Lucene search
K

4255 matches found

ICS
ICS
added 2019/10/31 12:0 a.m.83 views

Honeywell equIP Series IP Cameras

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: equIP series IP cameras Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in denial-of-service conditions...

7.5CVSS7.7AI score0.02066EPSS
Exploits0References4
ICS
ICS
added 2019/10/31 12:0 a.m.60 views

Advantech WISE-PaaS/RMM

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WISE-PaaS/RMM Vulnerabilities: Path Traversal, Missing Authorization, Improper Restriction of XML External Entity Reference, SQL Injection 2. RISK EVALUATION Successful...

10CVSS8.7AI score0.04907EPSS
Exploits0References5
ICS
ICS
added 2019/10/29 12:0 a.m.118 views

PHOENIX CONTACT Automation Worx Software Suite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the availability, integrity, or...

7.8CVSS7.8AI score0.03306EPSS
Exploits0References5
ICS
ICS
added 2019/10/24 12:0 a.m.123 views

Philips IntelliSpace Perinatal

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: IntelliSpace Perinatal Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker unauthorized access to system...

7.2CVSS6.8AI score0.00404EPSS
Exploits0References5
ICS
ICS
added 2019/10/24 12:0 a.m.91 views

Honeywell IP-AK2

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: IP-AK2 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to download...

5.3CVSS5.5AI score0.0125EPSS
Exploits0References4
ICS
ICS
added 2019/10/24 12:0 a.m.159 views

Rittal Chiller SK 3232-Series

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rittal Equipment: Rittal Chiller SK 3232-Series Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these...

10CVSS9.3AI score0.0182EPSS
Exploits2References5
ICS
ICS
added 2019/10/22 12:0 a.m.105 views

ICSA-19-295-01_Schneider Electric ProClima

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Proclima Vulnerabilities: Code Injection, Improper Restriction of Operations within the Bounds of a Memory Buffer, Uncontrolled Search Path Element 2. RISK EVALUATION...

10CVSS9.9AI score0.04953EPSS
Exploits0References2
ICS
ICS
added 2019/10/18 12:0 p.m.63 views

Microsoft Ending Support for Windows 7 and Windows Server 2008 R2

Summary Note : This alert does not apply to federally certified voting systems running Windows 7. Microsoft will continue to provide free security updates to those systems through the 2020 election. See Microsoft’s article, Extending free Windows 7 security updates to voting systems, for more...

9.6AI score
Exploits0References26
ICS
ICS
added 2019/10/17 12:0 a.m.249 views

AVEVA Vijeo Citect and Citect SCADA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit --------- Begin Update A Part 1 of 5 --------- Vendor: AVEVA and Schneider Electric Equipment: AVEVA’s Vijeo Citect and Citect SCADA; Schneider Electric’s Power SCADA Operation --------- End Update A Part...

7.5CVSS8AI score0.01297EPSS
Exploits0References5
ICS
ICS
added 2019/10/17 12:0 a.m.128 views

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Improper Input Validation, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed, which may...

7.8CVSS8.4AI score0.01939EPSS
Exploits0References5
ICS
ICS
added 2019/10/10 12:0 p.m.69 views

Siemens Industrial Products Local Privilege Escalation Vulnerability (Update I)

1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: Exploitable locally Vendor: Siemens Equipment: Industrial Products Vulnerability: Improper privilege management 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-16-313-02 Siemens Industrial Products Local...

6.9CVSS7AI score0.00378EPSS
Exploits0References55
ICS
ICS
added 2019/10/08 12:0 a.m.163 views

Siemens PROFINET Devices (Update K)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS7.7AI score0.02065EPSS
Exploits0References12
ICS
ICS
added 2019/10/08 12:0 a.m.74 views

ICSA-19-281-04 Siemens SIMATIC IT UADM

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC IT Unified Architecture Discrete Manufacturing UADM Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability...

6.5CVSS6.9AI score0.01273EPSS
Exploits0References9
ICS
ICS
added 2019/10/08 12:0 a.m.162 views

GE Mark VIe Controller

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe Controller Vulnerabilities: Improper Authorization, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create...

8.8CVSS8.8AI score0.0096EPSS
Exploits0References5
ICS
ICS
added 2019/10/08 12:0 a.m.194 views

Siemens Industrial Real-Time (IRT) Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS7.7AI score0.01401EPSS
Exploits0References10
ICS
ICS
added 2019/10/08 12:0 a.m.108 views

Siemens SIMATIC WinAC RTX (F) 2010 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinAC RTX F 2010 --------- Begin Update A Part 1 of 4 --------- Vulnerability: Insufficient Resource Pool --------- End Update A Part 1 of 4 --------- 2. UPDATE...

