Lucene search
K

4255 matches found

ICS
ICS
added 2021/06/08 12:0 a.m.49 views

Thales Sentinel LDK Run-Time Environment

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Thales Equipment: Thales Sentinel LDK Run-Time Environment RTE Vulnerability: Incomplete Cleanup 2. RISK EVALUATION Products that have uninstalled software using the Sentinel LDK Run-Time Environment,...

9.8CVSS9.7AI score0.0125EPSS
Exploits0References5
ICS
ICS
added 2021/06/08 12:0 a.m.41 views

Siemens SIMATIC TIM libcurl

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC TIM libcurl Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of these...

7.5CVSS8.5AI score0.04575EPSS
Exploits2References11
ICS
ICS
added 2021/06/08 12:0 a.m.42 views

Siemens SIMATIC RFID (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC RF Products Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-159-13 Siemens SIMATIC RFID Readers...

7.5CVSS7.7AI score0.00988EPSS
Exploits0References11
ICS
ICS
added 2021/06/08 12:0 a.m.47 views

Siemens TIM 1531 IRC

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: TIM 1531 IRC Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a...

7.5CVSS8.2AI score0.49268EPSS
Exploits0References11
ICS
ICS
added 2021/06/08 12:0 a.m.28 views

Siemens Mendix SAML Module

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate...

8.8CVSS8.8AI score0.00604EPSS
Exploits0References11
ICS
ICS
added 2021/06/08 12:0 a.m.57 views

AVEVA InTouch

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: AVEVA Software, LLC Equipment: InTouch 2020 R2 and all prior versions Vulnerability: Clear Text Storage of Sensitive Information in Memory 2. RISK EVALUATION Successful exploitation of this vulnerability could expose...

6.6CVSS6.1AI score0.0018EPSS
Exploits0References5
ICS
ICS
added 2021/06/08 12:0 a.m.30 views

Schneider Electric Modicon X80

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon X80 Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability may result in...

5.3CVSS5.8AI score0.00925EPSS
Exploits0References5
ICS
ICS
added 2021/06/08 12:0 a.m.37 views

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Metasys Servers, Engines, and Tools Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could give an authenticated...

8.8CVSS9.1AI score0.01245EPSS
Exploits0References5
ICS
ICS
added 2021/06/08 12:0 a.m.33 views

Siemens Simcenter Femap

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Simcenter Femap Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed and may allow arbitrary remote code execution...

7.8CVSS8.3AI score0.01336EPSS
Exploits0References11
ICS
ICS
added 2021/06/08 12:0 a.m.10 views

Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

6.8AI score
Exploits0References11
ICS
ICS
added 2021/06/03 12:0 a.m.51 views

Advantech iView

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: iView Vulnerabilities: Missing Authentication for Critical Function, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...

9.8CVSS8.6AI score0.08055EPSS
Exploits0References5
ICS
ICS
added 2021/06/01 12:0 a.m.78 views

Hillrom Medical Device Management (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Hillrom Equipment: Welch Allyn medical device management tools Vulnerabilities: Out-of-Bounds Write, Out-of-Bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

9.8CVSS10AI score0.01859EPSS
Exploits0References4
ICS
ICS
added 2021/05/29 12:0 p.m.44 views

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and the...

10AI score
Exploits0References48
ICS
ICS
added 2021/05/28 12:0 p.m.22 views

ATT&CK Table for Sophisticated Spearphishing Campaign CSA

Summary See Technical Details section Technical Details Table 1 provides a summary of the MITRE ATT&CK techniques observed. Table 1: MITRE ATT&CK techniques observed Technique Title | Technique ID ---|--- Process Injection: Dynamic-link Library Injection | T1055.001 Ingress Tool Transfer | T1105...

2.5AI score
Exploits0References21
ICS
ICS
added 2021/05/28 12:0 a.m.140 views

Siemens SIMATIC S7-1200 and S7-1500 CPU Families (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1200 and S7-1500 CPU Families Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

9.8CVSS10AI score0.05184EPSS
Exploits0References11
ICS
ICS
added 2021/05/27 12:0 a.m.80 views

Johnson Controls Sensormatic Electronics VideoEdge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: VideoEdge Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local authenticated user may be able to exploit this...

7.8CVSS8.7AI score0.99295EPSS
Exploits81References5
ICS
ICS
added 2021/05/27 12:0 a.m.74 views

Siemens JT2Go and Teamcenter Visualization

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization Vulnerabilities: Untrusted Pointer Dereference, Out-of-bounds Read, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

8.8CVSS7.8AI score0.03991EPSS
Exploits0References8
ICS
ICS
added 2021/05/27 12:0 a.m.60 views

Mitsubishi Electric MELSEC iQ-R Series

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may prevent legitimate clients from...

