Lucene search
K

4255 matches found

ICS
ICS
added 2021/12/21 12:0 a.m.55 views

mySCADA myPRO

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Use of Password Hash with Insufficient Computational Effort, Hidden Functionality, OS Command...

10CVSS10AI score0.01549EPSS
Exploits0References5
ICS
ICS
added 2021/12/16 1:30 p.m.22 views

Hitachi Energy Relion 670 650 series and SAM600-IO Product

SUMMARY Hitachi Energy is aware of two critical memory allocation vulnerabilities called BadAlloc 1 vulnerabilities in the WindRiver VxWorks Operating Systems 23 that are used in our product versions listed in this advisory. An attacker that exploits these vulnerabilities might bypass security...

9.8CVSS7.8AI score0.02539EPSS
Exploits0References9
ICS
ICS
added 2021/12/16 12:0 a.m.43 views

Siemens Questa and ModelSim

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Questa Simulation and ModelSim Simulation Vulnerability: Insufficiently Protected Credentials 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled...

6.5CVSS6.7AI score0.00563EPSS
Exploits0References5
ICS
ICS
added 2021/12/16 12:0 a.m.71 views

Siemens Healthineers syngo fastView (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Healthineers, a subsidiary of Siemens Equipment: syngo fastView --------- Begin Update A Part 1 of 2 -------- Vulnerabilities: Out-of-bounds Write, Write-what-where Condition --------- End Update A Part 1 of 2...

7.8CVSS8.1AI score0.00323EPSS
Exploits0References4
ICS
ICS
added 2021/12/16 12:0 a.m.47 views

Mitsubishi Electric GX Works2

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/high attack complexity Vendor: Mitsubishi Electric Equipment: GX Works2 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a...

7.5CVSS7.8AI score0.02711EPSS
Exploits0References4
ICS
ICS
added 2021/12/16 12:0 a.m.63 views

Wibu-Systems CodeMeter Runtime

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Wibu-Systems AG Equipment: CodeMeter Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the CodeMeter Runtime Server, which could...

7.1CVSS7.2AI score0.00289EPSS
Exploits0References5
ICS
ICS
added 2021/12/16 12:0 a.m.40 views

Delta Electronics CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure or an application crash. 3. TECHNICAL DETAILS 3.1...

6.1CVSS5.8AI score0.00662EPSS
Exploits0References4
ICS
ICS
added 2021/12/16 12:0 a.m.172 views

Mitsubishi Electric FA Engineering Software (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Vulnerabilities: Out-of-bounds Read, Integer Underflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-350-05...

5.5CVSS6AI score0.00932EPSS
Exploits0References4
ICS
ICS
added 2021/12/16 12:0 a.m.59 views

Xylem AquaView

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Low attack complexity Vendor: Xylem, Inc. Equipment: AquaView Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local attacker to create users, delete users,...

9.3CVSS8.9AI score0.00211EPSS
Exploits0References4
ICS
ICS
added 2021/12/14 12:0 a.m.34 views

Siemens Teamcenter Active Workspace

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Active Workspace Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remove code execution...

7.2CVSS7.3AI score0.01052EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.40 views

Siemens SIMATIC eaSie PCS 7 Skill Package

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC eaSie PCS 7 Skill Package Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated remote attacker to read...

6.5CVSS6.6AI score0.0091EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.78 views

Schneider Electric Rack PDU (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 3 --------- CVSS v3 6.5 ATTENTION: Exploitable remotely --------- End Update A Part 1 of 3 --------- Vendor: Schneider Electric Equipment: Rack Power Distribution Unit PDU --------- Begin Update A Part 2 of 3 --------- Vulnerability:...

8CVSS8.1AI score0.00774EPSS
Exploits0References4
ICS
ICS
added 2021/12/14 12:0 a.m.108 views

Siemens Capital VSTAR

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely / Low attack complexity Vendor: Siemens Equipment: Capital VSTAR Vulnerabilities: Access of Resource Using Incompatible Type, Improper Validation of Specified Quantity in Input, Out-of-Bounds Read, Improper Restriction of Operations...

9.8CVSS8.8AI score0.0215EPSS
Exploits0References10
ICS
ICS
added 2021/12/14 12:0 a.m.88 views

Siemens JT2Go and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization Vulnerabilities: Out-of-Bounds Write, Use of Uninitialized Variable, Out-of-Bounds Read, Off-by-One Error, Use-after-Free 2. RISK EVALUATION Successful exploitation of...

7.8CVSS7.2AI score0.02031EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.35 views

Siemens JTTK and JT Utilities

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JTTK and JT Utilities Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause the application to crash or allow arbitrary...

7.8CVSS8.3AI score0.00814EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.35 views

Siemens SiPass Integrated

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SiPass Integrated Vulnerabilities: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote...

