Lucene search
K

4255 matches found

ICS
ICS
added 2020/07/24 12:0 p.m.85 views

Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. F5 released a patch for CVE-2020-5902 on June 30, 2020.1 Unpatched F5 BIG-IP...

10CVSS10AI score0.99999EPSS
Exploits60References22
ICS
ICS
added 2020/07/23 12:0 a.m.299 views

Schneider Electric Triconex TriStation and Tricon Communication Module

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Triconex TriStation and Triconex Tricon Communication Module Vulnerabilities: Cleartext Transmission of Sensitive Information, Uncontrolled Resource Consumption,...

9.8CVSS8.3AI score0.01813EPSS
Exploits0References4
ICS
ICS
added 2020/07/14 12:0 a.m.59 views

Capsule Technologies SmartLinx Neuron 2 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Capsule Technologies Equipment: SmartLinx Neuron 2 Vulnerability: Protection Mechanism Failure 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

7.6CVSS7.3AI score0.00472EPSS
Exploits0References4
ICS
ICS
added 2020/07/14 12:0 a.m.37 views

Siemens LOGO! Web Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Web Server Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS...

9.8CVSS10AI score0.09071EPSS
Exploits1References9
ICS
ICS
added 2020/07/14 12:0 a.m.46 views

Siemens SIMATIC S7-200 SMART CPU Family

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-200 SMART CPU family Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause...

7.5CVSS7.7AI score0.01044EPSS
Exploits0References5
ICS
ICS
added 2020/07/14 12:0 a.m.74 views

Siemens SIMATIC HMI Panels

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC HMI Panels Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

6.5CVSS6.6AI score0.00332EPSS
Exploits0References9
ICS
ICS
added 2020/07/14 12:0 a.m.64 views

Moxa EDR-G902 and EDR-G903 Series Routers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDR-G902 and EDR-G903 Series Routers Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being...

9.8CVSS10AI score0.01355EPSS
Exploits0References5
ICS
ICS
added 2020/07/14 12:0 a.m.50 views

Siemens Opcenter Execution Core (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Opcenter Execution Core --------- Begin Update B Part 1 of 5 --------- Vulnerabilities: Cross-site Scripting, SQL Injection, Improper Access Control, Insufficiently Protected...

8.1CVSS8.2AI score0.01219EPSS
Exploits0References9
ICS
ICS
added 2020/07/14 12:0 a.m.108 views

Siemens UMC Stack (Update H)

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: UMC Stack Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a...

8.2CVSS7.5AI score0.02484EPSS
Exploits0References11
ICS
ICS
added 2020/07/14 12:0 a.m.61 views

Advantech iView

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Path Traversal, Command Injection, Improper Input Validation, Missing Authentication for Critical Function, Improper Access Control 2...

9.8CVSS10AI score0.07018EPSS
Exploits0References5
ICS
ICS
added 2020/07/14 12:0 a.m.98 views

Siemens SICAM MMU, SICAM T, and SICAM SGU

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM MMU, SICAM T and SICAM SGU Vulnerabilities: Out-of-bounds Read, Missing Authentication for Critical Function, Missing Encryption of Sensitive Data, Use of Password Hash wit...

9.8CVSS9.5AI score0.01889EPSS
Exploits0References9
ICS
ICS
added 2020/07/13 12:0 p.m.75 views

Critical Vulnerability in SAP NetWeaver AS Java

Summary On July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server AS Java component LM Configuration Wizard. An unauthenticated attacker can exploit this vulnerability through the Hypertext Transfer...

10CVSS10AI score0.94719EPSS
Exploits6References29
ICS
ICS
added 2020/07/09 12:0 a.m.55 views

Rockwell Automation Logix Designer Studio 5000

1. EXECUTIVE SUMMARY CVSS v3 3.6 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: Logix Designer Studio 5000 Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

4.3CVSS4.2AI score0.01545EPSS
Exploits0References5
ICS
ICS
added 2020/07/09 12:0 a.m.61 views

Phoenix Contact Automation Worx Software Suite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation could allow an attacker to execute arbitrary code...

7.8CVSS8.4AI score0.14668EPSS
Exploits0References5
ICS
ICS
added 2020/07/07 12:0 a.m.55 views

Grundfos CIM 500

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Grundfos Pumps Corporation Equipment: CIM 500 Vulnerabilities: Missing Authentication for Critical Function, Unprotected Storage of Credentials 2. RISK EVALUATION Successful exploitation of these...

7.5CVSS8.2AI score0.01519EPSS
Exploits0References5
ICS
ICS
added 2020/07/07 12:0 a.m.96 views

Mitsubishi Electric GOT2000 Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: GOT2000 Series Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation, NULL Pointer Dereference, Improper Access...

10CVSS8.8AI score0.03489EPSS
Exploits1References5
ICS
ICS
added 2020/07/02 12:0 a.m.246 views

OpenClinic GA (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: OpenClinic GA is a product of open-source collaboration on Source Forge Equipment: OpenClinic GA Vulnerabilities: Authentication Bypass Using an Alternate Path or...

