Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1...

JTEKT TOYOPUC Products

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: JTEKT Corporation Equipment: TOYOPUC products Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...

Johnson Controls Sensormatic Electronics Illustra

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: Illustra Vulnerability: Off-by-one Error 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to...

Sensormatic Electronics KT-1

1. EXECUTIVE SUMMARY Vendor: Sensormatic Electronics, LLC., a subsidiary of Johnson Controls, Inc. Equipment: KT-1 Vulnerability: Use of Unmaintained Third-party Components 2. RISK EVALUATION The affected product uses an unsupported version of Microsoft Windows CE. This version may not receive...

FANUC Robot Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: R-30iA and R-30iB series controllers Vulnerabilities: Integer Coercion Error, Out-of-bounds Write 2. UPDATE INFORMATION This advisory is a follow-up to the original advisory titled ICSA-21-243-02P FANUC...

Annke Network Video Recorder

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Annke Equipment: N48PBB NVR Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a stack-based buffer overflow, which could allow an...

Delta Electronics DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-238-04 Delta Electronics DOPSoft that was...

Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Controlled Electronic Management Systems Ltd., a subsidiary of Johnson Controls Inc Equipment: CEM Systems AC2000 Vulnerability: Improper Authorization 2. RISK EVALUATION Under specific conditions,...

Delta Electronics DIAEnergie (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Use of Password Hash with Insufficient Computational Effort, Authentication Bypass Using an Alternate Path or Channel, Unrestricted Upload of Fil...

Exploitation of Pulse Connect Secure Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to...

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: TPEditor Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow for arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Hitachi ABB Power Grids TropOS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Hitachi ABB Power Grids Equipment: TropOS Vulnerabilities: Injection, Inadequate Encryption Strength, Missing Authentication for Critical Function, Improper Authentication, Improper Validation of Integrity Check Value,...

Hitachi ABB Power Grids Retail Operations and CSB Products

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: Hitachi ABB Power Grids Equipment: Retail Operations and Counterparty Settlement Billing CSB Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

Summary On August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System RTOS is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.1 A remote attacker could exploit...

Chinese State-Sponsored Cyber Operations: Observed TTPs

Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for referenced...

Top Routinely Exploited Vulnerabilities

Summary This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Australian Cyber Security Centre ACSC, the United Kingdom’s National Cyber Security Centre NCSC, and the U.S. Federal Bureau of Investigation FBI. This advisory provides...

Baker Hughes Bently Nevada 3500

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bently Nevada, a Baker Hughes subsidiary Equipment: 3500 Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This advisory was originally posted to the...

ICSA-21-231-01_AVEVA SuiteLink Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Software, LLC Equipment: SuiteLink Server Vulnerabilities: Heap-based Buffer Overflow, Null Pointer Dereference, Improper Handling of Exceptional Conditions 2. RISK EVALUATION Successful...

Advantech WebAccess/NMS

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/NMS Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the exposure of resources or functionality and...

xArrow SCADA

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: xArrow Equipment: xArrow SCADA Vulnerabilities: Cross-site Scripting, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution...

ThroughTek Kalay P2P SDK

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: ThroughTek Equipment: Kalay P2P SDK Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could permit remote code execution and unauthorized access to...

Cognex In-Sight OPC Server

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Cognex Equipment: In-Sight OPC Server Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker access to system...

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Out-of-bounds Write, Access of Uninitialized Pointer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution in...

Siemens Energy AGT and SGT Solutions

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SGT Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Siemens SINEC NMS

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated remote attacker with system privileges to...

Siemens Automation License Manager

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Automation License Manager Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition, preventing legitimate...

Siemens JT2Go and Teamcenter Visualization products

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go & Teamcenter Visualization Vulnerabilities: Use After Free, Out-of-bounds Write, Out-of-bounds Read, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

ICSA-21-222-08_Siemens Solid Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Improper Restriction of XML External Entity Reference, Use After Free, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Siemens JT2Go and Teamcenter Visualization (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go & Teamcenter Visualization Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Out-of-bounds Write, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up...

Siemens SIMATIC and TIM

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC, TIM Vulnerability: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability allows an unauthenticated attacker to read PLC variables from...

Siemens SIMATIC S7-1200 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1200 Devices Vulnerability: Improper Authentication 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-222-09 Siemens SIMATIC S7-1200 that was...

Siemens SIMATIC CP (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Vulnerabilities: Out-of-Bounds Read, Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-222-07 Siemens SIMATIC...

Siemens Industrial Products Intel CPUs (Update F)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC, SINUMERIK Vulnerabilities: Missing Encryption of Sensitive Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-222-05 Siemens Industrial Products...

Mitsubishi Electric MELSEC iQ-R Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : MELSEC iQ-R Series CPU Module Vulnerability : Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...

FATEK Automation FvDesigner

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: FvDesigner Vulnerabilities: Access of Uninitialized Pointer, Stack-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...

HCC Embedded InterNiche TCP/IP stack, NicheLite (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: HCC Embedded Equipment: InterNiche stack NicheStack, NicheLite Vulnerabilities: Return of Pointer Value Outside of Expected Range, Improper Handling of Length Parameter Inconsistency, Use of...

Advantech WebAccess SCADA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Cross-site Scripting XSS, Relative Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

ICSA-21-217-03_mySCADA myPRO

1. EXECUTIVE SUMMARY CVSS v3 X8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: Improper Access Control, Unrestricted Upload of File with Dangerous Type, Path Traversal, Exposure of Information Through Directory Listing 2. RISK EVALUATION...

Swisslog Healthcare Translogic PTS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Swisslog Healthcare Equipment: Translogic PTS Pneumatic Tube Systems Vulnerabilities: Use of Hard-coded Password, Execution with Unnecessary Privileges, Improper Authentication, Download of Code without...

Defending Against Malicious Cyber Activity Originating from Tor

Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This advisory—written by the Cybersecurity Security and Infrastructure...

Hitachi ABB Power Grids eSOMS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Hitachi ABB Power Grids Equipment: eSOMS Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to user credentials that are stored by the...

LCDS LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

Delta Electronics DIAScreen

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DIAScreen Vulnerabilities: Type Confusion, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed and may allow remote code...

Geutebrück G-Cam E2 and G-Code

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Geutebrück Equipment: G-Cam E2 and G-Code Vulnerabilities: Missing Authentication for Critical Function, Command Injection, Stack-based Buffer Overflow 2. RISK EVALUATION...

Mitsubishi Electric GOT2000 series and GT SoftGOT2000

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT2000 series and GT SoftGOT2000 Vulnerability: Missing Synchronization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service...

KUKA KR C4

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: KUKA Equipment: KR C4 Vulnerabilities: Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized access to sensitive information and...

Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise IOCs,...

ICS Focused Malware

Updated July 20, 2021: The U.S. Government attributes this activity to Russian nation-state cyber actors and assess that Russian nation-state cyber actors deployed Havex malware against industrial control systems. For more information on Russian malicious cyber activity, refer...

Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA to provide information on a Chinese Advanced Persistent Threat APT group known in open-source reporting as APT40. This advisory provides...

Mitsubishi Electric MELSEC-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a denial-of-service condition in...