Fieldcomm Group HART-IP and hipserver

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fieldcomm Group Equipment: HARP-IP Developer kit, hipserver Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being...

Flexera InstallShield

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Flexera Equipment: InstallShield Vulnerability: Untrusted Search Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow execution of a malicious DLL. 3. TECHNICAL DETAILS 3.1 AFFECTED...

MOXA NPort IAW5000A-I/O Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MOXA Equipment: NPort IAW5000A-I/O Series Vulnerabilities: Session Fixation, Improper Privilege Management, Weak Password Requirements, Cleartext Transmission of Sensitive Information, Improper...

LCDS LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute...

Siemens Desigo Insight

1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Desigo Insight Vulnerabilities: SQL Injection, Improper Restriction of Rendered UI Layers or Frames, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION...

Johnson Controls Sensormatic Electronics American Dynamics victor Web Client and Software House C•CURE Web Client (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Low skill level to exploit Vendor : Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment : American Dynamics victor Web Client Vulnerability : Improper Authorization 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Rockwell Automation ISaGRAF5 Runtime (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ISaGRAF5 Runtime Vulnerabilities: Use of Hard-coded Cryptographic Key, Unprotected Storage of Credentials, Relative Path Traversal, Uncontrolled Search Path Element,...

Yokogawa WideField3

1. EXECUTIVE SUMMARY CVSS v3 2.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: Main equipment Vulnerability: Buffer Copy Without Checking Size of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could terminate the program abnormally...

ICSA-20-273-01_MB Connect line mbCONNECT24, mymbCONNECT24

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MB connect line Equipment: mymbCONNECT24, mbCONNECT24 Vulnerabilities: SQL Injection, Cross-site Request Forgery, Command Injection 2. RISK EVALUATION Successful exploitation of these...

B&R Automation SiteManager and GateManager

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Industrial Automation GmbH Equipment: SiteManager and GateManager Vulnerabilities: Path Traversal, Uncontrolled Resource Consumption, Information Exposure, Improper Authentication, Information...

3S CoDeSys (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: 3S-Smart Software Solutions Equipment: CoDeSys Vulnerabilities: Improper Access Control, Relative Path Traversal 2. UPDATE INFORMATION This updated advisory is a...

Technical Approaches to Uncovering and Remediating Malicious Activity

Summary This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,1 Canada,2 New Zealand,34 the United Kingdom,5 and the United States.6 It highlights technical approaches to uncovering malicious activity and includes mitigati...

GE Reason S20 Ethernet Switch

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: General Electric Equipment: Reason S20 Ethernet Switch Vulnerabilities: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow unauthorized accounts...

GE Digital APM Classic

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Digital Equipment: APM Classic Vulnerabilities: Authorization Bypass Through User-controlled Key, Use of a One-Way Hash Without a Salt 2. RISK EVALUATION Successful exploitation of these...

ICSMA-20-261-01_Philips Clinical Collaboration Platform

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Clinical Collaboration Platform Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of Script in Attributes in a Web Page, Protection Mechanism Failure, Algorithm Downgrade,...

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate their...

Iran-Based Threat Actor Exploits VPN Vulnerabilities

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA with contributions...

Philips Patient Monitoring Devices (Update C)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION : Low attack complexity Vendor : Philips Equipment : Patient Information Center iX PICiX; PerformanceBridge Focal Point; IntelliVue Patient Monitors MX100, MX400-MX850, and MP2-MP90; and IntelliVue X2, and X3 Vulnerabilities : Improper...

FATEK Automation PLC WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: FATEK Automation Equipment: PLC WinProladder Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow...

AVEVA Enterprise Data Management Web

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AVEVA Equipment: Enterprise Data Management Web Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL...

HMS Networks Ewon Flexy and Cosy

1. EXECUTIVE SUMMARY CVSS v3 2.3 ATTENTION: Low skill level to exploit Vendor: HMS Networks Equipment: Ewon Flexy and Cosy Vulnerability: Permissive Cross-domain Policy with Untrusted Domains 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to retrieve...

Siemens Industrial Products (Update F)

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Siemens Industrial Products containing certain processors Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Siemens License Management Utility

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: License Management Utility Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow local users to escalate privileges. 3...

Siemens SIMATIC RTLS Locating Manager

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC RTLS Locating Manager Vulnerabilities: Incorrect Default Permissions, Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a privileged...