9.8CVSS9.6AI score0.02545EPSS
Exploits0References5
ICS
ICS
added 2020/07/02 12:0 a.m.45 views

ABB System 800xA Information Manager

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: System 800xA Information Manager Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject and execute...

8.8CVSS9.2AI score0.01669EPSS
Exploits0References5
ICS
ICS
added 2020/07/02 12:0 a.m.58 views

Nortek Linear eMerge 50P/5000P

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Nortek Equipment: Linear eMerge 50P/5000P Vulnerabilities: Path Traversal, Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Improper Authentication...

10CVSS10AI score0.40005EPSS
Exploits7References5
ICS
ICS
added 2020/06/30 12:0 p.m.19 views

EINSTEIN Data Trends – 30-day Lookback

Summary Cybersecurity and Infrastructure Security Agency CISA analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System IDS, known as EINSTEIN. This information is meant to give the reader a closer look into...

9.6AI score
Exploits0References37
ICS
ICS
added 2020/06/30 12:0 p.m.51 views

Publicly Available Tools Seen in Cyber Incidents Worldwide

Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.12345 In it we highlight the use of five publicly available tools, which have been used for malicious purposes in...

10CVSS9.6AI score0.90597EPSS
Exploits6References73
ICS
ICS
added 2020/06/30 12:0 p.m.79 views

Dridex Malware

Summary This Alert is the result of recent collaboration between the Department of the Treasury Financial Sector Cyber Information Group CIG and the Department of the Treasury’s Financial Crimes Enforcement Network FinCEN to identify and share information with the financial services sector...

9.3CVSS9AI score0.99933EPSS
Exploits29References44
ICS
ICS
added 2020/06/30 12:0 a.m.185 views

Mitsubishi Electric Factory Automation Engineering Software Products

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: Factory Automation Engineering Software Products Vulnerabilities: Improper Restriction of XML External Entity Reference and Uncontrolled Resource Consumption 2. RISK...

7.5CVSS8.1AI score0.01431EPSS
Exploits0References5
ICS
ICS
added 2020/06/30 12:0 a.m.62 views

Delta Industrial Automation DOPSoft (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: Delta Industrial Automation DOPSoft Vulnerabilities: Out-of-bounds Read, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

7.8CVSS8.3AI score0.02591EPSS
Exploits0References5
ICS
ICS
added 2020/06/25 12:0 a.m.53 views

Rockwell Automation FactoryTalk Services Platform XXE

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Services Platform Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a...

7.1CVSS7.2AI score0.00331EPSS
Exploits0References5
ICS
ICS
added 2020/06/25 12:0 a.m.79 views

Rockwell Automation FactoryTalk View SE

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk View SE Vulnerabilities: Cleartext Storage of Sensitive Information, Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead...

7.8CVSS6.9AI score0.00269EPSS
Exploits0References5
ICS
ICS
added 2020/06/25 12:0 a.m.100 views

ENTTEC Lighting Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: ENTTEC Equipment: Datagate Mk2, Storm 24, Pixelator, E-Streamer Mk2 Vulnerabilities: Use of Hard-coded Cryptographic Key, Cross-site Scripting, Improper Access Control...

10CVSS8.5AI score0.02016EPSS
Exploits4References5
ICS
ICS
added 2020/06/25 12:0 a.m.47 views

Philips Ultrasound Systems

1. EXECUTIVE SUMMARY CVSS v3 3.6 Vendor: Philips Equipment : Ultrasound ClearVue, Ultrasound CX, Ultrasound EPIQ/Affiniti, Ultrasound Sparq, Ultrasound Xperius Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability...

4.4CVSS4.8AI score0.00286EPSS
Exploits0References5
ICS
ICS
added 2020/06/23 12:0 p.m.28 views

Guidance on the North Korean Cyber Threat

Summary The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public. The advisory highlights th...

9.4AI score
Exploits0References65
ICS
ICS
added 2020/06/23 12:0 a.m.61 views

ABB Device Library Wizard

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: Device Library Wizard Vulnerability: Insecure Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-level user to escalate privileges and...

7.8CVSS6.2AI score0.00319EPSS
Exploits0References5
ICS
ICS
added 2020/06/23 12:0 a.m.42 views

Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L and FX Series CPU Modules (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

9.8CVSS9.5AI score0.01296EPSS
Exploits0References5
ICS
ICS
added 2020/06/23 12:0 a.m.68 views

Honeywell ControlEdge PLC and RTU

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Honeywell Equipment: ControlEdge PLC and RTU Vulnerabilities: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

7.5CVSS7.9AI score0.00743EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.37 views

Baxter PrismaFlex and PrisMax (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: PrismaFlex and PrisMax Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Authentication, Use of Hard-Coded Password 2. UPDATE INFORMATION This updated...

