Horner Automation Cscape Csfont

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Csfont Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

Keysight N6854A Geolocation server and N6841A RF Sensor software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Keysight Technologies, Inc. Equipment: N6854A Geolocation server and N6841A RF Sensor software Vulnerabilities: Relative Path Traversal, Deserialization of Untrusted Data 2. RISK EVALUATION Successful...

APT Cyber Tools Targeting ICS/SCADA Devices

Summary Actions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-uniqu...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an unauthorized user to send malicious messages to...

Matrikon OPC Server

1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely Vendor: Matrikon, a subsidiary of Honeywell Equipment: Matrikon OPC Server Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote command...

Mitsubishi Electric MELSEC iQ-F Series

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-139-01...

Circutor COMPACT DC-S BASIC

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Circutor Equipment: COMPACT DC-S BASIC Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition resulting in...

Inkscape in Industrial Products

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Inkscape Equipment: Inkscape, an open-source graphics editor Vulnerabilities: Out-of-bounds Read, Access of Uninitialized Pointer, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Siemens Desigo PXC and DXR Devices

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: PXC and DXR Devices Vulnerabilities: Special Element Injection, Uncontrolled Resource Consumption, Use of Password Hash with Insufficient Computational Effort, Insufficient Session...

Cambium Networks cnMaestro

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Cambium Networks Equipment: cnMaestro Vulnerabilities: OS Command Injection, SQL Injection, Path Traversal, Use of Potentially Dangerous Function 2. RISK EVALUATION Successful exploitation of these...

Delta Electronics CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution or information...

Mitsubishi Electric MELSOFT iQ AppPortal

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT iQ AppPortal Vulnerabilities: Missing Authorization, Out-of-bounds Write, NULL Pointer Dereference, Classic Buffer Overflow, HTTP Request Smuggling, Infinite Loop...

Protecting Against Cyber Threats to Managed Service Providers and their Customers

Summary Tactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently...

Strengthening Cybersecurity of SATCOM Network Providers and Customers

Summary Updated May 10, 2022: The U.S. government attributes this threat activity to Russian state-sponsored malicious cyber actors. Additional information may be found in a statement from the State Department . For more information on Russian malicious cyber activity, refer to...

Siemens Teamcenter

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Vulnerabilities: Stack-based Buffer Overflow, Improper Restriction of XML External Entity Reference 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Siemens Industrial Products with OPC UA

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET PC, SITOP Manager, TeleControl Server Basic Vulnerability: Null Pointer Dereference 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

Mitsubishi Electric MELSOFT GT OPC UA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT GT OPC UA Client Vulnerabilities: Out-of-bounds Read, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Siemens Industrial Devices using libcurl

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Industrial devices using libcurl Vulnerabilities: Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-132-13 Siemens Industrial Devices using...

Siemens SIMATIC CP 44x-1 RNA

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP 442-1 RNA, 443-1 RNA Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

Siemens SIMATIC WinCC

​​As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

Siemens JT2GO and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2GO, Teamcenter Visualization Vulnerabilities: Infinite Loop, Null Pointer Dereference, Integer Overflow to Buffer Overflow, Double Free, Access of Uninitialized Pointer 2. RISK EVALUATION Successful...

Siemens Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: AVEVA InTouch Access Anywhere and AVEVA Plant SCADA Access Anywhere Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability...

Siemens OpenV2G

1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low attack complexity Vendor: Siemens Equipment: OpenV2G Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to trigger a memory corruption. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Eaton Intelligent Power Protector

1. EXECUTIVE SUMMARY CVSS v3 5.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Protector IPP Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

Adminer in Industrial Products

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Adminer Equipment: Adminer Vulnerability: Files or Directories Accessible to External Parties 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

Eaton Intelligent Power Manager Infrastructure

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Manager Infrastructure Vulnerabilities: Cross-site Scripting, Reflected Cross-site Scripting, Improper Neutralization of Formula in a CSV File 2. RISK EVALUATION...

Siemens Simcenter Femap

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could cause code execution if the affected application is used to open a malicious .NEU...

Siemens SICAM P850 and SICAM P855

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siemens SICAM P850 and SICAM P855 Vulnerabilities: Improper Neutralization of Parameter/Argument Delimiters, Cleartext Transmission of Sensitive Information, Cross-site Scripting,...

Eaton Intelligent Power Manager

1. EXECUTIVE SUMMARY CVSS v3 5.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Eaton Equipment: Intelligent Power Manager IPM v1 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code...

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

Summary Actions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote...

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Unverified Password Change 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user...

Yokogawa CENTUM and ProSafe-RS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: CENTUM and ProSafe-RS Vulnerabilities: OS Command Injection, Improper Authentication, NULL Pointer Dereference, Improper Input Validation, Resource Management Errors 2. RISK...

Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Summary Multifactor Authentication MFA: A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization...

Update: Destructive Malware Targeting Organizations in Ukraine

Summary Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Updated April 28, 2022 This advisor...

2021 Top Routinely Exploited Vulnerabilities

Summary This joint Cybersecurity Advisory CSA was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, Federal Bureau of Investigation FBI,...

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: I mproper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated...

Hitachi Energy System Data Manager

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: System Data Manager – SDM600 Vulnerabilities: Integer Overflow or Wraparound, Reachable Assertion, Type Confusion, Uncontrolled Recursion, Observable Discrepancy 2. RISK...

Johnson Controls Metasys SCT Pro

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Metasys Vulnerability: Server-side Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to...

Hitachi Energy MicroSCADA Pro/X SYS600

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Observable Discrepancy, HTTP Request Smuggling, Classic Buffer Overflow, Improper Certificate Validation, Improper Restriction of...

Delta Electronics ASDA-Soft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: ASDA-Soft Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow arbitrary code execution. 3. TECHNICAL DETAILS...

TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies

Summary Actions to take today to mitigate cyber threats to cryptocurrency: • Patch all systems. • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Use multifactor authentication. The Federal Bureau of Investigation FBI, the...

Elcomplus SmartPTT SCADA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor: Elcomplus Equipment: SmartPTT Vulnerabilities: Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Authorization, Cross-site Scripting 2. RISK EVALUATION Successful exploitation...

Elcomplus SmartPTT SCADA Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elcomplus Equipment: SmartPTT SCADA Server Vulnerabilities: Cross-site Scripting, Unauthorized Exposure to Sensitive Information, Unrestricted Upload of File with Dangerous Type, Path Traversal,...

FANUC ROBOGUIDE Simulation Platform

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: FANUC Corporation / FANUC America Corporation Equipment: ROBOGUIDE Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Improper Access Control, Path Traversal, Improper Restriction o...

Automated Logic WebCTRL

1. EXECUTIVE SUMMARY CVSS v3 5.2 ATTENTION: Low attack complexity/exploitable remotely Vendor: Automated Logic is a part of Carrier Global Corporation Equipment: WebCtrl Server Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Interlogix Hills ComNav

1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low attack complexity Vendor: Interlogix is a part of Carrier Global Corporation Equipment: Hills ComNav Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Inadequate Encryption Strength 2. RISK EVALUATION Successful...

Siemens SIMATIC CP 1543-1 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC CP 1543-1 Vulnerability : Improper Input Validation, Improper Privilege Management 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-16-327-01 Siemens...

Siemens OPC UA Protocol Stack Discovery Service (Update E)

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Vulnerabilities: Improper restriction of XML external entity reference 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Johnson Controls Inc. Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Incomplete Cleanup 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to use a session token that has...