Lucene search
K

4255 matches found

ICS
ICS
added 2020/06/09 12:0 a.m.67 views

Siemens SIMATIC, SINAMICS (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC, SINAMICS Vulnerabilities: Uncontrolled Search Path Element, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-161-05...

7.8CVSS8.3AI score0.00433EPSS
Exploits0References11
ICS
ICS
added 2020/06/09 12:0 a.m.70 views

Mitsubishi Electric MELSEC iQ-R Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-161-02 Mitsubishi...

7.8CVSS7.8AI score0.03336EPSS
Exploits0References5
ICS
ICS
added 2020/06/09 12:0 a.m.41 views

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the application being accessed; a buffer...

9.8CVSS10AI score0.02169EPSS
Exploits0References5
ICS
ICS
added 2020/06/02 12:0 a.m.72 views

ABB System 800xA Base

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: System 800xA Base Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges and...

7.8CVSS7.5AI score0.00285EPSS
Exploits0References5
ICS
ICS
added 2020/06/02 12:0 a.m.129 views

ABB Central Licensing System

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Central Licensing System CLS Vulnerabilities: Information Exposure; Improper Restriction of XML External Entity Reference; Uncontrolled Resource Consumption; Permissions, Privilege,...

10CVSS8.1AI score0.02203EPSS
Exploits1References5
ICS
ICS
added 2020/06/02 12:0 a.m.241 views

SWARCO CPU LS4000

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SWARCO TRAFFIC SYSTEMS Equipment: CPU LS4000 Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to the device and disturb...

10CVSS9.7AI score0.01403EPSS
Exploits0References5
ICS
ICS
added 2020/06/02 12:0 a.m.61 views

GE Grid Solutions Reason RT Clocks

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Low skill level to exploit/exploitable remotely Vendor: GE Equipment: Grid Solutions Reason RT Clocks Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to...

9.8CVSS10AI score0.02331EPSS
Exploits0References4
ICS
ICS
added 2020/06/02 12:0 a.m.73 views

ABB System 800xA

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: System 800xA Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, cause system functions to...

7.8CVSS7.1AI score0.00279EPSS
Exploits0References5
ICS
ICS
added 2020/06/02 12:0 a.m.113 views

ABB Multiple System 800xA Products

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: System 800xA Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to make the system node inaccessible or tamper with...

7.8CVSS6.5AI score0.00389EPSS
Exploits0References5
ICS
ICS
added 2020/05/26 12:0 a.m.54 views

Johnson Controls Kantech EntraPass

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: low skill level to exploit Vendor: Kantech, a subsidiary of Johnson Controls Equipment: EntraPass Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could potentially allow an authorized...

8.8CVSS8.1AI score0.00299EPSS
Exploits0References5
ICS
ICS
added 2020/05/26 12:0 a.m.98 views

Inductive Automation Ignition (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition Vulnerabilities: Missing Authentication for Critical Function, Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up...

7.5CVSS7.8AI score0.20208EPSS
Exploits4References5
ICS
ICS
added 2020/05/21 12:0 p.m.94 views

Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

Summary Note: As of January 24, 2020, Citrix has released all expected updates in response to CVE-2019-19781.1 On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller ADC and Citrix Gateway versions 11.1 and 12.0. On January 22, 2020, Citrix released...

9.8CVSS9.9AI score0.99999EPSS
Exploits48References60
ICS
ICS
added 2020/05/21 12:0 p.m.153 views

Detecting Citrix CVE-2019-19781

Summary Unknown cyber network exploitation CNE actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.1 Though mitigations were released on the same day Citrix announced CVE-2019-19781,...

9.8CVSS10AI score0.99999EPSS
Exploits48References46
ICS
ICS
added 2020/05/21 12:0 a.m.70 views

Johnson Controls Software House C-CURE 9000 and American Dynamics victor VMS

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Software House C•CURE 9000 and American Dynamics victor Video Management System Vulnerability: Cleartext Storage of...

9.9CVSS7.7AI score0.0099EPSS
Exploits0References5
ICS
ICS
added 2020/05/21 12:0 a.m.155 views

Schneider Electric EcoStruxure Operator Terminal Expert

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Schneider Electric Equipment: EcoStruxure Operator Terminal Expert Vulnerabilities: SQL Injection, Path Traversal, Argument Injection 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS8.2AI score0.02289EPSS
Exploits0References5
ICS
ICS
added 2020/05/19 12:0 a.m.98 views

Rockwell Automation EDS Subsystem

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable from adjacent network/low skill level to exploit Vendor: Rockwell Automation Equipment: EDS Subsystem Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, SQL Injection 2. RISK EVALUATION Successful...

8.2CVSS7.4AI score0.02511EPSS
Exploits1References5
ICS
ICS
added 2020/05/19 12:0 a.m.134 views

Emerson OpenEnterprise

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: OpenEnterprise SCADA Software Vulnerabilities: Missing Authentication for Critical Function, Improper Ownership Management, Inadequate Encryption Strength 2. RISK EVALUATION...

