Lucene search
K

4251 matches found

ICS
ICS
added 2026/05/12 12:0 a.m.23 views

Siemens Teamcenter

SUMMARY Siemens Teamcenter is affected by multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS...

6.1AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.14 views

Siemens Solid Edge

SUMMARY Solid Edge SE2026 before Update 5 is affected by two file parsing vulnerabilities that could be triggered when the application reads specially crafted files in PAR format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a new version...

6.2AI score
Exploits0References10
ICS
ICS
added 2026/05/12 12:0 a.m.13 views

Siemens Opcenter RDnL

SUMMARY Opcenter RDnL is affected by missing authentication in critical function in ‘ActiveMQ Artemis’. An unauthenticated attacker within the adjacent network could use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue...

9.8CVSS7.3AI score0.10629EPSS
Exploits1References10
ICS
ICS
added 2026/05/07 6:0 a.m.14 views

MAXHUB Pivot client application

ADVISORY SUMMARY Successful exploitation of this vulnerability may enable an attacker to access tenant email addresses and associated information in cleartext or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.3CVSS5.8AI score0.00159EPSS
Exploits0References11
ICS
ICS
added 2026/05/07 12:0 a.m.10 views

CISA manage.get.gov incorrect portfolio administrator privileges

RISK EVALUATION manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. 2. RECOMMENDED PRACTICES Fixed in 1.176.0 on or around 2026-04-30. 3. DESCRIPTION...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References1
ICS
ICS
added 2026/05/05 6:0 a.m.10 views

Johnson Controls CEM AC2000

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a standard user to escalate privileges on the host machine. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

8.4CVSS5.8AI score0.00108EPSS
Exploits0References13
ICS
ICS
added 2026/04/29 2:27 p.m.5 views

TP-Link WR841N Router multiple vulnerabilities

RISK EVALUATION Multiple TP-Link products TP-Link Archer C20 V5, Archer C20 6.0, Archer AX53 v1.0 and TL-WR841N v13 are affected by multiple vulnerabilities. The most severe of these vulnerabilities could allow an adjacent, unauthenticated attacker to execute administrative commands. 2...

8.8CVSS5.7AI score0.00401EPSS
Exploits0References1
ICS
ICS
added 2026/04/29 12:0 a.m.8 views

CryptPad unbounded WebSocket frame flood

RISK EVALUATION CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. 2. RECOMMENDED PRACTICES Upgrade to 2026.2.2. 3. DESCRIPTION CryptPad 2025.3.1 allows unbounded WebSocket...

8.7CVSS5.3AI score0.00578EPSS
Exploits1References1
ICS
ICS
added 2026/04/28 6:0 a.m.8 views

NSA GRASSMARLIN

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

5.5CVSS5.5AI score0.00197EPSS
Exploits1References13
ICS
ICS
added 2026/04/28 12:0 a.m.7 views

Hitachi Energy PCM600

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Hitachi Energy PCM600 product versions listed in this document. An attacker successfully exploiting this vulnerability can impact integrity of the product. Please refer to the Recommended Immediate Actions for information about...

5.5CVSS6.7AI score0.08926EPSS
Exploits1References9
ICS
ICS
added 2026/04/23 6:0 a.m.7 views

SpiceJet Online Booking System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for all...

5.5AI score
Exploits0References13
ICS
ICS
added 2026/04/23 6:0 a.m.6 views

Yadea T5 Electric Bicycle

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker being able to unlock and start the bicycle, leading to vehicle theft. 2. RECOMMENDED PRACTICES CISA provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics...

7.3CVSS5.7AI score0.00275EPSS
Exploits0References10
ICS
ICS
added 2026/04/23 6:0 a.m.12 views

Milesight Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed or allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure...

6AI score
Exploits0References13
ICS
ICS
added 2026/04/23 6:0 a.m.7 views

Carlson Software VASCO-B GNSS Receiver

RISK EVALUATION Successful exploitation of this vulnerability could enable a remote attacker to alter critical system functions or disrupt device operation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

9.4CVSS5.8AI score0.00373EPSS
Exploits0References11
ICS
ICS
added 2026/04/23 6:0 a.m.9 views

Intrado 911 Emergency Gateway (EGW)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read, modify, or delete files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

9.8CVSS5.7AI score0.00554EPSS
Exploits0References13
ICS
ICS
added 2026/04/23 6:0 a.m.10 views

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass authentication and have remote access to sensitive information on the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS5.8AI score0.00679EPSS
Exploits4References13
ICS
ICS
added 2026/04/21 6:0 a.m.12 views

SenseLive X3050

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for all...

