Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess Vulnerabilities: Heap-based Buffer Overflow, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

Siemens RUGGEDCOM ROX Devices

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROX Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to cause a...

Siemens SINUMERIK

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINUMERIK Controllers Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker, with network...

Advantech WebAccess SCADA

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess SCADA Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access project names and paths. 3...

Mitsubishi Electric MELSEC iQ-R Series C Controller Module (Update B)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series C Controller Module R12CCPU-V Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

Johnson Controls exacqVision

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Server 32-bit Vulnerability: Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of this...

Mobile Industrial Robots Vehicles and MiR Fleet Software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Mobile Industrial Robots MiR Equipment: MiR100, MiR200, MiR250, MiR500, MiR1000, MiR Fleet Vulnerabilities: Improper Access Control, Integer Overflow or Wraparound, Exposur...

FATEK Automation Communication Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FATEK Automation Equipment: Communication Server Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3...

InHand Networks IR615 Router (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: InHand Networks Equipment: IR615 Router Vulnerabilities: Improper Restriction of Rendered UI Layers or Frames, Improper Authorization, Cross-site Request Forgery, Inadequate Encryption Strength, Imprope...

Johnson Controls exacqVision Server Bundle

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Server Bundle Vulnerability: Improper Privilege Management= 2. RISK EVALUATION Successful exploitation of this...

FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerabilities : Out-of-bounds Write, Out-of-bounds Read, Unexpected Sign Extension, Stack-based Buffer Overflow, Improper Restriction of Operations within the...

Moxa MXview Network Management Software

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXview Network Management Software Vulnerabilities: Path Traversal, Use of Hard-coded Password, Unprotected Transport of Credentials, Injection, Improper Access Control 2. RISK...

Honeywell Experion PKS and ACE Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Relative Path Traversal, Improper...

Mitsubishi Electric GOT and Tension Controller (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT and Tension Controller Vulnerabilities: Improper Handling of Exceptional Conditions, Improper Input Validation --------- Begin Update A Part 1 of 2 ---------...

Emerson WirelessHART Gateway

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: WirelessHART Gateway Vulnerabilities: Missing Authentication for Critical Function, Improper Input Validation, Improper Limitation of a Pathname to a Restricted Directory,...

Boston Scientific Zoom Latitude

1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION: Low attack complexity Vendor: Boston Scientific Equipment: ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120 Vulnerabilities: Use of Password Hash with Insufficient Computational Effort, Missing Protection Against Hardware Reverse Engineering Using...

Siemens Solid Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge, 3D CAD and solid modeling software Vulnerabilities: Use After Free, Out-of-bounds Read, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Trane Symbio (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Trane Equipment: Symbio 700 and Symbio 800 controllers Vulnerability: Code Injection 2. UPDATE INFORMATION The updated advisory is a follow-up to the original advisory titled ICSA-21-266-01 Trane Symbio that was published...

Trane Tracer

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Trane Equipment: Tracer SC, Tracer SC+, and Tracer Concierge Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to execute...

Festo SBRD-Q/SBOC-Q/SBOI-Q

SUMMARY The affected product families are cameras SBOC/SBOI and the Controller SBRD. The vulnerabilities are located within the Ethernet IP Stack from EIPStackGroup OpENer Ethernet/IP. 2. IMPACT Please consult the CVEs listed above and ICSA-21-105-02. 3. MITIGATION - Minimize network exposure...

Schneider Electric EcoStruxure and SCADAPack

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70 Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Johnson Controls Sensormatic Electronics KT-1

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC., a subsidiary of Johnson Controls, Inc. Equipment: KT-1 Vulnerability: Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of this...

Siemens Siveillance OIS

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siveillance OIS Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute code on...

Siemens Desigo CC Family

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Desigo CC Family Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code...

Siemens LOGO! CMR and SIMATIC RTU 3000

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: LOGO! CMR2020, LOGO! CMR2040 and SIMATIC RTU 3000 family Vulnerabilities: Incorrect Calculation of Buffer Size, Improper Certificate Validation 2. RISK EVALUATION Successful...

Siemens SINEC NMS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS Vulnerabilities: Path Traversal, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to manipulate the...

Siemens APOGEE and TALON

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: APOGEE and TALON Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the...

Siemens SIMATIC CP (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP 1543-1 incl. SIPLUS variants and SIMATIC CP 1545-1 Vulnerability: Cleartext Storage of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to...

Johnson Controls Sensormatic Electronics KT-1

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC., a subsidiary of Johnson Controls, Inc. Equipment: KT-1 Vulnerability: Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of this...

Siemens Industrial Edge

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Edge Management Vulnerability: Authorization Bypass Through User-controlled Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Siemens SIPROTEC 5 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIPROTEC 5 Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-257-16 Siemens SIPROTEC 5 that...

Siemens SIMATIC NET CP Modules

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens LOGO! CMR and SIMATIC RTU 3000 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Siemens Equipment: LOGO! CMR, SIMATIC RTU 3000 Vulnerability: Use of Insufficiently Random Values 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-257-13 Siemens LOGO! CMR...

Siemens Teamcenter

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Vulnerability: Privilege Defined with Unsafe Actions, Authorization Bypass Through User-Controlled Key, Improper Restriction of XML External Entity Reference 2. RISK...

Digi PortServer TS 16

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Digi International, Inc. Equipment: PortServer TS 16 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability allows write access, which grants control of...

Siemens RUGGEDCOM ROX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROX --------- Begin Update A Part 1 of 2 --------- Vulnerabilities: Improper Privilege Management, Execution with Unnecessary Privileges, Improper Handling of Insufficient...

Siemens SINEMA Server

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Server Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain encoded...

Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Modification of Assumed-Immutable Data, Improper Access Control, Exposure of Sensitive Information to an Unauthorized Actor, Improper...

Siemens NX

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: NX Vulnerabilities: Use After Free, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to an access violation and to arbitrary code execution on the target...

Siemens SIPROTEC 5 relays (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIPROTEC 5 relays Vulnerabilities: Classic Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-257-10 Siemens SIPROTEC 5...

Schneider Electric Struxureware Data Center Expert

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Struxureware Data Center Expert Vulnerabilities: OS Command Injection, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote...

Siemens Teamcenter Active Workspace

1. EXECUTIVE SUMMARY CVSS v3 4.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Active Workspace Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to access control violations. 3. TECHNICAL...

Siemens SIMATIC RFID

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC RFID terminals Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely execute code. 3...

Siemens Simcenter STAR-CCM+ Viewer

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Viewer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a crash and allow an attacker to execute code in the context of...

Siemens Simcenter Femap

1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to leak information in the context of the current process. 3...

Delta Electronics DOPSoft 2 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft 2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Heap-based Buffer Overflow 2. UPDATED INFORMATION This updated advisory is a follow-up to the original advisory...

AVEVA PCS Portal

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: Platform Common Services PCS Portal Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION The DLL hijacking vulnerability in the Platform Common Services PCS Portal, if exploited, could allow...

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Europe B.V. Equipment: smartRTU and INEA ME-RTU Vulnerabilities: OS Command Injection, Improper Access Control, Cross-site Scripting, Use of Hard-coded Credentials, Unprotected...

Mitsubishi Electric MELSEC iQ-R Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Corporation Equipment : MELSEC iQ-R Series CPU Module Vulnerabilities : Exposure of Sensitive Information to an Unauthorized Actor, Insufficiently Protected Credentials, Overly Restrictive...

Hitachi ABB Power Grids System Data Manager

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Low attack complexity Vendor: Hitachi ABB Power Grids Equipment: System Data Manager Vulnerability: Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive...