Mitigate Microsoft Exchange Server Vulnerabilities

Summary Updated July 19, 2021: The U.S. Government attributes this activity to malicious cyber actors affiliated with the People's Republic of China PRC Ministry of State Security MSS. Additional information may be found in astatement from the White House. For more information on Chinese maliciou...

ICSMA-21-196-01_Ypsomed mylife

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ypsomed Equipment: mylife Cloud, mylife Mobile Application Vulnerabilities: Insufficiently Protected Credentials, Not Using an Unpredictable IV with CBC Mode, Use of Hard-coded Credentials 2. RISK...

Siemens SINUMERIK ONE and SINUMERIK MC (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINUMERIK ONE and SINUMERIK MC Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Siemens SINAMICS PERFECT HARMONY GH180 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Siemens Equipment : SINAMICS PERFECT HARMONY GH180 Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer 2. UPDATE INFORMATION This updated advisory is a follow-up to...

Siemens VxWorks-based Industrial Products (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Siemens Equipment : Wind River VxWorks-based Industrial Products Vulnerability : Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

Siemens SCALANCE FragAttacks

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE family devices Vulnerabilities: Improper Authentication, Injection, Improper Validation of Integrity Check, Improper Input Validation 2. RISK EVALUATION Successful...

Siemens SIMATIC Software Products

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Siemens Equipment : SIMATIC Software Products Vulnerability : Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate project files, create a...

Siemens SINUMERIK Integrate Operate Client

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : SINUMERIK Integrate Operate Client Vulnerability : Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to spoof any SSL server...

Schneider Electric C-Bus Toolkit

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: C-Bus Toolkit Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enable...

Siemens Industrial Products LLDP (Update D)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens PROFINET Devices

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Allocation of Resources Without Limits or Throttling 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

Schneider Electric Modicon Controllers and Software (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : EcoStruxure Control Expert, EcoStruxure Process Expert, SCADAPack RemoteConnect x70, SCADAPack x70 RTUs, and Modicon M580 and M340 control products Vulnerabilities :...

Siemens RWG Universal Controllers

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Low attack complexity Vendor : Siemens Equipment : RWG Universal Controllers Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

Siemens SIMATIC Software Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Low attack complexity Vendor : Siemens Equipment : SIMATIC Software Products Vulnerability : Incorrect Permission Assignment for Critical Resource 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-194-06...

Siemens Mendix

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users bypass write permissions to attributes of...

Siemens RUGGEDCOM ROS

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : RUGGEDCOM ROS Vulnerability : Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network access to an affected device to cause a remote...

Siemens Teamcenter Active Workspace

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Siemens Equipment : Teamcenter Active Workspace Vulnerabilities : Generation of Error Message Containing Sensitive Information, Cross-site Scripting, Exposure of Sensitive Information to an...

Siemens JT Utilities

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION : Low attack complexity Vendor : Siemens Equipment : JT Utilities Vulnerabilities : Function Call with Incorrect Variable or Reference as Argument, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a...

Siemens OpenSSL Vulnerabilities in Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Solid Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Siemens Equipment : Solid Edge Vulnerabilities : Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an out-of-bounds write, a buffer overflow condition that may...

ICSA-21-194-15_Siemens JT2Go and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization Vulnerabilities: Double Free, Infinite Loop, Out-of-bounds Write, Use After Free, Heap-based Buffer Overflow, Buffer Over-read, Out-of-bounds Read, Improper Restriction...

Wibu-Systems CodeMeter Runtime

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Wibu-Systems AG Equipment: CodeMeter Runtime Vulnerabilities: Buffer Over-read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read data from the heap of...

DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks

Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of...

Rockwell Automation MicroLogix 1100

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: MicroLogix 1100 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to create a...

MDT AutoSave

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: MDT Software Equipment: MDT AutoSave Vulnerabilities: Inadequate Encryption Strength, SQL Injection, Relative Path Traversal, Command Injection, Uncontrolled Search Path Element, Generation of Error...

Moxa NPort IAW5000A-I/O Series Serial Device Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: NPort IAW5000A-I/O Series Wireless Device Server Vulnerabilities: Classic Buffer Overflow, Stack-based Buffer Overflow, Improper Input Validation, OS Command Injection 2. RISK EVALUATION...

Philips Vue PACS (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Philips Equipment: Vue PACS Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Improper...

All Bachmann M1 System Processor Modules

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bachmann Electronic, GmbH Equipment: All M-Base Controllers Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This updated advisory is a follow-up to the...

Mitsubishi Electric Air Conditioning System

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Multiple Air Conditioning Systems Vulnerability: Incorrect Implementation of Authentication Algorithm 2. RISK EVALUATION An attacker could exploit this vulnerability by impersonating...

Johnson Controls Facility Explorer

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Facility Explorer Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could give an authenticated user an unintended...

Mitsubishi Electric Air Conditioning Systems

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: Multiple Air Conditioning Systems Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability may...

Sensormatic Electronics C-CURE 9000 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: C-CURE 9000 Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

Delta Electronics DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerabilities: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-182-03 Delta Electronics DOPSoft Update A that was...

Claroty Secure Remote Access Site

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Claroty Equipment: Secure Remote Access SRA Site Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability enables an attacker with local Linux...

Panasonic FPWIN Pro

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Low attack complexity Vendor: Panasonic Equipment: FPWIN Pro Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to retrieve sensitive...

Exacq Technologies exacqVision Enterprise Manager

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls Inc. Equipment: exacqVision Enterprise Manager Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this...

JTEKT TOYOPUC PLC

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: JTEKT Corporation Equipment: TOYOPUC PLC Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this...

AVEVA System Platform (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: AVEVA Software, LLC Equipment: System Platform Vulnerabilities: Missing Authentication for Critical Function, Uncaught Exception, Path Traversal, Origin Validation Error, Improper...

Exacq Technologies exacqVision Web Service

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls Inc. Equipment: exacqVision Web Service Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability...

FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these...

Philips Interoperability Solution XDS

1. EXECUTIVE SUMMARY CVSS v3 3.7 ATTENTION: Exploitable remotely Vendor: Philips Equipment: Interoperability Solution XDS Vulnerability: Clear Text Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read the LDAP...

CODESYS V2 web server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS V2 web server Vulnerabilities: Stack-based Buffer Overflow, Improper Access Control, Buffer Copy without Checking Size of Input, Improperly Implemented Security Check,...

Advantech WebAccess HMI Designer (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Advantech Equipment: WebAccess HMI Designer --------- Begin Update A Part 1 of 6 --------- Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Write, Improper Restriction of Operation Within the Bounds of a Memory...

CODESYS Control V2 Linux SysFile library

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS V2 Runtime Toolkit Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow the control programmer to call...

CODESYS Control V2 communication

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS V2 Runtime Toolkit, CODESYS PLCWinNT Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Improper Input Validation 2. RISK EVALUATION Successful...

Exploitation of Accellion File Transfer Appliance

Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,1 New Zealand,2 Singapore,3 the United Kingdom,4 and the United States.56 These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance...

Softing OPC-UA C++ SDK

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Softing Equipment: OPC-UA C++ SDK Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION A remote attacker may be able to crash the device, resulting...

Schneider Electric Enerlin'X Com 'X 510

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Enerlin'X Com’X 510 Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow elevation of privileges, which...

Advantech WebAccess/SCADA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Open Redirect, Relative Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-168-03...

ThroughTek P2P SDK

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: ThroughTek Equipment: P2P SDK Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION ThroughTek supplies multiple original equipment manufacturers of IP cameras with P2P...