Emerson DeltaV Distributed Control System

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable on adjacent network/high attack complexity Vendor: Emerson Equipment: DeltaV Distributed Control System Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials, Insufficient Verification of Data...

Distributed Data Systems WebHMI

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Distributed Data Systems Equipment: WebHMI Vulnerabilities: Cross-site Scripting, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Motorola Solutions ACE1000

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Motorola Solutions Equipment: ACE1000 Vulnerabilities: Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials, Insufficient Verification of Data Authenticity CISA is aware of a public report...

Advantech iView

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Missing Authentication for Critical Function, Relative Path Traversal, Command Injection 2. RISK EVALUATION Successful exploitation of these...

ABB e-Design

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ABB Equipment: e-Design Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Exploitation of these vulnerabilities could allow privilege escalation or a denial-of service condition. 3. TECHNICAL DETAILS 3.1...

Motorola Solutions MDLC

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Motorola Solutions Equipment: MDLC Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Plaintext Storage of a Password CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found...

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Omron Equipment: SYSMAC CS/CJ/CP Series and NJ/NX Series Vulnerabilities: Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, Plaintext Storage of a Password...

Motorola Solutions MOSCAD IP and ACE IP Gateways

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Motorola Solutions Equipment: MOSCAD IP Gateway and ACE IP Gateway Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in...

Pyramid Solutions EtherNet/IP Adapter Development Kit

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely, low attack complexity Vendor: Pyramid Solutions, Inc. Equipment: EtherNet/IP Adapter Development Kit Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with...

Elcomplus SmartICS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elcomplus LLC Equipment: SmartICS Vulnerabilities: Improper Access Control, Relative Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

Secheron SEPCOS Control and Protection Relay

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Secheron Equipment: SEPCOS Control and Protection Relay Vulnerabilities: Improper Enforcement of Behavioral Workflow, Lack of Administrator Control over Security, Improper Privilege Management,...

Yokogawa CAMS for HIS

1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: High attack complexity Vendor: Yokogawa Equipment: Consolidation Alarm Management Software for Human Interface Station CAMS for HIS Vulnerability: Violation of Secure Design Principles 2. RISK EVALUATION If a computer using CAMS for HIS software is...

Yokogawa STARDOM

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely Vendor: Yokogawa Equipment: STARDOM Vulnerabilities: Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials CISA is aware of a public report known as, “OT:ICEFALL,” which details vulnerabilities found in...

OFFIS DCMTK

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: OFFIS Equipment: DCMTK Vulnerabilities: Path Traversal, Relative Path Traversal, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

Phoenix Contact Classic Line Industrial Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 Vulnerability: Missing Authentication for Critical...

Phoenix Contact Classic Line Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC, AXC, RFC, PC WORX, FC Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Siemens WinCC OA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC OA Vulnerability: Use of Client-side Authentication CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational...

Phoenix Contact ProConOS and MULTIPROG

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ProConOS/ProConOS eCLR and MULTIPROG Vulnerability: Insufficient Verification of Data Authenticity CISA is aware of a public report, known as “OT:ICEFALL” that details...

JTEKT TOYOPUC

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: JTEKT Equipment: TOYOPUC Products Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology OT...

AutomationDirect DirectLOGIC with Ethernet

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: DirectLOGIC with Ethernet Communication Modules Vulnerabilities: Uncontrolled Resource Consumption, Cleartext Transmission of Sensitive Information 2. UPDATE OR REPOSTED...

AutomationDirect C-More EA9 HMI

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: C-more EA9 HMI Vulnerabilities: Uncontrolled Search Path Element, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these...

AutomationDirect DirectLOGIC with Serial Communication

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Low attack complexity Vendor: AutomationDirect Equipment: DirectLOGIC with Serial Communication Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original...

Hillrom Medical Device Management

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hillrom Medical. Welch Allyn, and ELI are registered trademarks of Baxter International, Inc., or its subsidiaries. Equipment: Welch Allyn medical devices Vulnerabilities: Use of Hard-coded Password,...

