Lucene search
K

4255 matches found

ICS
ICS
added 2022/03/01 12:0 p.m.99 views

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...

10CVSS9.9AI score0.99999EPSS
Exploits449References104
ICS
ICS
added 2022/02/24 12:0 p.m.73 views

Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks

Summary Actions to Take Today to Protect Against Malicious Activity Search for indicators of compromise. Use antivirus software. Patch all systems. Prioritize patching known exploited vulnerabilities. Train users to recognize and report phishing attempts. Use multi-factor authentication. Note: th...

10CVSS8.6AI score0.99965EPSS
Exploits134References134
ICS
ICS
added 2022/02/24 12:0 a.m.73 views

FATEK Automation FvDesigner

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: FvDesigner Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

7.8CVSS8.3AI score0.01829EPSS
Exploits0References6
ICS
ICS
added 2022/02/24 12:0 a.m.109 views

Schneider Electric Easergy P5 and P3

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Easergy P5 and P3 --------- Begin Update A Part 1 of 4 --------- Vulnerabilities: Use of Hard-Coded Credentials, Classic Buffer Overflow, and Improper Input Validation --------- End Update A...

8.8CVSS8.7AI score0.02822EPSS
Exploits0References4
ICS
ICS
added 2022/02/24 12:0 a.m.68 views

Mitsubishi Electric EcoWebServerIII

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Energy Saving Data Collecting Server EcoWebServerIII Vulnerabilities: Improper Neutralization of Input During Web Page Generation, Uncontrolled Resource...

6.1CVSS8.3AI score0.0404EPSS
Exploits1References5
ICS
ICS
added 2022/02/23 12:0 p.m.71 views

New Sandworm Malware Cyclops Blink Replaces VPNFilter

Summary The Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with a new more advanced framework. The United Kingdom's UK National Cyber Security Centre NCSC, the Cybersecurity and Infrastructur...

9.3AI score
Exploits0References46
ICS
ICS
added 2022/02/22 12:0 a.m.92 views

WIN-911 2021

1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION: Low attack complexity Vendor: WIN-911 Equipment: WIN-911 2021 Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the misconfigured privileges to the...

7.8CVSS7.6AI score0.00208EPSS
Exploits0References5
ICS
ICS
added 2022/02/22 12:0 a.m.43 views

GE Proficy CIMPLICITY-IPM

1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve both code execution and local privilege escalation. 3. TECHNICAL DETAILS 3.1...

7.8CVSS8.3AI score0.00201EPSS
Exploits0References5
ICS
ICS
added 2022/02/22 12:0 a.m.70 views

GE Proficy CIMPLICITY-Cleartext

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to capture a...

9.8CVSS8.9AI score0.00603EPSS
Exploits0References5
ICS
ICS
added 2022/02/17 12:0 a.m.69 views

Siemens Simcenter Femap

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the...

7.8CVSS8.4AI score0.01454EPSS
Exploits0References11
ICS
ICS
added 2022/02/16 12:0 p.m.103 views

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs. • Implement endpoint detection and response tools. From at least January 2020, through February 202...

9.8CVSS10AI score0.99999EPSS
Exploits56References164
ICS
ICS
added 2022/02/15 12:0 a.m.96 views

Schneider Electric IGSS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Integer Overflow or Wraparound, Path Traversal, Classic Buffer Overflow, Out-of-bounds Read, Improper...

9.8CVSS9.7AI score0.44559EPSS
Exploits0References4
ICS
ICS
added 2022/02/10 12:0 p.m.45 views

Ransomware Awareness for Holidays and Weekends

Summary Immediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and software. • Use strong passwords. • Usemulti-factor authentication. The Federal Bureau ...

9.7AI score
Exploits0References43
ICS
ICS
added 2022/02/10 12:0 p.m.29 views

2021 Trends Show Increased Globalized Threat of Ransomware

Summary Immediate Actions You Can Take Now to Protect Against Ransomware: • Update your operating system and software. • Implement user training and phishing exercises to raise awareness about the risk of suspicious links and attachments. • If you use Remote Desktop Protocol RDP, secure and monit...

10AI score
Exploits0References56
ICS
ICS
added 2022/02/10 12:0 a.m.105 views

Siemens Solid Edge, JT2Go, and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Rea...

7.8CVSS8.2AI score0.01798EPSS
Exploits0References47
ICS
ICS
added 2022/02/10 12:0 a.m.87 views

Siemens Solid Edge, JT2Go, and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Rea...

7.8CVSS0.9AI score0.01798EPSS
Exploits0References47
ICS
ICS
added 2022/02/08 12:0 a.m.32 views

Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION : Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use a specially crafted link to...