7.5CVSS7.8AI score0.01367EPSS
Exploits0References9
ICS
ICS
added 2019/10/08 12:0 a.m.93 views

SMA Solar Technology AG Sunny WebBox

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to generate a...

8.8CVSS8.9AI score0.0223EPSS
Exploits4References5
ICS
ICS
added 2019/10/01 6:0 a.m.202 views

Interpeak IPnet TCP/IP Stack (Update E)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment : OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and...

9.8CVSS9.3AI score0.84177EPSS
Exploits7References10
ICS
ICS
added 2019/10/01 12:0 a.m.337 views

Interpeak IPnet TCP/IP Stack (Update D)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by...

9.8CVSS9.7AI score0.84177EPSS
Exploits5References5
ICS
ICS
added 2019/10/01 12:0 a.m.80 views

Yokogawa Products

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low skill level to exploit Vendor: Yokogawa Equipment: Exaopc, Exaplog, Exaquantum, Exasmoc, Exarqe, GA10, and InsightSuiteAE Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

7.8CVSS7.8AI score0.0126EPSS
Exploits0References5
ICS
ICS
added 2019/10/01 12:0 a.m.97 views

Moxa EDR 810 Series

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDR 810 Vulnerabilities: Improper Input Validation, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution or...

7.2CVSS6.9AI score0.08747EPSS
Exploits5References5
ICS
ICS
added 2019/09/19 12:0 a.m.164 views

Tridium Niagara

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Tridium Equipment: Niagara Vulnerabilities: Information Exposure, Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local user to escalate their privileges. 3...

7.8CVSS5.9AI score0.00354EPSS
Exploits0References4
ICS
ICS
added 2019/09/17 12:0 a.m.196 views

Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Advantech Equipment : WebAccess Vulnerabilities : Code Injection, Command Injection, Stack-based Buffer Overflow, Improper Authorization 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS10AI score0.02863EPSS
Exploits0References5
ICS
ICS
added 2019/09/17 12:0 a.m.131 views

Honeywell Performance IP Cameras and Performance NVRs

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: Performance IP Cameras and Performance NVRs Vulnerability: Information Exposure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to view...

5.3CVSS5.7AI score0.0183EPSS
Exploits0References5
ICS
ICS
added 2019/09/12 12:0 a.m.93 views

Philips IntelliVue WLAN

1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Philips Equipment: IntelliVue M3002A X2 MMS Transport Monitor/Module and IntelliVue MP monitors MP2/X2, MP5, MP20-MP90, MX600, MX700 and MX800 Vulnerabilities: Use of Hard-coded Password, Download of Code Without Integrity Check 2. RISK EVALUATION...

7.2CVSS8AI score0.01358EPSS
Exploits0References5
ICS
ICS
added 2019/09/12 12:0 a.m.93 views

3S-Smart Software Solutions GmbH CODESYS V3 Products Containing a CODESYS Communication Server

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 products containing a CODESYS communication server Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this...

7.5CVSS7.7AI score0.01696EPSS
Exploits0References4
ICS
ICS
added 2019/09/12 12:0 a.m.107 views

3S-Smart Software Solutions GmbH CODESYS Control V3 OPC UA Server

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Control V3 OPC UA Server Vulnerability: NULL Pointer Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

6.5CVSS6.6AI score0.01365EPSS
Exploits0References4
ICS
ICS
added 2019/09/12 12:0 a.m.78 views

3S-Smart Software Solutions GmbH CODESYS V3 Web Server

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 web server Vulnerabilities: Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

9.8CVSS9.4AI score0.05858EPSS
Exploits0References4
ICS
ICS
added 2019/09/12 12:0 a.m.94 views

3S-Smart Software Solutions GmbH CODESYS Control V3 Online User Management

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Control V3 online user management Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation...

8.8CVSS8.7AI score0.0186EPSS
Exploits0References4
ICS
ICS
added 2019/09/12 12:0 a.m.93 views

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 Library Manager Vulnerability: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-255-02...

8.6CVSS8.5AI score0.00855EPSS
Exploits0References4
ICS
ICS
added 2019/09/10 12:0 a.m.120 views

ICSA-19-260-02 Siemens SINEMA Remote Connect Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Information Exposure, Cross-Site Request Forgery, Use of Password Hash with Insufficient...

9.8CVSS6.6AI score0.01514EPSS
Exploits0References9
ICS
ICS
added 2019/09/10 12:0 a.m.213 views

OSIsoft PI SQL Client

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: OSIsoft LLC Equipment: OSIsoft PI SQL Client Vulnerability: Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution or cause a denial of service,...

8.1CVSS8.8AI score0.21894EPSS
Exploits2References5
ICS
ICS
added 2019/09/10 12:0 a.m.67 views

ICSA-19-253-02 Siemens SINETPLAN

1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: Siemens Network Planner SINETPLAN Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure, code execution, and...