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, Q, and L Series CPU Module; MELIPC Series CPU Vulnerability : Improper Resource Locking 2. RISK EVALUATION Successful exploitation of this vulnerability...

Siemens SCALANCE XM-400 and XR-500

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE XM-400 and XR-500 Vulnerability: Improper Validation of Integrity Check Value 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to...

Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Siemens Apache HTTP Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Apache HTTP Server Vulnerabilities: NULL Pointer Dereference, Out-of-bounds Write, Server-side Request Forgery SSRF 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Siemens OpenSSL Affected Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Teamcenter Active Workspace

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Active Workspace Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for malicious code execution. 3...

Siemens Xpedition Designer

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Improperly Implemented Security Check for Standard 2. RISK EVALUATION The affected application is missing general HTTP security headers in the web servers...

Mitsubishi Electric MELSEC-Q/L and MELSEC iQ-R

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC-Q/L Series and iQ-R Series Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition and/or...

Meridian Cooperative Meridian

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Meridian Cooperative Equipment: Meridian Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a disclosure of sensitive information...

Siemens Teamcenter

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Vulnerability: Use of Hard-coded Credentials 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-167-13 Siemens Teamcenter that was...

Siemens Spectrum Power Systems

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Spectrum Power Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative privileges by using an account...

Siemens SICAM GridEdge

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM GridEdge Essential ARM Vulnerabilities: Missing Authentication for Critical Function, Resource Leak 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Siemens Mendix SAML Module

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix SAML Module Vulnerabilities: Improper Restriction of XML External Entity Reference, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...

Siemens OpenSSL Affecting Industrial Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Multiple 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, disclose...

Siemens SCALANCE LPE9403 Third-Party Vulnerabilities

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely, low attack complexity Vendor: Siemens Equipment: SCALANCE LPE9403 Vulnerabilities: Multiple 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause crashes and unrestricted file access, impacting the...

Johnson Controls Metasys ADS ADX OAS Servers

1. EXECUTIVE SUMMARY CVSS v3 8.7 ATTENTION: Low attack complexity/exploitable remotely Vendor: Johnson Controls, Inc. Equipment: Metasys ADS/ADX/OAS Servers Vulnerabilities: Unverified Password Change, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Siemens SCALANCE LPE 4903 and SINUMERIK Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SCALANCE LPE 4903 and SINUMERIK Edge Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unprivileged local user to escalate privileges and...

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Summary Best Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China PRC state-sponsored...

Mitsubishi Electric Air Conditioning Systems

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Air Conditioning Systems Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Exposure of Sensitive Information to an Unauthorized Actor, Channel Accessible by Non-Endpoint 2...

Vulnerabilities Affecting Dominion Voting Systems ImageCast X

1. SUMMARY This advisory identifies vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot. The ImageCast X can be configured to allow a voter to produce a paper record or to...

Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

Summary Update June 2, 2022: This Cybersecurity Advisory CSA has been updated with additional indicators of compromise IOCs and detection signatures, as well as tactics, techniques, and procedures TTPs from trusted third parties. Update End The Cybersecurity and Infrastructure Security Agency CIS...

Carrier LenelS2 HID Mercury access panels

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Carrier LenelS2 Equipment: HID Mercury access panels sold by LenelS2 Vulnerabilities: Protection Mechanism Failure, Forced Browsing, Classic Buffer Overflow, Path Traversal, OS Command Injection 2...

Illumina Local Run Manager

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Illumina Equipment: Local Run Manager LRM Vulnerabilities: Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, Cleartext Transmission of Sensitive Information 2...

Fuji Electric Alpha7 PC Loader

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Alpha7 PC Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

BD Synapsys

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Synapsys Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or delete...

BD Pyxis

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Pyxis Vulnerability: Not Using Password Aging 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to...