9.8CVSS9.5AI score0.01579EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.49 views

Siemens SIMATIC ITC

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC ITC Products Vulnerabilities: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of these LibVNC vulnerabilities could allow remote code...

9.6AI score
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.24 views

Siemens SINUMERIK Edge

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINUMERIK Edge Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to spoof a trusted entity by interfering in the...

7.4CVSS7.6AI score0.00479EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.32 views

Siemens JTTK and JT Utilities

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JTTK and JT Utilities Vulnerabilities: Out-of-bounds Write, Use after Free, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead the application to crash or...

7.8CVSS7.3AI score0.00855EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.58 views

Advantech R-SeeNet

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Advantech Equipment: R-SeeNet Vulnerabilities: SQL Injection, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated users to perform a local privilege...

8.8CVSS8.3AI score0.20155EPSS
Exploits26References5
ICS
ICS
added 2021/12/14 12:0 a.m.33 views

Siemens Simcenter STAR-CCM+ Viewer

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Viewer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a crash, arbitrary code execution, or data extraction. 3...

7.8CVSS7.9AI score0.00814EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.35 views

Siemens Siveillance Identity

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siveillance Identity Vulnerabilities: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote...

9.8CVSS9.4AI score0.01579EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.28 views

Siemens POWER METER SICAM Q100

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: POWER METER SICAM Q100 Vulnerability: Stack-based Buffer Overflow\ 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely execute code...

9CVSS7.6AI score0.02587EPSS
Exploits0References11
ICS
ICS
added 2021/12/14 12:0 a.m.68 views

Siemens JT Utilities and JT Open Toolkit

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT Utilities, JT Open Toolkit Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Stack-based Buffer Overflow, Use After Free, Improper Restriction of Operations within the Bounds of a Memory Buffer...

7.8CVSS8AI score0.00869EPSS
Exploits0References11
ICS
ICS
added 2021/12/09 12:0 a.m.53 views

WECON LeviStudioU

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Technology Co., Ltd WECON Equipment: LeviStudioU Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS...

7.8CVSS7.9AI score0.02743EPSS
Exploits0References5
ICS
ICS
added 2021/12/09 12:0 a.m.42 views

Hillrom Welch Allyn Cardio Products

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Hillrom Equipment: Welch Allyn Cardio Products Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access...

9.8CVSS9.2AI score0.01076EPSS
Exploits0References5
ICS
ICS
added 2021/12/09 12:0 a.m.167 views

Hitachi Energy GMS600, PWC600, and Relion

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: GMS600, PWC600, and Relion 670/650/SAM600-IO Vulnerability: Improper Access Controls 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

9CVSS7.3AI score0.01666EPSS
Exploits0References5
ICS
ICS
added 2021/12/07 12:0 a.m.40 views

Hitachi Energy RTU500 OpenLDAP

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerabilities: Type Confusion, Reachable Assertion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service condition...

7.5CVSS8.2AI score0.1229EPSS
Exploits0References4
ICS
ICS
added 2021/12/07 12:0 a.m.47 views

Hitachi Energy XMC20 and FOX61x

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: XMC20 and FOX61x Vulnerabilities: Weak Password Requirements, Missing Handler 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

9CVSS8.2AI score0.00958EPSS
Exploits0References5
ICS
ICS
added 2021/12/06 12:0 p.m.68 views

APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Summary This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise framework for referenced threat actor techniques and for mitigations. This joint advisory is the result of analytic efforts...

9.8CVSS9.6AI score0.93514EPSS
Exploits6References37
ICS
ICS
added 2021/12/02 12:0 a.m.146 views

Hitachi Energy RTU500 series

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Observable Discrepancy, Buffer Over-read, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

8.6CVSS8.1AI score0.0828EPSS
Exploits0References5
ICS
ICS
added 2021/12/02 12:0 a.m.77 views

Hitachi Energy APM Edge

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: Transformer Asset Performance Management APM Edge Vulnerability: Reliance on Uncontrolled Component 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory...

7.8AI score
Exploits0References4
ICS
ICS
added 2021/12/02 12:0 a.m.37 views

Hitachi Energy RTU500 series BCI

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Bidirectional Communication Interface BCI Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

7.5CVSS7.7AI score0.0092EPSS
Exploits0References4
ICS
ICS
added 2021/12/02 12:0 a.m.37 views

Johnson Controls Entrapass

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: Entrapass Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this...

8.3CVSS7.8AI score0.01076EPSS
Exploits0References5
ICS
ICS
added 2021/12/02 12:0 a.m.54 views

Distributed Data Systems WebHMI

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Distributed Data Systems Equipment: WebHMI Vulnerabilities: Authentication Bypass by Primary Weakness, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of...

