Lucene search
K

4255 matches found

ICS
ICS
added 2021/01/21 12:0 a.m.49 views

Delta Electronics ISPSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: ISPSoft Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application...

7.8CVSS8AI score0.01252EPSS
Exploits0References5
ICS
ICS
added 2021/01/19 12:0 a.m.50 views

Philips Interventional Workstations

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Philips Interventional WorkSpot, Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live, ViewForum Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this...

6.5CVSS6.8AI score0.00887EPSS
Exploits0References5
ICS
ICS
added 2021/01/19 12:0 a.m.83 views

Reolink P2P Cameras

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Reolink Equipment: P2P protocol Vulnerabilities: Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these...

7.8CVSS8.1AI score0.00986EPSS
Exploits0References5
ICS
ICS
added 2021/01/19 12:0 a.m.106 views

dnsmasq by Simon Kelley (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: dnsmasq by Simon Kelley Equipment: dnsmasq Vulnerabilities: Heap-based Buffer Overflow, Insufficient Verification of Data Authenticity, Use of a Broken or Risky Cryptographic Algorithm CISA is awar...

8.3CVSS8.5AI score0.86692EPSS
Exploits2References11
ICS
ICS
added 2021/01/12 12:0 a.m.81 views

SOOIL Dana Diabecare RS Products

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SOOIL Developments Co., Ltd. Equipment: Diabecare RS, AnyDana-i and AnyDana-A Vulnerabilities: Use of Hard Coded Credentials, Insufficiently Protected Credentials, Use of Insufficiently Random...

8.8CVSS7.3AI score0.00581EPSS
Exploits0References5
ICS
ICS
added 2021/01/12 12:0 a.m.64 views

Siemens Solid Edge

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution on an affected...

7.8CVSS8.5AI score0.03439EPSS
Exploits0References9
ICS
ICS
added 2021/01/12 12:0 a.m.104 views

Siemens SCALANCE X Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X Products Vulnerabilities: Missing Authentication for Critical Function, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

9.8CVSS9.3AI score0.01652EPSS
Exploits0References11
ICS
ICS
added 2021/01/12 12:0 a.m.86 views

Siemens SCALANCE X Switches (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X200, X200IRT, X300 Vulnerabilities: Use of Hard-coded Cryptographic Key 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

5.9CVSS6.4AI score0.01176EPSS
Exploits0References11
ICS
ICS
added 2021/01/12 12:0 a.m.308 views

Schneider Electric EcoStruxure Power Build-Rapsody (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Power Build-Rapsody Vulnerability: Unrestricted Upload of File with Dangerous Type 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

7.8CVSS8.4AI score0.03873EPSS
Exploits0References5
ICS
ICS
added 2021/01/12 12:0 a.m.427 views

Siemens JT2Go and Teamcenter Visualization (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization --------- Begin Update B Part 1 of 2 --------- Vulnerabilities: Type Confusion, Improper Restriction of XML External Entity Reference, Out-of-Bounds Write,...

8.8CVSS9.1AI score0.04297EPSS
Exploits0References5
ICS
ICS
added 2021/01/07 12:0 a.m.60 views

Innokas Yhtymä Oy Vital Signs Monitor

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Innokas Yhtymä Oy Equipment: Vital Signs Monitor VC150 Vulnerabilities: Cross-site Scripting, Improper Neutralization of Special Elements in Output Used by a Downstream Component 2. RISK EVALUATION...

5.4CVSS6AI score0.00675EPSS
Exploits0References5
ICS
ICS
added 2021/01/07 12:0 a.m.313 views

Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: FOX615 Multiservice-Multiplexer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

9.1CVSS9.5AI score0.91789EPSS
Exploits11References5
ICS
ICS
added 2021/01/07 12:0 a.m.219 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-One Vulnerabilities: Untrusted Pointer Dereference, Stack-based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being...

8.8CVSS9.2AI score0.07612EPSS
Exploits0References2
ICS
ICS
added 2021/01/07 12:0 a.m.221 views

Delta Electronics CNCSoft-B

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft-B Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Untrusted Pointer Dereference, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

7.8CVSS8.4AI score0.02534EPSS
Exploits0References5
ICS
ICS
added 2021/01/07 12:0 a.m.309 views

Eaton EASYsoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.8 Vendor: Eaton Equipment: EASYsoft Vulnerabilities: Type Confusion, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-007-03 Eaton EASYsoft that was published January 7, 2021, to the ICS webpage on...

7.8CVSS7.2AI score0.02706EPSS
Exploits0References5
ICS
ICS
added 2021/01/05 12:0 a.m.27 views

Panasonic FPWIN Pro

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Panasonic Equipment: FPWIN Pro Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an out-of-bounds read, which may allow remote code execution. 3...

7.8CVSS8.1AI score0.01191EPSS
Exploits0References5
ICS
ICS
added 2021/01/05 12:0 a.m.45 views

Delta Electronics DOPSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: DOPSoft Vulnerabilities: Out-of-bounds Write, Untrusted Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution. 3...