5.7AI score
Exploits0References13
ICS
ICS
added 2026/04/21 6:0 a.m.10 views

Zero Motorcycles Firmware (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to pair via Bluetooth with a motorcycle, gaining unauthorized access to all Bluetooth functions, including changing the firmware. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

6.4CVSS5.7AI score0.00134EPSS
Exploits0References10
ICS
ICS
added 2026/04/21 6:0 a.m.5 views

Silex Technology SD-330AC and AMC Manager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

6.1AI score
Exploits0References13
ICS
ICS
added 2026/04/21 5:0 a.m.9 views

Hardy Barth Salia EV Charge Controller

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

6.5CVSS6.7AI score0.00269EPSS
Exploits0References11
ICS
ICS
added 2026/04/16 6:0 a.m.8 views

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

8.4CVSS6.5AI score0.00339EPSS
Exploits0References12
ICS
ICS
added 2026/04/16 6:0 a.m.7 views

Anviz Multiple Products

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or...

6.5AI score
Exploits0References11
ICS
ICS
added 2026/04/16 6:0 a.m.7 views

AVEVA Pipeline Simulation

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.3CVSS5.8AI score0.00388EPSS
Exploits0References11
ICS
ICS
added 2026/04/16 6:0 a.m.10 views

Horner Automation Cscape and XL4, XL7 PLC

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...

9.3CVSS5.7AI score0.00449EPSS
Exploits0References11
ICS
ICS
added 2026/04/14 7:0 a.m.4 views

Schneider Electric Easergy MiCOM Px40 Series

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.9CVSS6.3AI score0.00271EPSS
Exploits0References11
ICS
ICS
added 2026/04/14 7:0 a.m.69 views

Schneider Electric Modicon Network Managed Switches

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

9CVSS7.8AI score0.14859EPSS
Exploits2References11
ICS
ICS
added 2026/04/14 7:0 a.m.14 views

Schneider Electric PowerChute Serial Shutdown

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.3AI score
Exploits0References11
ICS
ICS
added 2026/04/14 12:0 a.m.11 views

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent authentication and to access connected Industrial Edge Devices through the remote connection feature. Siemens has released new versions...

7.1CVSS5.8AI score0.00209EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.8 views

Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller SAC and recommends...

7.7CVSS7.3AI score0.73495EPSS
Exploits3References10
ICS
ICS
added 2026/04/14 12:0 a.m.8 views

Siemens Analytics Toolkit

SUMMARY Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update to...

6.3CVSS5.8AI score0.00137EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.7 views

Siemens SCALANCE

SUMMARY SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities. Siemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly...

9.1CVSS7.3AI score0.01318EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.9 views

Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary

SUMMARY RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P and recommends to update to the latest version. 2...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.9 views

Siemens TPM 2.0

SUMMARY The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the...

6.6CVSS7.4AI score0.00199EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.10 views

Siemens SINEC NMS

SUMMARY SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account. Siemens has released a new version for SINEC NMS and recommends to update to...

8.8CVSS5.9AI score0.00453EPSS
Exploits0References10
ICS
ICS
added 2026/04/14 12:0 a.m.12 views

Siemens SINEC NMS

SUMMARY Siemens SINEC NMS when used with User Management Component UMC contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application...

7.3CVSS5.8AI score0.00251EPSS
Exploits0References10
ICS
ICS
added 2026/04/13 12:30 a.m.9 views

ABB System 800xA, Symphony Plus IEC 61850

SUMMARY This vulnerability was privately reported relating to ABB’s implementation of the IEC 61850 communication stack for MMS client applications used in some Automation control system products. Note: IEC 61850 communication typically supports MMS and GOOSE protocols. Some ABB products support...

7.1CVSS5.7AI score0.00184EPSS
Exploits0References19
ICS
ICS
added 2026/04/13 12:30 a.m.7 views

ABB Ability Symphony Plus Engineering

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. The ABB S+ Engineering product versions are affected by vulnerabilities in PostgreSQL version 13.11 and earlier versions. If an attacker gains access to a site’s S+ Client Server network, they...