10CVSS10AI score0.35804EPSS
Exploits5References5
ICS
ICS
added 2021/12/02 12:0 a.m.43 views

Hitachi Energy PCM600 Update Manager

1. EXECUTIVE SUMMARY CVSS v3 6.7 Vendor: Hitachi Energy Equipment: PCM600 Update Manager Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass the certificate validation and install an untrusted software...

6.7CVSS6.5AI score0.00124EPSS
Exploits0References5
ICS
ICS
added 2021/12/02 12:0 a.m.45 views

Schneider Electric SESU

1. EXECUTIVE SUMMARY CVSS v3 3.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Schneider Electric Software Update SESU Vulnerability: Insufficient Entropy 2. RISK EVALUATION Successful exploitation of this vulnerability could cause unintended connection from an internal...

3.8CVSS4.8AI score0.00237EPSS
Exploits0References4
ICS
ICS
added 2021/11/30 7:0 a.m.131 views

Mitsubishi Electric MELSEC and MELIPC Series (Update G)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC and MELIPC Series Vulnerabilities: Uncontrolled Resource Consumption, Improper Handling of Length Parameter Inconsistency, Improper Input Validation 2...

7.8CVSS8.3AI score0.03077EPSS
Exploits0References10
ICS
ICS
added 2021/11/30 12:0 a.m.39 views

Delta Electronics CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

7.8CVSS8AI score0.09594EPSS
Exploits0References5
ICS
ICS
added 2021/11/30 12:0 a.m.47 views

Xylem Aanderaa GeoView

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Xylem, Inc. Equipment: Aanderaa GeoView Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate the database server. 3...

9.8CVSS9.7AI score0.01984EPSS
Exploits0References4
ICS
ICS
added 2021/11/30 12:0 a.m.31 views

Hitachi Energy Retail Operations and CSB Software

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: High attack complexity Vendor: Hitachi Energy Equipment: Retail Operations and Counterparty Settlement and Billing CSB Product Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

7.2CVSS7AI score0.00251EPSS
Exploits0References5
ICS
ICS
added 2021/11/30 12:0 a.m.47 views

Johnson Controls CEM Systems AC2000

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Controlled Electronic Management Systems, Ltd., a subsidiary of Johnson Controls, Inc. Equipment: CEM Systems AC2000 Vulnerability: Off-by-one Error 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.8CVSS8.1AI score0.99295EPSS
Exploits81References5
ICS
ICS
added 2021/11/24 7:0 a.m.44 views

Philips MRI 1.5T and 3T (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low attack complexity Vendor: Philips Equipment: MRI 1.5T and 3T Vulnerabilities: Improper Access Control, Incorrect Ownership Assignment, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these...

5.9CVSS6AI score0.00629EPSS
Exploits0References11
ICS
ICS
added 2021/11/22 12:0 p.m.52 views

APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the...

9.8CVSS9.8AI score0.9896EPSS
Exploits8References39
ICS
ICS
added 2021/11/19 12:0 p.m.101 views

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implementmulti-factor authentication. • Usestrong, unique passwords.v...

10CVSS9.9AI score0.99999EPSS
Exploits39References71
ICS
ICS
added 2021/11/18 12:0 a.m.36 views

Philips IntelliBridge EC 40 and EC 80 Hub

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: Philips Equipment: IntelliBridge EC 40 and EC 80 Hub Vulnerabilities: Use of Hard-coded Credentials, Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of these...

8.8CVSS9.2AI score0.00453EPSS
Exploits0References5
ICS
ICS
added 2021/11/18 12:0 a.m.92 views

Philips Patient Information Center iX (PIC iX) and Efficia CM Series

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Philips Equipment: Patient Information Center iX PIC iX and Efficia CM Series Vulnerabilities: Improper Input Validation, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky...

6.5CVSS7AI score0.00366EPSS
Exploits0References5
ICS
ICS
added 2021/11/16 12:0 a.m.48 views

Mitsubishi Electric GOT products

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 series, GOT SIMPLE series, GT SoftGOT2000 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the...

7.8CVSS7.8AI score0.02282EPSS
Exploits0References5
ICS
ICS
added 2021/11/16 12:0 a.m.39 views

FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for arbitrary code execution. 3...

7.8CVSS8.4AI score0.02091EPSS
Exploits0References6
ICS
ICS
added 2021/11/11 12:0 a.m.54 views

Siemens Climatix POL909 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: Exploitable remotely Vendor: Siemens --------- Begin Update A Part 1 of 3 --------- Equipment: Climatix POL909 AWM and AWB modules --------- End Update A Part 1 of 3 --------- Vulnerability: Missing Encryption of Sensitive Data 2. RISK EVALUATION...

7.4CVSS7.5AI score0.00408EPSS
Exploits0References5
Total number of security vulnerabilities4255