Lucene search
K

4255 matches found

ICS
ICS
added 2021/03/09 12:0 a.m.167 views

Siemens TCP/IP Stack Vulnerabilities-AMNESIA:33 in SENTRON PAC / 3VA Devices (Update C)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC3220, SENTRON PAC4200 Vulnerabilities: Out-of-bounds Read, Out-of-bounds...

8.2CVSS8.6AI score0.03912EPSS
Exploits0References11
ICS
ICS
added 2021/03/09 12:0 a.m.60 views

Siemens SIMATIC S7-PLCSIM

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-PLCSIM v5.4 Vulnerabilities: Infinite Loop, NULL Pointer Dereference, Divide by Zero 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with local...

5.5CVSS5.8AI score0.00223EPSS
Exploits0References9
ICS
ICS
added 2021/03/09 12:0 a.m.67 views

Siemens SCALANCE and RUGGEDCOM Devices (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE and RUGGEDCOM Devices Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-068-03...

8.8CVSS9.2AI score0.00852EPSS
Exploits0References11
ICS
ICS
added 2021/03/09 12:0 a.m.122 views

Siemens Solid Edge File Parsing

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Improper Restriction of XML External Entity Reference, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

7.8CVSS7.6AI score0.01478EPSS
Exploits0References11
ICS
ICS
added 2021/03/09 12:0 a.m.84 views

Siemens LOGO! 8 BM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.5CVSS5.8AI score0.00266EPSS
Exploits0References10
ICS
ICS
added 2021/03/09 12:0 a.m.65 views

Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Incorrect Authorization\ 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated unprivileged...

8.8CVSS9.1AI score0.0094EPSS
Exploits0References9
ICS
ICS
added 2021/03/09 12:0 a.m.59 views

Siemens SCALANCE and RUGGEDCOM Devices SSH (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE and RUGGEDCOM Devices Vulnerability: Improper Restriction of Excessive Authentication Attempts 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

7.5CVSS7.7AI score0.0129EPSS
Exploits0References11
ICS
ICS
added 2021/03/09 12:0 a.m.73 views

Siemens Energy PLUSCONTROL 1st Gen

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PLUSCONTROL Vulnerability: Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could affect integrity of TCP...

6.5CVSS6.5AI score0.01555EPSS
Exploits0References9
ICS
ICS
added 2021/03/09 12:0 a.m.89 views

Siemens TCP Stack of SIMATIC MV400

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC MV400 Vulnerabilities: Improper Validation of Specified Index, Position, or Offset in Input; Use of Insufficiently Random Values 2. RISK EVALUATION Successful...

7.5CVSS8.4AI score0.01212EPSS
Exploits0References9
ICS
ICS
added 2021/03/04 12:0 a.m.346 views

ICSA-21-063-02_Schneider Electric EcoStruxure Building Operation (EBO)

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Building Operation Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, Improper Restriction of XML External Entity...

8.8CVSS8.5AI score0.02292EPSS
Exploits0References2
ICS
ICS
added 2021/03/04 12:0 a.m.75 views

Rockwell Automation 1734-AENTR Series B and Series C

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: 1734-AENTR Series B and Series C Vulnerabilities: Improper Access Control, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

6.1CVSS6.5AI score0.01246EPSS
Exploits0References5
ICS
ICS
added 2021/03/02 12:0 a.m.87 views

Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: CompactLogix and ControlLogix controllers Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

8.6CVSS7.3AI score0.01836EPSS
Exploits0References5
ICS
ICS
added 2021/03/02 12:0 a.m.130 views

MB connect line mbCONNECT24, mymbCONNECT24

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MB connect line Equipment: mymbCONNECT24, mbCONNECT24 Vulnerabilities: Improper Privilege Management, Server-side Request Forgery SSRF, Cross-site Scripting, Uncontrolled Resource Consumption, Open...

