4255 matches found
Johnson Controls Sensormatic Electronics American Dynamics victor Web Client
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Sensormatic Electronics, LLC; a subsidiary of Johnson Controls Equipment: American Dynamics victor Web Client, Software House C•CURE Web Client Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation...
Schneider Electric Interactive Graphical SCADA System (IGSS)
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Interactive Graphical SCADA System IGSS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION...
Saia Burgess Controls PCD Controller Hard-coded Password Vulnerability
OVERVIEW Independent researcher Artyom Kurbatov has identified a hard-coded password vulnerability in Saia Burgess Controls’s family of PCD controllers. Saia Burgess Controls has produced a new firmware version to mitigate this vulnerability. Artyom Kurbatov has tested the new firmware version to...
BD Alaris 8015 PC Unit and BD Alaris Systems Manager
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: BD Alaris 8015 PC Unit and BD Alaris Systems Manager Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this...
Mitsubishi Electric MELSEC iQ-R Series
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition for the affected...
Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-300 CPUs and SINUMERIK Controller Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-315-04...
OSIsoft PI Vision
1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Vision 2020 Vulnerabilities: Cross-site Scripting, Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow a remote attacker with...
Schneider Electric PLC Simulator for EcoStruxure Control Expert
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: PLC Simulator for EcoStruxure Control Expert Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this...
ICSA-20-315-01_OSIsoft PI Interface for OPC XML-DA
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Interface Vulnerability: Numeric Errors 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker-controlled OPC XML-DA Server to respond with a...
Siemens SCALANCE W 1750D
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE W 1750D Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code...
WECON PLC Editor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Equipment: PLC Editor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the...
Mitsubishi Electric GT14 Model of GOT1000 Series
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: GT14 model of GOT1000 Series Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation, NULL Pointer Dereference,...
Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure...
WAGO Series 750-88x and 750-352 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: 750-88x and 750-352 Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-308-01 WAGO...
ARC Informatique PcVue (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ARC Informatique Equipment: PcVue Vulnerabilities: Deserialization of Untrusted Data, Access to Critical Private Variable via Public Method, Information Exposure of Sensitive Information to an...
NEXCOM NIO50
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: NEXCOM Equipment: NIO 50 Vulnerabilities: Improper Input Validation, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
Ransomware Activity Targeting the Healthcare and Public Health Sector
Summary This advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® version 7 framework. See the ATT&CK for Enterprise version 7 f...
Mitsubishi Electric MELSEC iQ-R, Q, and L Series (Update E)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R, Q, and L Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...
Mitsubishi Electric MELSEC iQ-R
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation, NULL Pointer Dereference, Improper Access...
North Korean Advanced Persistent Threat Focus: Kimsuky
Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and...
SHUN HU Technology JUUKO Industrial Radio Remote Control
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: SHUN HU Technology Co., Ltd Equipment: JUUKO Industrial Radio Remote Control Vulnerabilities: Authentication Bypass by Capture-replay, Command Injection 2. RISK EVALUATION...
LokiBot Malware
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA with contributions...
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note: the analysis in this joint cybersecurity advisory is ongoing, and the...
Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation
Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK™ and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. Attributing malicious cyber activity that uses network tunneli...
Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT &CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security...
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
Summary The Cybersecurity and Infrastructure Security Agency CISA has consistently observed Chinese Ministry of State Security MSS-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures TTPs to target U.S. Government...
Emotet Malware
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA and the Multi-State...
Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad
Summary The Cybersecurity and Infrastructure Security Agency CISA is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the...
Phishing Emails Used to Deploy KONNI Malware
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency CISA has observed cyber actors using emails containi...
Ransomware Impacting Pipeline Operations
Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK™ framework. See the MITRE ATT&CK for Enterprise and ATT&CK for Industrial Control Systems ICS frameworks for all referenced threat actor techniques and mitigations. The Cybersecurity and...
FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security...
NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems
Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks for all referenced threat actor techniques and mitigations. Over recent months, cyber actors...
Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems
Summary The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI are warning that Iranian advanced persistent threat APT actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public...
B. Braun OnlineSuite
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low and high skill level to exploit Vendor: B. Braun Melsungen AG Equipment: OnlineSuite Vulnerabilities: Relative Path Traversal, Uncontrolled Search Path Element, Improper Neutralization of Formula Elements in a CSV File 2. RISK...
B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low and high skill level to exploit Vendor: B. Braun Melsungen AG Equipment: SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus Vulnerabilities : Cross-site Scripting, Open Redirect, XPath Injection, Session Fixation,...
Potential for China Cyber Response to Heightened U.S.–China Tensions
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note : on October 20, 2020, the National Security Agency NSA released a cybersecurity advisory providing...
Hitachi ABB Power Grids XMC20 Multiservice-Multiplexer
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: XMC20 Multiservice-Multiplexer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
Rockwell Automation 1794-AENT Flex I/O Series B
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: 1794-AENT Flex I/O Series B Vulnerabilities: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being...
Advantech WebAccess/SCADA
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute remote...
Advantech R-SeeNet
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: R-SeeNet Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to retrieve sensitive information from the...
Flexera InstallShield
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Flexera Equipment: InstallShield Vulnerability: Untrusted Search Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow execution of a malicious DLL. 3. TECHNICAL DETAILS 3.1 AFFECTED...
Siemens SIPORT MP
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPORT MP Vulnerability : Use of client-side authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to impersonate...
Fieldcomm Group HART-IP and hipserver
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fieldcomm Group Equipment: HARP-IP Developer kit, hipserver Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being...
LCDS LAquis SCADA
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute...
Siemens Desigo Insight
1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Desigo Insight Vulnerabilities: SQL Injection, Improper Restriction of Rendered UI Layers or Frames, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION...
MOXA NPort IAW5000A-I/O Series
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MOXA Equipment: NPort IAW5000A-I/O Series Vulnerabilities: Session Fixation, Improper Privilege Management, Weak Password Requirements, Cleartext Transmission of Sensitive Information, Improper...
Johnson Controls Sensormatic Electronics American Dynamics victor Web Client and Software House C•CURE Web Client (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Low skill level to exploit Vendor : Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment : American Dynamics victor Web Client Vulnerability : Improper Authorization 2. UPDATE INFORMATION This updated advisory is a follow-up to the...
Rockwell Automation ISaGRAF5 Runtime (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ISaGRAF5 Runtime Vulnerabilities: Use of Hard-coded Cryptographic Key, Unprotected Storage of Credentials, Relative Path Traversal, Uncontrolled Search Path Element,...
Yokogawa WideField3
1. EXECUTIVE SUMMARY CVSS v3 2.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: Main equipment Vulnerability: Buffer Copy Without Checking Size of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could terminate the program abnormally...
ICSA-20-273-01_MB Connect line mbCONNECT24, mymbCONNECT24
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: MB connect line Equipment: mymbCONNECT24, mbCONNECT24 Vulnerabilities: SQL Injection, Cross-site Request Forgery, Command Injection 2. RISK EVALUATION Successful exploitation of these...