7.8CVSS7.7AI score0.01497EPSS
Exploits0References4
ICS
ICS
added 2021/05/27 12:0 a.m.54 views

GENIVI Alliance DLT

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: GENIVI Alliance Equipment: DLT-Daemon Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution or crash the...

9.8CVSS10AI score0.04227EPSS
Exploits0References5
ICS
ICS
added 2021/05/27 12:0 a.m.84 views

MesaLabs AmegaView

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mesa Labs Equipment: AmegaView Vulnerabilities: Command Injection, Improper Authentication, Authentication Bypass Using an Alternate Path or Channel, Improper Privilege Management 2. RISK EVALUATION...

10CVSS10AI score0.03081EPSS
Exploits0References5
ICS
ICS
added 2021/05/25 12:0 a.m.52 views

Rockwell Automation Micro800 and MicroLogix 1400

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: Micro800, MicroLogix 1400 Vulnerability: Channel Accessible by Non-endpoint 2. RISK EVALUATION Successful exploitation of this vulnerability may result in denial-of-service conditions, which...

7.5CVSS7.6AI score0.02188EPSS
Exploits0References5
ICS
ICS
added 2021/05/25 12:0 a.m.70 views

Datakit Libraries bundled in Luxion KeyShot

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Datakit Equipment: Software libraries embedded in Luxion KeyShot software Vulnerabilities: Out-of-bounds Write, Exposure of Sensitive Information to an Unauthorized Actor, Stack-Based buffer Overflow, Untrusted Pointer...

7.8CVSS7.7AI score0.02203EPSS
Exploits0References5
ICS
ICS
added 2021/05/20 12:0 p.m.30 views

TrickBot Malware

Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 8. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and Federal...

9.4AI score
Exploits0References100
ICS
ICS
added 2021/05/18 12:0 a.m.137 views

ICSA-21-138-01_Emerson Rosemount X-STREAM

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: Rosemount X-STREAM Gas Analyzer Vulnerabilities: Inadequate Encryption Strength, Unrestricted Upload of File with Dangerous Type, Path Traversal, Use of Persistent Cookies Containing...

9.8CVSS7.9AI score0.01752EPSS
Exploits0References2
ICS
ICS
added 2021/05/17 12:0 a.m.303 views

ICSA-21-040-06_Siemens JT2Go and Teamcenter Visualization (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization Vulnerabilities: Out-of-bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer, Stack-based Buffer overflow, Out-of-Bounds Write, Type...

8.8CVSS8.7AI score0.03991EPSS
Exploits0References11
ICS
ICS
added 2021/05/13 12:0 a.m.190 views

Rockwell Automation Connected Components Workbench

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Connected Components Workbench Vulnerabilities: Deserialization of Untrusted Data, Path Traversal, Improper Input Validation 2. RISK EVALUATION Successful exploitation of...

8.6CVSS8.5AI score0.0281EPSS
Exploits0References5
ICS
ICS
added 2021/05/13 12:0 a.m.81 views

OPC UA Products Built with the .NET Framework 4.5, 4.0, and 3.5

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Unified Automation GmbH Equipment:.NET applications Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

7.5CVSS7.7AI score0.01741EPSS
Exploits0References5
ICS
ICS
added 2021/05/13 12:0 a.m.116 views

Johnson Controls Sensormatic Tyco AI

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Tyco AI Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local attacker could use this vulnerability to obtain super-user access to the underlying...

7.8CVSS8AI score0.99295EPSS
Exploits81References4
ICS
ICS
added 2021/05/13 12:0 a.m.50 views

OPC Foundation UA Products Built with .NET Framework

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: OPC Foundation Equipment: OPC UA Servers Vulnerability: Uncontrolled Recursion 2. RISK EVALUATION Successful exploitation of this vulnerability could trigger a stack overflow. 3. TECHNICAL DETAILS 3.1...

7.5CVSS7.7AI score0.02186EPSS
Exploits0References5
ICS
ICS
added 2021/05/11 12:0 a.m.41 views

Siemens Mendix Excel Importer Module

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mendix, a subsidiary of Siemens Equipment: Mendix Excel Importer Module Vulnerability: Generation of Error Message Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this...

4.3CVSS4.8AI score0.00761EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.40 views

Siemens SCALANCE XM-400 and XR-500 Devices

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE XM-400, XR-500 Vulnerability: Incorrect Calculation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to create...

7.5CVSS7.9AI score0.01629EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.70 views

Siemens SINAMICS Medium Voltage Products Telnet (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 3 --------- CVSS v3 8.1 --------- End Update A Part 1 of 3 --------- ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINAMICS Medium Voltage Products Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION...