9.8CVSS8.6AI score0.01479EPSS
Exploits0References5
ICS
ICS
added 2021/03/02 12:0 a.m.91 views

Hitachi ABB Power Grids Ellipse EAM

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: Ellipse EAM Vulnerabilities: Cross-site Scripting, User Interface Misrepresentation of Critical Information 2. RISK EVALUATION Successful exploitation of these...

6.1CVSS6.2AI score0.00612EPSS
Exploits0References5
ICS
ICS
added 2021/02/25 12:0 a.m.90 views

Rockwell Automation Logix Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers Vulnerability: Insufficiently Protected Credentials 2. UPDATE INFORMATION This updated advisory is a...

9.8CVSS8.6AI score0.25455EPSS
Exploits1References5
ICS
ICS
added 2021/02/25 12:0 a.m.73 views

PerFact OpenVPN-Client

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PerFact Equipment: OpenVPN-Client Vulnerability: External Control of System or Configuration Setting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for local privilege...

8.8CVSS9.4AI score0.00921EPSS
Exploits0References5
ICS
ICS
added 2021/02/25 12:0 a.m.155 views

ProSoft Technology ICX35

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ProSoft Technology Equipment: ICX35-HWC-A and ICX35-HWC-E Vulnerability: Permissions, Privileges, and Access Controls 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

7.5CVSS7.8AI score0.01019EPSS
Exploits0References5
ICS
ICS
added 2021/02/25 12:0 a.m.80 views

FATEK Automation FvDesigner

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: FATEK Automation Equipment: FvDesigner Vulnerabilities: Use After Free, Access of Uninitialized Pointer, Stack-based Buffer Overflow, Out-of-Bounds Write, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation...

7.8CVSS8.5AI score0.01113EPSS
Exploits0References5
ICS
ICS
added 2021/02/23 12:0 a.m.64 views

Rockwell Automation FactoryTalk Services Platform

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Services Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability...

10CVSS9.9AI score0.04095EPSS
Exploits0References5
ICS
ICS
added 2021/02/23 12:0 a.m.128 views

Ovarro TBox (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Ovarro Equipment: TBoxLT2 All models, TBox MS-CPU32, TBox MS-CPU32-S2, TBox RM2 All models, TBox TG2 All models --------- Begin Update A Part 1 of 3 --------- Vulnerabilities: Code Injection,...

9.8CVSS9.7AI score0.01196EPSS
Exploits0References5
ICS
ICS
added 2021/02/23 12:0 a.m.126 views

Advantech Spectre RT Industrial Routers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: Spectre RT Industrial Routers Vulnerabilities: Improper Neutralization of Input During Web Page Generation, Cleartext Transmission of Sensitive Information, Improper...

9.8CVSS9.9AI score0.01484EPSS
Exploits0References5
ICS
ICS
added 2021/02/23 12:0 a.m.60 views

Advantech BB-ESWGP506-2SFP-T

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: BB-ESWGP506-2SFP-T Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized...

10CVSS10AI score0.03612EPSS
Exploits0References5
ICS
ICS
added 2021/02/18 7:0 a.m.575 views

Mitsubishi Electric FA Engineering Software Products (Update H)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Products Vulnerabilities: Heap-based Buffer Overflow, Improper Handling of Length Parameter Inconsistency 2. UPDATE INFORMATION This updated...

9.8CVSS10AI score0.05858EPSS
Exploits0References10
ICS
ICS
added 2021/02/18 12:0 a.m.60 views

Johnson Controls Metasys Reporting Engine (MRE) Web Services

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Johnson Controls Equipment: Metasys Reporting Engine MRE Web Services Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...

7.5CVSS7.8AI score0.02109EPSS
Exploits0References5
ICS
ICS
added 2021/02/16 12:0 a.m.48 views

Rockwell Automation Allen-Bradley Micrologix 1100

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley MicroLogix 1100 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability...