6.1CVSS6.5AI score0.05265EPSS
Exploits2References11
ICS
ICS
added 2022/02/08 12:0 a.m.80 views

Siemens Solid Edge, JT2Go, and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Rea...

7.8CVSS8.4AI score0.01798EPSS
Exploits0References11
ICS
ICS
added 2022/02/08 12:0 a.m.109 views

Siemens SIMATIC WinCC and PCS

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC and PCS Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Externally-Accessible File or Directory 2...

8.8CVSS8.6AI score0.00682EPSS
Exploits0References11
ICS
ICS
added 2022/02/08 12:0 a.m.211 views

Siemens Simcenter Femap

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerabilities: Out-of-bounds Write, Access of Resource Using Incompatible Type, Improper Restriction of Operations within the Bounds of a Memory Buffer, Stack-based Buffer Overflow 2...

7.8CVSS8.7AI score0.01774EPSS
Exploits0References11
ICS
ICS
added 2022/02/08 12:0 a.m.4 views

Siemens OpenSSL Vulnerability in Industrial Products

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

7.4CVSS7.7AI score0.50445EPSS
Exploits0References10
ICS
ICS
added 2022/02/08 12:0 a.m.27 views

Siemens Spectrum Power 4

1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Spectrum Power 4 Vulnerability: Cross-site scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the confidentiality and integrity of the...

6.1CVSS6.5AI score0.00562EPSS
Exploits0References11
ICS
ICS
added 2022/02/08 12:0 a.m.51 views

Siemens SICAM TOOLBOX II (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM TOOLBOX II Vulnerability: Use of Hard-coded Credentials 2. UPDATE INFORMATION This advisory update is a follow-up to the original advisory titled ICSA-22-041-05 SICAM TOOLBOX II...

6.5CVSS6.6AI score0.00675EPSS
Exploits0References11
ICS
ICS
added 2022/02/08 12:0 a.m.82 views

Siemens SIMATIC Industrial Products (Update A)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS8.1AI score0.02181EPSS
Exploits0References12
ICS
ICS
added 2022/02/03 12:0 a.m.284 views

Sensormatic PowerManage (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc Equipment: PowerManage Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This update advisory is a follow-up to the...

10CVSS10AI score0.99999EPSS
Exploits354References5
ICS
ICS
added 2022/02/03 12:0 a.m.73 views

Airspan Networks Mimosa

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Airspan Networks Equipment: Mimosa by Airspan product line Vulnerabilities: Improper Authorization, Incorrect Authorization, Server-side Request Forgery, SQL Injection, Deserialization of Untrusted...

10CVSS10AI score0.03663EPSS
Exploits0References5
ICS
ICS
added 2022/02/01 12:0 a.m.50 views

Advantech ADAM-3600

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: ADAM-3600 Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized access to intercept traffic...

9.8CVSS9.9AI score0.01211EPSS
Exploits0References5
ICS
ICS
added 2022/02/01 12:0 a.m.38 views

Ricon Mobile Industrial Cellular Router

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Ricon Mobile, Inc. Equipment: Industrial Cellular Router Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

10CVSS10AI score0.02182EPSS
Exploits1References6
ICS
ICS
added 2022/01/25 12:0 p.m.56 views

APT Groups Target Healthcare and Essential Services

Summary This is a joint alert from the United States Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA and the United Kingdom’s National Cyber Security Centre NCSC. CISA and NCSC continue to see indications that advanced persistent threat APT groups are...

9.8CVSS10AI score0.99999EPSS
Exploits48References50
ICS
ICS
added 2022/01/25 12:0 a.m.96 views

GE Gas Power ToolBoxST

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Gas Power Equipment: ToolBoxST Vulnerabilities: Improper Restriction of XML External Entity Reference, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result...

8.6CVSS8.8AI score0.03305EPSS
Exploits0References5
ICS
ICS
added 2022/01/20 7:0 a.m.61 views

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric HMI SCADA (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ICONICS and Mitsubishi Electric Equipment: ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerabilities: Cross-site Scripting, Incomplete List of Disallowed Inputs, Plaintext Storage of a...

9.8CVSS6.6AI score0.02884EPSS
Exploits0References10
ICS
ICS
added 2022/01/13 12:0 a.m.38 views

Mitsubishi Electric MELSEC-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Lack of Administrator Control Over Security 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a...

7.8CVSS7.7AI score0.03595EPSS
Exploits0References4
ICS
ICS
added 2022/01/13 12:0 a.m.47 views

Mitsubishi Electric MELSEC-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Improper Initialization 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a denial-of-service condition in the...

7.8CVSS7.7AI score0.03595EPSS
Exploits0References4
ICS
ICS
added 2022/01/11 12:0 a.m.24 views

Siemens SICAM PQ Analyzer

1. EXECUTIVE SUMMARY CVSS v3 3.4 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SICAM PQ Analyzer Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve persistence on the system or cause a...