9.8CVSS9.9AI score0.05176EPSS
Exploits0References5
ICS
ICS
added 2021/05/11 12:0 a.m.95 views

Siemens Industrial PCs and CNC devices

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Industrial PCs and CNC devices Vulnerabilities: Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, Improper Privilege Management 2. UPDATE...

7.8CVSS7.2AI score0.0051EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.143 views

Siemens SIMATIC S7-1500

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC S7-1500 CPU 1518F-4 Vulnerabilities: Improper Initialization, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these Intel...

7.8CVSS8.1AI score0.00357EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.42 views

Siemens SIMATIC NET CP343-1

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC CP343-1 devices Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition...

7.8CVSS7.6AI score0.01269EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.58 views

Siemens Mendix Database Replication Module

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Database Replication Module Vulnerability: Generation of Error Message Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could...

4.3CVSS4.9AI score0.00721EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.93 views

Siemens SINAMICS Medium Voltage Products Remote Access (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINAMICS Medium Voltage Products, Remote Access Vulnerabilities: Improper Restriction of Operations Within the Bounds of a Memory Buffer, Access of Memory Location After End of Buffer, Uncontrolled Resourc...

9.8CVSS9.5AI score0.04843EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.117 views

Siemens SNMP Implementation of WinCC Runtime

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SNMP Implementation of WinCC Runtime Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the SNMP service and require a...

5.3CVSS5.6AI score0.0102EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.166 views

Siemens SCALANCE W1750D (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE W1750D Vulnerabilities: Improper Authentication, Classic Buffer Overflow, Command Injection, Improper Input Validation, Race Condition, Cross-site Scripting, Basic XSS,...

10CVSS10AI score0.03295EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.132 views

Siemens Linux-based Products (Update J)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.4CVSS7.9AI score0.06692EPSS
Exploits1References11
ICS
ICS
added 2021/05/11 12:0 a.m.125 views

Siemens SIMATIC SmartVNC HMI WinCC Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC HMIs/WinCC Products Vulnerabilities: Access of Memory Location After End of Buffer, Improper Handling of Exceptional Conditions, Improper Restriction of Operations within the Bounds of a Memory...

9.8CVSS8.9AI score0.02538EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.38 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

7.8CVSS8AI score0.09987EPSS
Exploits0References5
ICS
ICS
added 2021/05/11 12:0 a.m.78 views

Siemens Tecnomatix Plant Simulation

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Tecnomatix Plant Simulation Vulnerabilities: Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these...

7.8CVSS8.3AI score0.0145EPSS
Exploits0References11
ICS
ICS
added 2021/05/11 12:0 a.m.58 views

Mitsubishi Electric GOT and Tension Controller (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: GOT and Tension Controller Vulnerability: Buffer Access with Incorrect Length Value 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-131-02...

7.5CVSS7.6AI score0.01476EPSS
Exploits0References4
ICS
ICS
added 2021/05/11 12:0 a.m.97 views

Siemens SIMATIC UltraVNC HMI WinCC Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC HMIs/WinCC Products Vulnerabilities: Improper Initialization, Out-of-bounds Read, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Access of Memory Location After End...

9.8CVSS9.6AI score0.04843EPSS
Exploits0References11
ICS
ICS
added 2021/05/04 12:0 a.m.65 views

Delta Electronics CNCSoft ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device, and an out-of-bounds write...

7.8CVSS8.2AI score0.09728EPSS
Exploits0References5
ICS
ICS
added 2021/05/04 12:0 a.m.36 views

Advantech WISE-PaaS RMM

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WISE-PaaS/RMM Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information...

9.1CVSS9.5AI score0.01242EPSS
Exploits0References5
ICS
ICS
added 2021/04/29 12:0 a.m.315 views

Multiple RTOS (Update E)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendors: Multiple Equipment: Multiple Vulnerabilities: Integer Overflow or Wraparound CISA is aware of a public report, known as “BadAlloc” that details vulnerabilities found in multiple real-time operating...

9.8CVSS9.9AI score0.01691EPSS
Exploits1References5
ICS
ICS
added 2021/04/29 12:0 a.m.83 views

Johnson Controls Exacq Technologies exacqVision

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Vulnerability: Off-by-one Error 2. RISK EVALUATION A local attacker could exploit this vulnerability to obtain “Super User” access to the underlying Ubuntu Linux...

7.8CVSS8.1AI score0.99295EPSS
Exploits81References5
ICS
ICS
added 2021/04/29 12:0 a.m.84 views

Texas Instruments SimpleLink

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Texas Instruments Equipment: SimpleLink Wi-Fi, MSP432, CC13XX, CC26XX, CC32XX, CC3100 Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow or Wraparound 2. RISK EVALUATION Successful...

9.8CVSS8.7AI score0.01752EPSS
Exploits0References5
Total number of security vulnerabilities4255