7.8CVSS7.9AI score0.00897EPSS
Exploits1References9
ICS
ICS
added 2019/09/10 12:0 a.m.87 views

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: TPEditor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...

7.8CVSS8.5AI score0.01906EPSS
Exploits0References5
ICS
ICS
added 2019/09/10 12:0 a.m.84 views

ICSA-19-253-05 Siemens SIMATIC TDC CP51M1

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC TDC CP51M1 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could create a denial-of-service condition within UDP...

7.5CVSS7.7AI score0.01461EPSS
Exploits0References9
ICS
ICS
added 2019/09/10 12:0 a.m.74 views

ICSA-19-253-04 Siemens IE-WSN-PA Link WirelessHART Gateway

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: IE/WSN-PA Link WirelessHART Gateway Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure, code execution, or...

9.6CVSS9.1AI score0.0112EPSS
Exploits0References9
ICS
ICS
added 2019/09/10 12:0 a.m.529 views

ICSA-19-253-03_Siemens Industrial Products (Update P)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION...

8.6AI score
Exploits0References2
ICS
ICS
added 2019/09/05 12:0 a.m.71 views

BD Pyxis (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: Pyxis Vulnerability: Session Fixation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-248-01 BD Pyxis...

8.8CVSS8.8AI score0.01288EPSS
Exploits0References5
ICS
ICS
added 2019/09/05 12:0 a.m.102 views

Red Lion Controls Crimson

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Controls Equipment: Crimson Windows configuration software Vulnerabilities: Use After Free, Improper Restriction of Operations within the Bounds of a Memory Buffer, Pointer Issues, Use of...

7.8CVSS7.8AI score0.0133EPSS
Exploits0References5
ICS
ICS
added 2019/09/03 12:0 a.m.75 views

EZAutomation EZ PLC Editor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: EZAutomation Equipment: EZ PLC Editor Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

7.8CVSS7.8AI score0.01367EPSS
Exploits0References5
ICS
ICS
added 2019/09/03 12:0 a.m.75 views

EZAutomation EZ Touch Editor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: EZAutomation Equipment: EZ Touch Editor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the...

7.8CVSS8AI score0.01442EPSS
Exploits0References6
ICS
ICS
added 2019/08/29 12:0 a.m.71 views

Philips HDI 4000 Ultrasound

1. EXECUTIVE SUMMARY CVSS v3 3.0 ATTENTION: Public exploits are available/exploitable from within the same local subnet Vendor: Philips Equipment: HDI 4000 Ultrasound Systems Vulnerability: Use of Obsolete Function 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to...

3.6CVSS4.1AI score0.00344EPSS
Exploits0References5
ICS
ICS
added 2019/08/29 12:0 a.m.95 views

Change Healthcare McKesson and Horizon Cardiology

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Change Healthcare Equipment: Change Healthcare Cardiology, Horizon Cardiology, McKesson Cardiology Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.8CVSS8AI score0.00328EPSS
Exploits0References5
ICS
ICS
added 2019/08/27 12:0 a.m.82 views

Datalogic AV7000 Linear Barcode Scanner

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Datalogic Equipment: AV7000 Linear Barcode Scanner Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could...

8.8CVSS9.4AI score0.02365EPSS
Exploits0References5
ICS
ICS
added 2019/08/27 12:0 a.m.120 views

Delta Controls enteliBUS Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Controls Equipment: enteliBUS Controllers Vulnerability: Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker on the same network to gain...

9.8CVSS10AI score0.04737EPSS
Exploits1References4
ICS
ICS
added 2019/08/20 12:0 a.m.97 views

Zebra Industrial Printers

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low skill level to exploit Vendor: Zebra Equipment: Industrial Printers Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets...

7.5CVSS7.6AI score0.01703EPSS
Exploits0References5
ICS
ICS
added 2019/08/15 12:0 a.m.60 views

Fuji Electric Alpha5 Smart Loader

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: Alpha5 Smart Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of...

7.8CVSS8AI score0.02947EPSS
Exploits0References5
ICS
ICS
added 2019/08/15 12:0 a.m.66 views

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: Metasys Vulnerabilities: Reusing a Nonce, Key Pair in Encryption; Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of these vulnerabilities could be leveraged by an...

9.1CVSS8.7AI score0.0082EPSS
Exploits0References5
ICS
ICS
added 2019/08/13 12:0 a.m.64 views

Siemens SINAMICS (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINAMICS Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update ICSA-19-227-04 Siemens SINAMICS Update...

7.5CVSS7.9AI score0.01401EPSS
Exploits0References9
ICS
ICS
added 2019/08/13 12:0 a.m.56 views

Siemens SCALANCE Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE Products Vulnerabilities: Improper Adherence to Coding Standards 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

6.6CVSS7.6AI score0.01168EPSS
Exploits0References9
Total number of security vulnerabilities4255