10CVSS8AI score0.02992EPSS
Exploits0References5
ICS
ICS
added 2020/05/14 12:0 a.m.68 views

Opto 22 SoftPAC Project

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Opto 22 Equipment: SoftPAC Project Vulnerabilities: External Control of File Name or Path, Improper Verification of Cryptographic Signature, Improper Access Control, Uncontrolled Search Path...

9.8CVSS8.6AI score0.01746EPSS
Exploits0References5
ICS
ICS
added 2020/05/14 12:0 a.m.101 views

Emerson WirelessHART Gateway

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: Emerson WirelessHART Gateways 1410, 1420 and 1552WU Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could disable the...

10CVSS9.8AI score0.01054EPSS
Exploits0References5
ICS
ICS
added 2020/05/12 12:0 p.m.71 views

Top 10 Routinely Exploited Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patchi...

10CVSS10AI score0.99999EPSS
Exploits337References61
ICS
ICS
added 2020/05/12 12:0 a.m.51 views

Eaton Intelligent Power Manager

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Eaton Equipment: Intelligent Power Manager Vulnerabilities: Improper Input Validation, Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

8.8CVSS8.8AI score0.02147EPSS
Exploits0References5
ICS
ICS
added 2020/05/12 12:0 a.m.242 views

OSIsoft PI System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI System Vulnerabilities: Uncontrolled Search Path Element, Improper Verification of Cryptographic Signature, Incorrect Default Permissions, Uncaught Exception, Null Pointer...

7.8CVSS8.2AI score0.87218EPSS
Exploits5References4
ICS
ICS
added 2020/05/07 12:0 a.m.93 views

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerabilities: Improper Validation of Array Index, Relative Path Traversal, SQL Injection, Stack-based Buffer Overflow, Heap-based Buffer Overflow,...

9.8CVSS10AI score0.09076EPSS
Exploits0References5
ICS
ICS
added 2020/05/05 12:0 a.m.66 views

SAE IT-systems FW-50 Remote Telemetry Unit (RTU)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SAE IT-systems Equipment: FW-50 Remote Telemetry Unit RTU Vulnerabilities: Cross-site Scripting, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...

9.1CVSS0.01406EPSS
Exploits0References35
ICS
ICS
added 2020/05/05 12:0 a.m.59 views

Fazecast jSerialComm

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fazecast Equipment: jSerialComm Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary code on a...

7.8CVSS1.2AI score0.00479EPSS
Exploits0References31
ICS
ICS
added 2020/05/05 12:0 a.m.158 views

Fazecast jSerialComm

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fazecast Equipment: jSerialComm Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary code on a...

7.8CVSS7.9AI score0.00479EPSS
Exploits0References8
ICS
ICS
added 2020/05/05 12:0 a.m.90 views

SAE IT-systems FW-50 Remote Telemetry Unit (RTU)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SAE IT-systems Equipment: FW-50 Remote Telemetry Unit RTU Vulnerabilities: Cross-site Scripting, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...

9.1CVSS7.8AI score0.01406EPSS
Exploits0References8
ICS
ICS
added 2020/04/29 12:0 p.m.21 views

Microsoft Office 365 Security Recommendations

Summary As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 O365 and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully...

9.3AI score
Exploits0References36
ICS
ICS
added 2020/04/28 12:0 a.m.48 views

LCDS LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Improper Input Validation 2. RISK EVALUATION Successful...

7.8CVSS6.5AI score0.00832EPSS
Exploits0References5
ICS
ICS
added 2020/04/21 12:0 a.m.62 views

Inductive Automation Ignition

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition 8 Gateway Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write endless...

7.5CVSS7.8AI score0.01278EPSS
Exploits0References5
ICS
ICS
added 2020/04/15 12:0 p.m.62 views

Continued Exploitation of Pulse Secure VPN Vulnerability

Summary Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix an arbitrary file reading vulnerability, known as CVE-2019-11510, can become compromised in an attack. 1 Although Pulse Secur...

10CVSS9.9AI score0.99999EPSS
Exploits22References31
ICS
ICS
added 2020/04/15 12:0 p.m.40 views

Enterprise VPN Security

Summary As organizations prepare for possible impacts of Coronavirus Disease 2019 COVID-19, many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network VPN solution to connect employees to an organization’s...

9.8AI score
Exploits0References30
ICS
ICS
added 2020/04/14 12:0 a.m.73 views

Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update D)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS7.7AI score0.015EPSS
Exploits0References10
ICS
ICS
added 2020/04/14 12:0 a.m.81 views

Siemens SCALANCE and SIMATIC (Update H)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE, SIMATIC Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-105-07 Siemens SCALANCE & SIMATIC...

7.5CVSS7.7AI score0.01327EPSS
Exploits0References12
ICS
ICS
added 2020/04/14 12:0 a.m.80 views

Eaton HMiSoft VU3

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Eaton Equipment: HMiSoft VU3 HMIVU3 runtime not impacted Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being...