7.5CVSS7.8AI score0.04584EPSS
Exploits0References4
ICS
ICS
added 2021/02/16 12:0 a.m.51 views

Hamilton-T1

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Low skill level to exploit Vendor: Hamilton Medical AG Equipment: Hamilton-T1 Vulnerabilities: Use of Hard-coded Credentials, Missing XML Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers with physical...

5.2CVSS5.2AI score0.00283EPSS
Exploits0References5
ICS
ICS
added 2021/02/12 12:0 p.m.35 views

Compromise of U.S. Water Treatment Facility

Summary On February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition SCADA system at a U.S. drinking water treatment facility. The unidentified actors used the SCADA system’s software to increase the amount of sodium hydroxide, also...

9.9AI score
Exploits0References18
ICS
ICS
added 2021/02/11 12:0 a.m.127 views

Rockwell Automation DriveTools SP and Drives AOP

1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor : Rockwell Automation Equipment : DriveTools SP and Drives AOP Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability may result in privilege escalation and total loss of device confidentiality,...

7.8CVSS8.1AI score0.00434EPSS
Exploits0References5
ICS
ICS
added 2021/02/11 12:0 a.m.125 views

Multiple Embedded TCP/IP Stacks (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Multiple Equipment: Nut/Net, CycloneTCP, NDKTCPIP, FNET, uIP-Contiki-OS, uC/TCP-IP, uIP-Contiki-NG, uIP, picoTCP-NG, picoTCP, MPLAB Net, Nucleus NET, Nucleus ReadyStart Vulnerabilities: Use of...

9.8CVSS8.4AI score0.01716EPSS
Exploits1References5
ICS
ICS
added 2021/02/09 12:0 a.m.28 views

Siemens SINEMA Server & SINEC NMS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Server, SINEC NMS Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution on an affected...

8.1CVSS8.4AI score0.20616EPSS
Exploits0References9
ICS
ICS
added 2021/02/09 12:0 a.m.335 views

Open Design Alliance Drawings SDK (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Open Design Alliance Equipment: Drawings SDK --------- Begin Update A Part 1 of 3 --------- Vulnerabilities: Stack-based Buffer Overflow, Type Confusion, Untrusted Pointer Dereference, Incorrect Type Conversion or Cast,...

8.8CVSS8.8AI score0.03991EPSS
Exploits0References11
ICS
ICS
added 2021/02/09 12:0 a.m.66 views

Siemens RUGGEDCOM ROX II

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: RUGGEDCOM ROX IIB Vulnerabilities: Improper Input Validation, NULL Pointer Dereference, Out-of-Bounds Write, Insufficient Verification of Data Authenticity, Improper Certificate...

10CVSS9.4AI score0.03552EPSS
Exploits2References9
ICS
ICS
added 2021/02/09 12:0 a.m.41 views

Siemens DIGSI 4

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: DIGSI 4 Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low privileged attacker to execute arbitrary code with SYSTEM...

7.8CVSS8AI score0.00342EPSS
Exploits0References9
ICS
ICS
added 2021/02/09 12:0 a.m.57 views

Siemens SIMARIS Configuration (Update A)

1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMARIS configuration Vulnerability: Incorrect Default Permissions 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-040-08 Siemens SIMARIS...

7.8CVSS7.9AI score0.00293EPSS
Exploits0References4
ICS
ICS
added 2021/02/09 12:0 a.m.37 views

Siemens TIA Administrator (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: TIA Portal and PCS neo Vulnerability: Improper Access Control 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-040-05 Siemens TIA Administrator that was...

7.8CVSS7.8AI score0.00862EPSS
Exploits0References11
ICS
ICS
added 2021/02/09 12:0 a.m.60 views

Advantech iView

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Path Traversal, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...

