4255 matches found
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Summary Actions to Take Today to Protect Against Malicious Activity Search for indicators of compromise. Use antivirus software. Patch all systems. Prioritize patching known exploited vulnerabilities. Train users to recognize and report phishing attempts. Use multi-factor authentication. Note: th...
FATEK Automation FvDesigner
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: FvDesigner Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...
Schneider Electric Easergy P5 and P3
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Easergy P5 and P3 --------- Begin Update A Part 1 of 4 --------- Vulnerabilities: Use of Hard-Coded Credentials, Classic Buffer Overflow, and Improper Input Validation --------- End Update A...
Mitsubishi Electric EcoWebServerIII
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Energy Saving Data Collecting Server EcoWebServerIII Vulnerabilities: Improper Neutralization of Input During Web Page Generation, Uncontrolled Resource...
New Sandworm Malware Cyclops Blink Replaces VPNFilter
Summary The Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with a new more advanced framework. The United Kingdom's UK National Cyber Security Centre NCSC, the Cybersecurity and Infrastructur...
WIN-911 2021
1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION: Low attack complexity Vendor: WIN-911 Equipment: WIN-911 2021 Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the misconfigured privileges to the...
GE Proficy CIMPLICITY-IPM
1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve both code execution and local privilege escalation. 3. TECHNICAL DETAILS 3.1...
GE Proficy CIMPLICITY-Cleartext
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to capture a...
Siemens Simcenter Femap
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the...
Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs. • Implement endpoint detection and response tools. From at least January 2020, through February 202...
Schneider Electric IGSS
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Integer Overflow or Wraparound, Path Traversal, Classic Buffer Overflow, Out-of-bounds Read, Improper...
Ransomware Awareness for Holidays and Weekends
Summary Immediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and software. • Use strong passwords. • Usemulti-factor authentication. The Federal Bureau ...
2021 Trends Show Increased Globalized Threat of Ransomware
Summary Immediate Actions You Can Take Now to Protect Against Ransomware: • Update your operating system and software. • Implement user training and phishing exercises to raise awareness about the risk of suspicious links and attachments. • If you use Remote Desktop Protocol RDP, secure and monit...
Siemens Solid Edge, JT2Go, and Teamcenter Visualization
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Rea...
Siemens Solid Edge, JT2Go, and Teamcenter Visualization
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Rea...
Siemens SINEMA Remote Connect Server
1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION : Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use a specially crafted link to...
Siemens Solid Edge, JT2Go, and Teamcenter Visualization
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, JT2Go, and Teamcenter Visualization Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Heap-based Buffer Overflow, Out-of-bounds Rea...
Siemens SIMATIC WinCC and PCS
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC WinCC and PCS Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Externally-Accessible File or Directory 2...
Siemens Simcenter Femap
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerabilities: Out-of-bounds Write, Access of Resource Using Incompatible Type, Improper Restriction of Operations within the Bounds of a Memory Buffer, Stack-based Buffer Overflow 2...
Siemens OpenSSL Vulnerability in Industrial Products
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Siemens Spectrum Power 4
1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Spectrum Power 4 Vulnerability: Cross-site scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the confidentiality and integrity of the...
Siemens SICAM TOOLBOX II (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM TOOLBOX II Vulnerability: Use of Hard-coded Credentials 2. UPDATE INFORMATION This advisory update is a follow-up to the original advisory titled ICSA-22-041-05 SICAM TOOLBOX II...
Siemens SIMATIC Industrial Products (Update A)
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Sensormatic PowerManage (Update A)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc Equipment: PowerManage Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This update advisory is a follow-up to the...
Airspan Networks Mimosa
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Airspan Networks Equipment: Mimosa by Airspan product line Vulnerabilities: Improper Authorization, Incorrect Authorization, Server-side Request Forgery, SQL Injection, Deserialization of Untrusted...
Advantech ADAM-3600
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: ADAM-3600 Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized access to intercept traffic...
Ricon Mobile Industrial Cellular Router
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Ricon Mobile, Inc. Equipment: Industrial Cellular Router Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
APT Groups Target Healthcare and Essential Services
Summary This is a joint alert from the United States Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA and the United Kingdom’s National Cyber Security Centre NCSC. CISA and NCSC continue to see indications that advanced persistent threat APT groups are...
GE Gas Power ToolBoxST
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Gas Power Equipment: ToolBoxST Vulnerabilities: Improper Restriction of XML External Entity Reference, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result...
Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric HMI SCADA (Update B)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ICONICS and Mitsubishi Electric Equipment: ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerabilities: Cross-site Scripting, Incomplete List of Disallowed Inputs, Plaintext Storage of a...
Mitsubishi Electric MELSEC-F Series
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Lack of Administrator Control Over Security 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a...
Mitsubishi Electric MELSEC-F Series
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Improper Initialization 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a denial-of-service condition in the...
Siemens SICAM PQ Analyzer
1. EXECUTIVE SUMMARY CVSS v3 3.4 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SICAM PQ Analyzer Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve persistence on the system or cause a...
Siemens SICAM A8000
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM A8000 Vulnerabilities: Use of Hard-coded Credentials, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a privileged user...
Siemens COMOS Web (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: COMOS Vulnerabilities: Basic XSS, Relative Path Traversal, SQL Injection, Cross-site Request Forgery 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...
Siemens SIPROTEC 5 Devices
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIPROTEC 5 products Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to read device...
Johnson Controls VideoEdge
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: VideoEdge Vulnerability: Improper Handling of Syntactically Invalid Structure= 2. RISK EVALUATION Running a vulnerability...
Siemens Energy PLUSCONTROL
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Energy Equipment: PLUSCONTROL Vulnerabilities: Type Confusion, Improper Validation of Specified Quantity in Input, Buffer Access with Incorrect Length Value, Integer Underflow, Improper Handling...
Omron CX-One
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...
IDEC PLCs
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: IDEC Equipment: PLCs Programmable Logic Controllers Vulnerabilities: Unprotected Transport of Credentials, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these...
Fernhill SCADA
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fernhill Software, Ltd. Equipment: Fernhill SCADA Server Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service...
Philips Engage Software
1. EXECUTIVE SUMMARY CVSS v3 2.6 ATTENTION: Exploitable remotely Vendor: Philips Equipment: Engage Software Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability may allow improper viewing read-only of business contact information. 3. TECHNICAL...
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Summary The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, the Computer Emergency Response Team New Zealand CERT NZ, the New Zealand...
Moxa MGate Protocol Gateways
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MGate MB3180/MB3280/MB3480 Series Protocol Gateways Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Johnson Controls exacq Enterprise Manager
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc. Equipment: exacq Enterprise Manager Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability...
Fresenius Kabi Agilia Connect Infusion System (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fresenius Kabi Equipment: Agilia Connect Infusion System Vulnerabilities: Uncontrolled Resource Consumption, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently Protected Credentials,...
WECON LeviStudioU
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 3. TECHNICAL...
Emerson DeltaV
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: DeltaV Distributed Control System Controllers and Workstations Vulnerabilities: Missing Authentication for Critical Function, Uncontrolled Search Path Element 2. RISK EVALUATION...
Horner Automation Cscape EnvisionRV
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape EnvisionRV Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could execute arbitrary code in the context of the current process...