9.3CVSS8.4AI score0.0325EPSS
Exploits0References5
ICS
ICS
added 2021/01/05 12:0 a.m.91 views

Schneider Electric Web Server on Modicon M340

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Classic Buffer Overflow 2. RISK...

8.8CVSS9.5AI score0.01087EPSS
Exploits0References5
ICS
ICS
added 2021/01/05 12:0 a.m.40 views

Delta Electronics CNCSoft ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS...

7.8CVSS8.2AI score0.02017EPSS
Exploits0References5
ICS
ICS
added 2021/01/05 12:0 a.m.78 views

Red Lion Crimson 3.1

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: Crimson 3.1 Vulnerabilities: NULL Pointer Dereference, Missing Authentication for Critical Function, Improper Resource Shutdown or Release 2. RISK EVALUATION Successful...

9.1CVSS7.4AI score0.01715EPSS
Exploits0References5
ICS
ICS
added 2021/01/05 12:0 a.m.206 views

GE Reason RT43X Clocks

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Reason RT43X Clocks Vulnerabilities: Code Injection, Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

9.8CVSS7.8AI score0.02982EPSS
Exploits0References5
ICS
ICS
added 2020/12/18 12:0 a.m.106 views

Treck TCP/IP Stack (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely Vendor: Treck Inc. Equipment: TCP/IP Vulnerability : Heap-based Buffer Overflow, Out-of-bounds Read, Out-of-bounds Write The Treck TCP/IP stack may be known by other names such as Kasago TCP/IP, ELMIC, Net+ OS, Quadnet, GHNET v2,...

10CVSS7.7AI score0.03348EPSS
Exploits0References5
ICS
ICS
added 2020/12/17 12:0 a.m.230 views

PTC Kepware LinkMaster

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Low skill level to exploit Vendor: PTC Equipment: Kepware LinkMaster Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to globally overwrite the service...

9.3CVSS8.1AI score0.0066EPSS
Exploits1References5
ICS
ICS
added 2020/12/17 12:0 a.m.27 views

Emerson Rosemount X-STREAM

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: Rosemount X-STREAM Gas Analyzer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker through a...

7.5CVSS7.9AI score0.01271EPSS
Exploits0References5
ICS
ICS
added 2020/12/17 12:0 a.m.454 views

PTC Kepware KEPServerEX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PTC Equipment: Kepware KEPServerEX Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

9.8CVSS10AI score0.10062EPSS
Exploits0References5
ICS
ICS
added 2020/12/10 12:0 p.m.24 views

Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data

Summary This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the Multi-State Information Sharing and Analysis Center MS-ISAC. The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeti...

9.8AI score
Exploits0References30
ICS
ICS
added 2020/12/10 12:0 a.m.35 views

Host Engineering H2-ECOM100 Module

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Host Engineering Equipment: ECOM100 Module Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a denial-of-service condition,...

7.8CVSS7.9AI score0.01454EPSS
Exploits0References5
ICS
ICS
added 2020/12/10 12:0 a.m.29 views

Mitsubishi Electric MELSEC iQ-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerability: Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause...

7.4CVSS7.6AI score0.00985EPSS
Exploits0References4
ICS
ICS
added 2020/12/08 12:0 a.m.42 views

Medtronic MyCareLink Smart

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink MCL Smart Model 25000 Patient Reader Vulnerabilities: Improper Authentication, Heap-based Buffer Overflow, Time-of-check Time-of-use Race Condition 2...

10CVSS9.1AI score0.03768EPSS
Exploits0References4
ICS
ICS
added 2020/12/08 12:0 a.m.90 views

Siemens Embedded TCP/IP Stack Vulnerabilities-AMNESIA:33 (Update C)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: ENTRON 3VA COM100/800, SENTRON 3VA DSP800, SENTRON PAC2200, SENTRON PAC3200T, SENTRON PAC3200, SENTRON PAC4200, SIRIUS 3RW5 Vulnerability: Integer Overflow 2. UPDATE INFORMATION This...

7.5CVSS8.1AI score0.03912EPSS
Exploits0References11
ICS
ICS
added 2020/12/08 12:0 a.m.106 views

Siemens LOGO! 8 BM

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! 8 BM Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Cryptographic Key, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently...

10CVSS8.2AI score0.01372EPSS
Exploits0References9
ICS
ICS
added 2020/12/08 12:0 a.m.83 views

Schneider Electric Modicon M221 Programmable Logic Controller

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable from an adjacent network Vendor: Schneider Electric Equipment: Modicon M221 Programmable Logic Controller Vulnerabilities: Inadequate Encryption Strength, Small Space of Random Values, Missing Encryption of Sensitive Data, Exposure of...

9.8CVSS6.5AI score0.00719EPSS
Exploits0References5
ICS
ICS
added 2020/12/08 12:0 a.m.73 views

Schneider Electric Easergy T300

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: Easergy T300 Vulnerability : Missing Authentication for Critical Function, Missing Authorization, Missing Encryption of Sensitive Data, Improper Restriction of Rendered UI Layers or Frames 2...