8.1CVSS8.2AI score0.00828EPSS
Exploits0References11
ICS
ICS
added 2022/01/11 12:0 a.m.54 views

Siemens SICAM A8000

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM A8000 Vulnerabilities: Use of Hard-coded Credentials, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a privileged user...

8.8CVSS8.5AI score0.02307EPSS
Exploits2References11
ICS
ICS
added 2022/01/11 12:0 a.m.64 views

Siemens COMOS Web (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: COMOS Vulnerabilities: Basic XSS, Relative Path Traversal, SQL Injection, Cross-site Request Forgery 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...

8.8CVSS8.8AI score0.00847EPSS
Exploits0References11
ICS
ICS
added 2022/01/11 12:0 a.m.33 views

Siemens SIPROTEC 5 Devices

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIPROTEC 5 products Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to read device...

7.5CVSS7.6AI score0.00968EPSS
Exploits0References11
ICS
ICS
added 2022/01/11 12:0 a.m.49 views

Johnson Controls VideoEdge

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: VideoEdge Vulnerability: Improper Handling of Syntactically Invalid Structure= 2. RISK EVALUATION Running a vulnerability...

5.3CVSS5.7AI score0.01045EPSS
Exploits0References5
ICS
ICS
added 2022/01/11 12:0 a.m.66 views

Siemens Energy PLUSCONTROL

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Energy Equipment: PLUSCONTROL Vulnerabilities: Type Confusion, Improper Validation of Specified Quantity in Input, Buffer Access with Incorrect Length Value, Integer Underflow, Improper Handling...

9.1CVSS8.4AI score0.0215EPSS
Exploits0References11
ICS
ICS
added 2022/01/06 12:0 a.m.34 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

7.8CVSS8.3AI score0.09271EPSS
Exploits0References5
ICS
ICS
added 2022/01/06 12:0 a.m.48 views

IDEC PLCs

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: IDEC Equipment: PLCs Programmable Logic Controllers Vulnerabilities: Unprotected Transport of Credentials, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS9.2AI score0.0134EPSS
Exploits0References5
ICS
ICS
added 2022/01/06 12:0 a.m.50 views

Fernhill SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fernhill Software, Ltd. Equipment: Fernhill SCADA Server Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service...

7.5CVSS7.8AI score0.01077EPSS
Exploits0References5
ICS
ICS
added 2022/01/06 12:0 a.m.31 views

Philips Engage Software

1. EXECUTIVE SUMMARY CVSS v3 2.6 ATTENTION: Exploitable remotely Vendor: Philips Equipment: Engage Software Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability may allow improper viewing read-only of business contact information. 3. TECHNICAL...

4.3CVSS4.9AI score0.00524EPSS
Exploits0References5
ICS
ICS
added 2021/12/23 12:0 p.m.68 views

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, the Computer Emergency Response Team New Zealand CERT NZ, the New Zealand...

10CVSS10AI score0.99999EPSS
Exploits358References88
ICS
ICS
added 2021/12/23 12:0 a.m.41 views

Moxa MGate Protocol Gateways

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MGate MB3180/MB3280/MB3480 Series Protocol Gateways Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could...

9.8CVSS9.2AI score0.00661EPSS
Exploits0References5
ICS
ICS
added 2021/12/23 12:0 a.m.276 views

Johnson Controls exacq Enterprise Manager

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc. Equipment: exacq Enterprise Manager Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability...

10CVSS10AI score0.99999EPSS
Exploits354References5
ICS
ICS
added 2021/12/21 12:0 a.m.98 views

Fresenius Kabi Agilia Connect Infusion System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fresenius Kabi Equipment: Agilia Connect Infusion System Vulnerabilities: Uncontrolled Resource Consumption, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently Protected Credentials,...

9.8CVSS8.7AI score0.0107EPSS
Exploits0References5
ICS
ICS
added 2021/12/21 12:0 a.m.61 views

WECON LeviStudioU

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 3. TECHNICAL...

7.8CVSS8.3AI score0.09285EPSS
Exploits0References5
ICS
ICS
added 2021/12/21 12:0 a.m.58 views

Emerson DeltaV

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: DeltaV Distributed Control System Controllers and Workstations Vulnerabilities: Missing Authentication for Critical Function, Uncontrolled Search Path Element 2. RISK EVALUATION...

8.1CVSS7.3AI score0.00263EPSS
Exploits0References5
ICS
ICS
added 2021/12/21 12:0 a.m.42 views

Horner Automation Cscape EnvisionRV

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape EnvisionRV Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could execute arbitrary code in the context of the current process...

7.8CVSS7.3AI score0.00685EPSS
Exploits0References5
Total number of security vulnerabilities4255