Vulnerability: Overly Restrictive Account Lockout Mechanism 2. RISK EVALUATION Successful exploitation...

CODESYS Development System

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Insufficient Verification of Data Authenticity. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...