9.8CVSS9AI score0.03032EPSS
Exploits0References4
ICS
ICS
added 2020/12/08 12:0 a.m.104 views

GE Healthcare Imaging and Ultrasound Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Healthcare Equipment: GE Imaging and Ultrasound Products Vulnerabilities: Unprotected Transport of Credentials, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK...

10AI score
Exploits0References4
ICS
ICS
added 2020/12/08 12:0 a.m.36 views

Siemens SIMATIC Controller Web Servers

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Controller Web Servers Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

7.5CVSS7.6AI score0.01591EPSS
Exploits0References5
ICS
ICS
added 2020/12/08 12:0 a.m.126 views

Multiple Embedded TCP/IP Stacks

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Multiple open source Equipment: uIP-Contiki-OS, uIP-Contiki-NG, uIP, open-iscsi, picoTCP-NG, picoTCP, FNET, Nut/Net Vulnerabilities: Infinite Loop, Integer Wraparound, Out-of-bounds Read, Integer...

9.8CVSS9AI score0.1854EPSS
Exploits0References5
ICS
ICS
added 2020/12/08 12:0 a.m.48 views

Siemens SICAM A8000 RTUs

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM A8000 Remote Terminal Unit Series Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

7.3CVSS7.6AI score0.00564EPSS
Exploits0References9
ICS
ICS
added 2020/12/08 12:0 a.m.96 views

Siemens Products using TightVNC (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 5 --------- This advisory was previously released with a set of Siemens products considered to be affected. Following further investigation by the Siemens’ team, it was determined all products previously advised are not affected by any...

9.8CVSS9.4AI score0.19461EPSS
Exploits0References11
ICS
ICS
added 2020/12/08 12:0 a.m.61 views

Mitsubishi Electric GOT and Tension Controller (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Corporation Equipment: GOT and Tension Controller Vulnerability: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

7.5CVSS7.7AI score0.02786EPSS
Exploits0References5
ICS
ICS
added 2020/12/08 12:0 a.m.77 views

Siemens XHQ Operations Intelligence

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: XHQ Operations Intelligence Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Cross-site Scripting, Basic XSS, SQL Injection, Relative Path Traversal,...

8.8CVSS8.3AI score0.01241EPSS
Exploits0References9
ICS
ICS
added 2020/12/03 12:0 a.m.65 views

National Instruments CompactRIO

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: National Instruments Corp. NI Equipment: CompactRIO Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

7.8CVSS7.8AI score0.01109EPSS
Exploits0References5
ICS
ICS
added 2020/12/01 12:0 p.m.49 views

Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FB...

10AI score
Exploits0References194
ICS
ICS
added 2020/12/01 12:0 p.m.119 views

Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of...

10CVSS9.4AI score0.99999EPSS
Exploits202References74
ICS
ICS
added 2020/12/01 12:0 a.m.72 views

Schneider Electric EcoStruxure Operator Terminal Expert runtime (Vijeo XD)

1. EXECUTIVE SUMMARY CVSS v3 7.4 Vendor: Schneider Electric Equipment: EcoStruxure Operator Terminal Expert Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability may allow unauthorized command execution by a local user of the Windows...

7.8CVSS8.3AI score0.00309EPSS
Exploits0References5
ICS
ICS
added 2020/11/24 12:0 a.m.49 views

Fuji Electric V-Server Lite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for remote code execution on the device. 3. TECHNICAL DETAILS 3.1...

7.8CVSS8AI score0.01037EPSS
Exploits0References5
ICS
ICS
added 2020/11/24 12:0 a.m.67 views

Rockwell Automation FactoryTalk Linx

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Linx Vulnerabilities: Improper Input Validation, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

9.8CVSS9AI score0.05461EPSS
Exploits0References4
ICS
ICS
added 2020/11/19 7:0 a.m.91 views

Mitsubishi Electric MELSEC iQ-R Series (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

7.8CVSS7.6AI score0.02117EPSS
Exploits0References10
ICS
ICS
added 2020/11/19 12:0 a.m.83 views

Mitsubishi Electric MELSEC iQ-R Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R series Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-324-05...

7.8CVSS7.6AI score0.04731EPSS
Exploits0References4
ICS
ICS
added 2020/11/17 12:0 a.m.51 views

Johnson Controls Sensormatic Electronics American Dynamics victor Web Client

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Sensormatic Electronics, LLC; a subsidiary of Johnson Controls Equipment: American Dynamics victor Web Client, Software House C•CURE Web Client Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation...

7.1CVSS6.5AI score0.00527EPSS
Exploits0References5
ICS
ICS
added 2020/11/17 12:0 a.m.60 views

Paradox IP150 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Paradox Equipment: IP150 Vulnerabilities: Stack-based Buffer Overflow, Classic Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

9.8CVSS9.9AI score0.0254EPSS
Exploits0References5
Total number of security vulnerabilities4255