Siemens Polarion Subversion Webclient

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Polarion Subversion Webclient Vulnerabilities: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS, Cross-site Request Forgery CSRF 2. RISK EVALUATION...

Siemens SIMATIC S7-300 and S7-400 CPUs (Update C)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-300 and S7-400 CPUs Vulnerability: Insufficiently Protected Credentials 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-252-02 Siemens...

Siemens SIMATIC HMI Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC HMI Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Authentication Bypass by Primary Weakness 2. UPDATE INFORMATION This updated advisory is a...

Siemens Spectrum Power

1. EXECUTIVE SUMMARY CVSS v3 3.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Spectrum Power Vulnerabilities: Cleartext Storage of Sensitive Information, Exposure of Information Through Directory Listing 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

Siemens Siveillance Video Client

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Siveillance Video Client Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

Mitsubishi Electric Multiple Products (Update G)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : Multiple products Vulnerability : Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could be used...

Red Lion N-Tron 702-W, 702M12-W

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: N-Tron 702-W / 702M12-W Vulnerabilities: Reflected Cross-site Scripting, Stored Cross-site Scripting, Cross-site Request Forgery, Hidden Functionality, Use of Unmaintained...

Emerson OpenEnterprise

1. EXECUTIVE SUMMARY CVSS v3 3,8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: OpenEnterprise SCADA Software Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to credentials held by...

Advantech iView

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: iView Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read/modify information, execute arbitrary code,...

WECON LeviStudioU (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Technology Co., Ltd WECON Equipment: LeviStudioU --------- Begin Update C Part 1 of 3 --------- Vulnerabilities: Stack-based Buffer Overflow, Improper Restriction of XML External Entity Reference, Heap-based...

Philips SureSigns VS4

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely Vendor : Philips Equipment : SureSigns VS4 Vulnerabilities : Improper Input Validation, Improper Access Control, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...

Wibu-Systems CodeMeter (Update F)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Wibu-Systems AG Equipment: CodeMeter Vulnerabilities: Buffer Access with Incorrect Length Value, Inadequate Encryption Strength, Origin Validation Error, Improper Input Validation, Improper Verificatio...

Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Summary The Cybersecurity and Infrastructure Security Agency CISA is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration SBA COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that th...

Yokogawa CENTUM (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: CENTUM Vulnerabilities: Improper Authentication, Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-224-01...

Schneider Electric APC Easy UPS On-Line

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: APC Easy UPS On-Line Vulnerabilities: Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to remote code execution. 3...

Siemens SCALANCE, RUGGEDCOM

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE, RUGGEDCOM Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthenticated access...

Siemens SICAM A8000 RTUs

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SICAM A8000 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the confidentiality, integrity, and availability of the web application...

Siemens Desigo CC

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment : Desigo CC Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain remote code execution on the server with...

Tridium Niagara

1. EXECUTIVE SUMMARY CVSS v3 4,3 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: Tridium Equipment: Niagara Vulnerability: Synchronous Access of Remote Resource without Timeout 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a...

Siemens Automation License Manager

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Automation License Manager ALM Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to locally escalate privileges and modify...

Siemens SIMATIC, SIMOTICS (Update A)

1. EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SIMOTICS Vulnerability: TOCTOU Race Condition 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-224-05 Siemens SIMATIC,...

Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Summary This is a joint alert from the United States Cybersecurity and Infrastructure Security Agency CISA and the United Kingdom’s National Cyber Security Centre NCSC. CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attach...

Geutebrück G-Cam and G-Code

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Geutebrück Equipment: G-Cam and G-Code Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code...

Advantech WebAccess HMI Designer

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess HMI Designer Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Read, Out-of-bounds Write, Type Confusion, Stack-based Buffer Overflow, Double Free 2. RISK...

Trailer Power Line Communications

1. EXECUTIVE SUMMARY CVSS v3 4.3 Vendor: Multiple Trailer and Brake Manufacturers Equipment: Power Line Communications Bus / PLC4TRUCKS / J2497 Vulnerability: Exposure of Sensitive Information Through Sent Data 2. RISK EVALUATION The National Motor Freight Traffic Association NMFTA and Assured...

Delta Industrial Automation TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: TPEditor Vulnerabilities: Out-of-bounds Read, Stack-based Buffer Overflow, Heap-based Buffer Overflow, Write-what-where Condition, Improper Input Validation 2. RISK EVALUATION Successful...