9.8CVSS9.9AI score0.36845EPSS
Exploits4References5
ICS
ICS
added 2021/02/09 12:0 a.m.61 views

SIMATIC WinCC Graphics Designer

1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low skill level to exploit Vendor : Siemens Equipment: SIMATIC WinCC and PCS 7 Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

5.5CVSS5.9AI score0.00336EPSS
Exploits0References9
ICS
ICS
added 2021/02/09 12:0 a.m.35 views

Siemens SCALANCE W780 and W740

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE W780 and W740 Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

4.3CVSS4.8AI score0.00694EPSS
Exploits0References9
ICS
ICS
added 2021/02/09 12:0 a.m.169 views

GE Digital HMI/SCADA iFIX

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: GE Digital Equipment: HMI/SCADA iFIX Vulnerabilities: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate their...

5.5CVSS6AI score0.00204EPSS
Exploits0References5
ICS
ICS
added 2021/02/04 12:0 a.m.60 views

Luxion KeyShot (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Luxion Equipment: KeyShot products Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Insufficient UI Warning of Dangerous Operations, Untrusted Pointer Dereference, Path Traversal 2. UPDATE INFORMATION This...

7.8CVSS8.4AI score0.02646EPSS
Exploits0References6
ICS
ICS
added 2021/02/04 12:0 a.m.52 views

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability may allow code execution in the context of the current process. 3. TECHNICAL...

7.8CVSS7.8AI score0.01345EPSS
Exploits0References5
ICS
ICS
added 2021/02/02 12:0 a.m.72 views

Rockwell Automation MicroLogix 1400 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: MicroLogix 1400 Vulnerability: Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-033-01 Rockwell Automation MicroLogix 1400 that...

8.6CVSS9AI score0.01719EPSS
Exploits0References5
ICS
ICS
added 2021/01/28 12:0 a.m.81 views

Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Linx and FactoryTalk Services Platform Vulnerabilities: Classic Buffer overflow, Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION...

7.5CVSS7.6AI score0.38828EPSS
Exploits0References5
ICS
ICS
added 2021/01/28 12:0 a.m.51 views

Siemens SIMATIC HMI Comfort Panels & SIMATIC HMI KTP Mobile Panels

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC HMI Comfort Panels, SIMATIC HMI KTP Mobile Panels Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this...

9.8CVSS9.9AI score0.05176EPSS
Exploits0References9
ICS
ICS
added 2021/01/26 12:0 a.m.50 views

All Bachmann M1 System Processor Modules

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bachmann Electronic, GmbH Equipment: All M-Base Controllers Vulnerability : Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This updated advisory is a follow-up to...

8.8CVSS8.5AI score0.00824EPSS
Exploits0References4
ICS
ICS
added 2021/01/26 12:0 a.m.60 views

Fuji Electric Tellus Lite V-Simulator and V-Server Lite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator and V-Server Lite Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Read, Out-of-Bounds Write, Access of Uninitialized Pointer, Heap-based Buffer Overflow 2...

7.8CVSS8.5AI score0.02142EPSS
Exploits1References5
ICS
ICS
added 2021/01/21 12:0 a.m.64 views

Mitsubishi Electric MELFA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELFA FR Series, MELFA CR Series, MELFA ASSISTA Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

7.8CVSS7.7AI score0.02744EPSS
Exploits0References4
ICS
ICS
added 2021/01/21 12:0 a.m.61 views

Honeywell OPC UA Tunneller

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Matrikon, a subsidiary of Honeywell Equipment: OPC UA Tunneller Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Read, Improper Check for Unusual or Exceptional Conditions, Uncontrolled...

9.8CVSS9.1AI score0.02411EPSS
Exploits0References5
ICS
ICS
added 2021/01/21 12:0 a.m.35 views

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: TPEditor Vulnerabilities: Untrusted Pointer Dereference, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute...

7.8CVSS8.3AI score0.01278EPSS
Exploits0References5
ICS
ICS
added 2021/01/21 12:0 a.m.65 views

WAGO M&M Software fdtCONTAINER (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: M&M Software GmbH, a subsidiary of WAGO Kontakttechnik Equipment: fdtCONTAINER Vulnerability: Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

7.8CVSS7.5AI score0.0134EPSS
Exploits0References5
Total number of security vulnerabilities4255