8.4AI score
Exploits0References18
ICS
ICS
added 2026/04/09 6:0 a.m.7 views

Contemporary Controls BASC 20T

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated with the PLC, reconfigure, rename, delete, perform file transfers, and make remote procedure calls. 2. RECOMMENDED PRACTICES CISA recommends users...

9.8CVSS6AI score0.00443EPSS
Exploits0References13
ICS
ICS
added 2026/04/09 6:0 a.m.26 views

GPL Odorizers GPL750

RISK EVALUATION Successful exploitation of this vulnerability could allow a low privileged remote attacker to manipulate register values, which would result in too much or too little odorant being injected into a gas line. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

8.6CVSS5.8AI score0.00448EPSS
Exploits0References13
ICS
ICS
added 2026/04/07 8:51 p.m.8 views

IBM Maximo Application Suite Sensitive Tokens without 'Secure' Attribute

RISK EVALUATION IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. An unauthenticated attacker can steal cookies by directing users to a malicious http:// link and snooping user traffic. 2. RECOMMENDED PRACTICES...

4.3CVSS5.9AI score0.00118EPSS
Exploits0References1
ICS
ICS
added 2026/04/07 8:50 p.m.6 views

Thales Sentinel LDK Runtime Stored XSS

RISK EVALUATION Thales Sentinel LDK Runtime on Windows allows Stored Cross-site Scripting. 2. RECOMMENDED PRACTICES Upgrade to version 10.22 or later. 3. DESCRIPTION Thales Sentinel LDK Runtime on Windows allows Stored Cross-site Scripting. Fixed in Sentinel LDK Runtime 10.22. 4. EXTRA INFO...

8.3CVSS5.9AI score0.00137EPSS
Exploits0References1
ICS
ICS
added 2026/04/07 12:0 a.m.14 views

Mitsubishi Electric GENESIS64 and ICONICS Suite products

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local attacker to disclose SQL Server credentials used by the affected products and use them to disclose, tamper with, or destroy data, or to cause a denial-of-service DoS condition on the system. 2. RECOMMENDED...

5.9AI score
Exploits0References10
ICS
ICS
added 2026/04/02 5:11 p.m.6 views

Bentley Systems iTwin Platform exposed access token

RISK EVALUATION Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. 2. RECOMMENDED PRACTICES As of 2026-03-27, the token is no longer present in the web pages and...

6.9CVSS5.9AI score0.00281EPSS
Exploits0References1
ICS
ICS
added 2026/04/02 1:54 p.m.11 views

Zscaler Client Connector hard-coded proxy configuration domain

RISK EVALUATION ZScaler Client Connector 4.7 and 4.8 on Microsoft Windows hard codes a domain used to retrieve proxy configuration information. An attacker with control of this domain could provide arbitrary proxy configurations and intercept, redirect or disrupt traffic. 2. RECOMMENDED...

5.4CVSS6AI score0.00178EPSS
Exploits0References1
ICS
ICS
added 2026/04/02 6:0 a.m.9 views

Yokogawa CENTUM VP

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

2.1CVSS5.8AI score0.00165EPSS
Exploits0References13
ICS
ICS
added 2026/03/31 6:0 a.m.7 views

PX4 Autopilot

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with access to the MAVLink interface to execute arbitrary shell commands without cryptographic authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

9.8CVSS6.2AI score0.00926EPSS
Exploits0References13
ICS
ICS
added 2026/03/31 6:0 a.m.6 views

Anritsu Remote Spectrum Monitor

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive signal data, or disrupt device availability. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

9.3CVSS5.8AI score0.00387EPSS
Exploits0References11
ICS
ICS
added 2026/03/26 6:0 a.m.6 views

PTC Windchill Product Lifecycle Management

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...

9.3CVSS6.5AI score0.00756EPSS
Exploits0References13
ICS
ICS
added 2026/03/26 6:0 a.m.9 views

OC Messaging and Custom Messaging Gateway

RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated low-privileged user to gain access to SMS messages outside of their authorized tenant scope via a crafted company or tenant identifier parameter. 2. RECOMMENDED PRACTICES CISA recommends users take...

8.1CVSS5.8AI score0.00261EPSS
Exploits0References13
ICS
ICS
added 2026/03/26 12:0 a.m.8 views

Siemens SICAM 8 Products

SUMMARY Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - RTUM85 for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 -...

8.7CVSS5.9AI score0.00358EPSS
Exploits3References10
Total number of security vulnerabilities4251