Lucene search
K

4251 matches found

ICS
ICS
added 2019/03/05 12:0 a.m.118 views

Rockwell Automation RSLinx Classic

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: RSLinx Classic Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute...

9.8CVSS9.8AI score0.50031EPSS
Exploits0References5
ICS
ICS
added 2019/02/28 12:0 a.m.51 views

PSI GridConnect Telecontrol

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: PSI GridConnect GmbH formerly known as PSI Nentec GmbH Equipment: Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy Vulnerability: Cross-site Scripting 2. RISK EVALUATION...

8.8CVSS8.8AI score0.02579EPSS
Exploits0References5
ICS
ICS
added 2019/02/26 12:0 a.m.146 views

Moxa IKS, EDS (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: IKS, EDS Vulnerabilities: Classic Buffer Overflow, Cross-site Request Forgery, Cross-site Scripting, Improper Access Controls, Improper Restriction of Excessive Authentication...

10CVSS10AI score0.04971EPSS
Exploits0References4
ICS
ICS
added 2019/02/19 12:0 a.m.51 views

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed, which may allow the attacker to read...

7.8CVSS8AI score0.01716EPSS
Exploits0References5
ICS
ICS
added 2019/02/19 12:0 a.m.103 views

Intel Data Center Manager SDK

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor : Intel Equipment: Data Center Manager SDK Vulnerabilities: Improper Authentication, Protection Mechanism Failure, Permission Issues, Key Management Errors, Insufficient Control Flow Management 2...

8.8CVSS7.2AI score0.01275EPSS
Exploits0References6
ICS
ICS
added 2019/02/19 12:0 a.m.111 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Rockwell Automation Equipment: Allen-Bradley PowerMonitor 1000 Vulnerabilities: Cross-site Scripting and Authentication Bypass 2. UPDATE INFORMATION This updated...

8.1CVSS7.9AI score0.30295EPSS
Exploits5References5
ICS
ICS
added 2019/02/19 12:0 a.m.35 views

Delta Industrial Automation CNCSoft

1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Delta Equipment: Delta Industrial Automation CNCSoft Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition that may...

5.5CVSS6.1AI score0.01105EPSS
Exploits0References6
ICS
ICS
added 2019/02/14 12:0 a.m.64 views

Pangea Communications Internet FAX ATA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Pangea Communications Equipment: Internet FAX Analog Telephone Adapter ATA Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION...

7.8CVSS7.8AI score0.03302EPSS
Exploits0References5
ICS
ICS
added 2019/02/13 12:0 p.m.21 views

DNS Infrastructure Hijacking Campaign

Summary The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a global Domain Name System DNS infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to...

9.3AI score
Exploits0References21
ICS
ICS
added 2019/02/12 12:0 a.m.54 views

OSIsoft PI Vision

1. EXECUTIVE SUMMARY CVSS v4.8 ATTENTION: Low skill level to exploit Vendor: OSIsoft Equipment: PI Vision Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and modify the contents of the PI Vision web page and data...

4.8CVSS5.2AI score0.00699EPSS
Exploits0References5
ICS
ICS
added 2019/02/12 12:0 a.m.131 views

Siemens Intel Active Management Technology of SIMATIC IPCs

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Intel Active Management Technology AMT of SIMATIC IPCs Vulnerabilities: Cryptographic Issues, Improper Restriction of Operations within the Bounds of a Memory Buffer, Resource...

7.2CVSS7AI score0.03303EPSS
Exploits0References9
ICS
ICS
added 2019/02/12 12:0 a.m.111 views

WIBU SYSTEMS AG WibuKey Digital Rights Management (Update D)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: WIBU-SYSTEMS AG Equipment: WibuKey Digital Rights Management DRM Vulnerabilities: Information Exposure, Out-of-bounds Write, Heap-based Buffer Overflow 2. UPDATE...