7.5CVSS7.2AI score0.00496EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.62 views

BIOTRONIK CardioMessenger II

1. EXECUTIVE SUMMARY CVSS v3 4.6 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: BIOTRONIK Equipment: CardioMessenger II-S T-Line, CardioMessenger II-S GSM Vulnerabilities: Improper Authentication, Cleartext Transmission of Sensitive Information, Missing Encryption...

4.6CVSS5.4AI score0.00464EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.28 views

Mitsubishi Electric MC Works64, MC Works32

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MC Works64, MC Works32 Vulnerabilities: Out-of-bounds Write, Deserialization of Untrusted Data, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...

9.8CVSS9.8AI score0.29194EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.59 views

BD Alaris PCU (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: Alaris PCU Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

7.5CVSS7.2AI score0.9166EPSS
Exploits1References5
ICS
ICS
added 2020/06/18 12:0 a.m.38 views

Baxter Phoenix Hemodialysis Delivery System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: Phoenix Hemodialysis Delivery System Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

7.5CVSS7.6AI score0.00452EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.150 views

Baxter ExactaMix (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: Baxter ExactaMix EM 2400 & EM 1200 Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Missing Encryption of Sensitive Data, Improper Access...

10CVSS9.3AI score0.93307EPSS
Exploits47References5
ICS
ICS
added 2020/06/18 12:0 a.m.40 views

Rockwell Automation FactoryTalk Services Platform

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level. Vendor: Rockwell Automation Equipment: FactoryTalk Services Platform Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker...

8.8CVSS9.2AI score0.01099EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.35 views

Johnson Controls exacqVision (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Exacq Technologies, a subsidiary of Johnson Controls Equipment: exacqVision Vulnerability: Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

9CVSS6.9AI score0.0777EPSS
Exploits1References5
ICS
ICS
added 2020/06/18 12:0 a.m.66 views

Rockwell Automation FactoryTalk View SE

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk View SE Vulnerabilities: Improper Input Validation, Improper Restriction of Operations Within The Bounds of a Memory Buffer, Permissions, Privileges, and...

9CVSS7.8AI score0.53033EPSS
Exploits5References5
ICS
ICS
added 2020/06/18 12:0 a.m.37 views

ICONICS GENESIS64, GENESIS32

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely Vendor: ICONICS Equipment: GENESIS64, GENESIS32 Vulnerabilities: Out-of-Bounds Write, Deserialization of Untrusted Data, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code...

9.8CVSS9.8AI score0.29194EPSS
Exploits0References5
ICS
ICS
added 2020/06/18 12:0 a.m.131 views

Baxter Sigma Spectrum Infusion Pumps (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Sigma Spectrum Infusion Pumps Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Operation on...

9.8CVSS7.9AI score0.02081EPSS
Exploits1References5
ICS
ICS
added 2020/06/16 6:0 a.m.392 views

Treck TCP/IP (Update I)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Treck Inc. Equipment : TCP/IP Vulnerabilities : Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or...

10CVSS8.3AI score0.36965EPSS
Exploits14References10
ICS
ICS
added 2020/06/11 12:0 a.m.53 views

OSIsoft PI Web API 2019

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: OSIsoft Equipment: PI Web API 2019 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote authenticated attacker with write access to a PI Server to trick a...

9CVSS9.1AI score0.0157EPSS
Exploits0References5
ICS
ICS
added 2020/06/11 12:0 a.m.40 views

Philips IntelliBridge Enterprise IBE

1. EXECUTIVE SUMMARY CVSS v3 2.0 Vendor: Philips Equipment: IntelliBridge Enterprise IBE Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access credentials to the hospital’s clinical...

4.5CVSS4.8AI score0.00521EPSS
Exploits0References5
ICS
ICS
added 2020/06/11 12:0 a.m.77 views

Rockwell Automation FactoryTalk Linx Software (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Linx Software Vulnerabilities: Improper Input Validation, Path Traversal, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful...

9.8CVSS8.7AI score0.11503EPSS
Exploits0References4
ICS
ICS
added 2020/06/09 12:0 a.m.37 views

Siemens LOGO! (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Vulnerability: Missing Authentication for Critical Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-161-03...

9.1CVSS9.3AI score0.0199EPSS
Exploits0References9
ICS
ICS
added 2020/06/09 12:0 a.m.70 views

Mitsubishi Electric MELSEC iQ-R Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-161-02 Mitsubishi...

7.8CVSS7.8AI score0.03336EPSS
Exploits0References5
ICS
ICS
added 2020/06/09 12:0 a.m.97 views

Siemens SINUMERIK

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINUMERIK Vulnerabilities: Buffer Underflow, Heap-based Buffer Overflow, Improper Initialization, Out-of-bounds Read, Stack-based Buffer Overflow, Access of Memory Location After...

9.8CVSS10AI score0.05722EPSS
Exploits0References9
Total number of security vulnerabilities4255