7.8CVSS7.7AI score0.00832EPSS
Exploits0References5
ICS
ICS
added 2020/04/14 12:0 a.m.45 views

Siemens TIM 3V-IE and 4R-IE Family Devices

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: TIM 3V-IE and 4R-IE Family Devices Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker with network access to gain full...

9.8CVSS9.8AI score0.01116EPSS
Exploits0References9
ICS
ICS
added 2020/04/14 12:0 a.m.99 views

Triangle MicroWorks DNP3 Outstation Libraries

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Triangle MicroWorks Equipment: DNP3 Outstation Libraries Vulnerability: Stacked-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could possibly allow remote...

9.8CVSS10AI score0.01349EPSS
Exploits0References5
ICS
ICS
added 2020/04/14 12:0 a.m.129 views

Siemens RUGGEDCOM, SCALANCE, SIMATIC, SINEMA (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment : RUGGEDCOM, SCALANCE, SIMATIC, SINEMA Vulnerabilities: Uncontrolled Resource Consumption, Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to...

7.8CVSS8.4AI score0.7354EPSS
Exploits0References9
ICS
ICS
added 2020/04/14 12:0 a.m.82 views

Siemens Climatix (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Climatix Vulnerability: Cross-site Scripting, Basic XSS 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-105-04 Siemens Climatix...

6.1CVSS7.2AI score0.00645EPSS
Exploits0References9
ICS
ICS
added 2020/04/14 12:0 a.m.70 views

Triangle MicroWorks SCADA Data Gateway

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Triangle MicroWorks Equipment : SCADA Data Gateway Vulnerabilities : Stacked-based Buffer Overflow, Out-of-Bounds Read, Type Confusion 2. RISK EVALUATION These vulnerabilities allow remote...

9.8CVSS8.7AI score0.05226EPSS
Exploits0References5
ICS
ICS
added 2020/04/14 12:0 a.m.61 views

Siemens SIMOTICS, Desigo, APOGEE, and TALON

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: Siemens Equipment: SIMOTICS, Desigo, APOGEE, and TALON Vulnerability: Business Logic Errors 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

7.1CVSS7.1AI score0.00715EPSS
Exploits0References10
ICS
ICS
added 2020/04/09 12:0 a.m.58 views

Rockwell Automation RSLinx Classic

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: RSLinx Classic Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local authenticated...

7.8CVSS7.9AI score0.00445EPSS
Exploits0References5
ICS
ICS
added 2020/04/08 12:0 p.m.53 views

COVID-19 Exploited by Malicious Cyber Actors

Summary This is a joint alert from the United States Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA and the United Kingdom’s National Cyber Security Centre NCSC. This alert provides information on exploitation by cybercriminal and advanced persistent...

9.8CVSS9.8AI score0.99999EPSS
Exploits48References73
ICS
ICS
added 2020/04/07 12:0 a.m.141 views

ICSA-20-098-05_KUKA.Sim Pro

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: KUKA Equipment: Sim Pro Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel 2. RISK EVALUATION Successful exploitation of this vulnerability...

4.3CVSS5.1AI score0.00337EPSS
Exploits0References2
ICS
ICS
added 2020/04/07 12:0 a.m.75 views

Fuji Electric V-Server Lite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to gain elevated...

7.8CVSS8.2AI score0.00805EPSS
Exploits0References5
ICS
ICS
added 2020/04/07 12:0 a.m.101 views

HMS Networks eWON Flexy and Cosy

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely Vendor: HMS Networks Equipment: eWON Flexy and Cosy Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could initiate a password change. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

6.1CVSS6.5AI score0.00687EPSS
Exploits0References5
ICS
ICS
added 2020/04/07 12:0 a.m.108 views

Advantech WebAccess/NMS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/NMS Vulnerabilities: Unrestricted Upload of File with Dangerous Type, SQL Injection, Relative Path Traversal, Missing Authentication for Critical Function, Improper...

10CVSS9.3AI score0.14327EPSS
Exploits0References5
ICS
ICS
added 2020/04/07 12:0 a.m.73 views

GE Digital CIMPLICITY

1. EXECUTIVE SUMMARY CVSS v3 6.0 ATTENTION: Low skill level to exploit Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an adversary to modify the systemwide CIMPLICITY configuration,...

6.7CVSS7AI score0.00392EPSS
Exploits0References5
ICS
ICS
added 2020/04/02 12:0 a.m.106 views

B&R Automation Studio

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Automation Equipment: Automation Studio Vulnerabilities: Improper Privilege Management, Missing Required Cryptographic Step, Path Traversal 2. RISK EVALUATION Successful exploitation of these...

7.5CVSS7.4AI score0.01246EPSS
Exploits0References5
ICS
ICS
added 2020/03/31 12:0 a.m.93 views

Hirschmann Automation and Control HiOS and HiSecOS Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hirschmann Automation and Control GmbH, a division of Belden Inc. Equipment: HiOS, HiSecOS Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability...

9.8CVSS10AI score0.01606EPSS
Exploits0References5
Total number of security vulnerabilities4255