10CVSS8.4AI score0.34329EPSS
Exploits3References6
ICS
ICS
added 2019/02/12 12:0 a.m.84 views

ICSA-19-043-02 Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Communication Module and SIPROTEC 5 Relays Vulnerability: Improper Input Validation 2. RISK EVALUATION The EN100 Ethernet communication module and SIPROTEC 5...

5.9CVSS6AI score0.01155EPSS
Exploits0References9
ICS
ICS
added 2019/02/05 12:0 a.m.113 views

Rockwell Automation EtherNet/IP Web Server Modules

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: EtherNet/IP Web Server Modules Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker...

7.8CVSS7.7AI score0.03185EPSS
Exploits0References5
ICS
ICS
added 2019/02/05 12:0 a.m.128 views

AVEVA InduSoft Web Studio and InTouch Edge HMI

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : AVEVA Software, LLC AVEVA Equipment : InduSoft Web Studio and InTouch Edge HMI formerly InTouch Machine Edition Vulnerabilities : Missing Authentication for Critical Function, Resource Injection...

10CVSS9.7AI score0.17287EPSS
Exploits6References5
ICS
ICS
added 2019/02/05 12:0 a.m.127 views

Kunbus PR100088 Modbus Gateway (Update B)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Kunbus Equipment: PR100088 Modbus gateway Vulnerabilities: Improper Authentication, Information Exposure Through Query Strings in GET Request, Missing Authentication for Critical Function, Imprope...

9.8CVSS8.1AI score0.01226EPSS
Exploits0References5
ICS
ICS
added 2019/02/05 12:0 a.m.55 views

WECON LeviStudioU (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Technology Co., Ltd WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Memory Corruption 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

9.3CVSS8.6AI score0.02109EPSS
Exploits0References5
ICS
ICS
added 2019/01/31 12:0 a.m.82 views

IDenticard PremiSys (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/vulnerability details have been publicly disclosed Vendor: IDenticard Equipment: PremiSys Vulnerabilities: Use of Hard-coded Credentials, Use of Hard-coded Password, Inadequate Encryption Strength 2...

9CVSS8.4AI score0.0289EPSS
Exploits0References6
ICS
ICS
added 2019/01/31 12:0 a.m.184 views

Schneider Electric EVLink Parking

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EVLink Parking Vulnerabilities: Use of Hard-coded Credentials, Code Injection, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

10CVSS9.7AI score0.06252EPSS
Exploits3References5
ICS
ICS
added 2019/01/29 7:0 a.m.106 views

Mitsubishi Electric MELSEC-Q Series PLCs

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC-Q series PLCs Vulnerability: Resource Exhaustion 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to send...

7.5CVSS7.7AI score0.04274EPSS
Exploits0References10
ICS
ICS
added 2019/01/29 12:0 a.m.84 views

Stryker Medical Beds

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Public exploits are available Vendor: Stryker Equipment: Secure II MedSurg Bed, S3 MedSurg Bed, and InTouch ICU Bed Vulnerability: Reusing a Nonce 2. RISK EVALUATION Successful exploitation of this vulnerability could allow data traffic manipulation,...

8.1CVSS8AI score0.04575EPSS
Exploits1References5
ICS
ICS
added 2019/01/29 12:0 a.m.37 views

BD FACSLyric (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: FACSLyric Vulnerability: Improper Access Control 2. UPDATE INFORMATION This updated medical device advisory is a follow-up to the original advisory titled ICSMA-19-029-02 BD...

6.8CVSS6.9AI score0.00417EPSS
Exploits0References5
ICS
ICS
added 2019/01/29 12:0 a.m.59 views

AVEVA Wonderware System Platform

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: AVEVA Equipment: Wonderware System Platform Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION This vulnerability could allow unauthorized access to the credentials for the ArchestrA Network User...

8.8CVSS9AI score0.01364EPSS
Exploits0References5
ICS
ICS
added 2019/01/29 12:0 a.m.171 views

Yokogawa License Manager Service

1. EXECUTIVE SUMMARY CVSS v8.1 ATTENTION : Exploitable remotely Vendor : Yokogawa Equipment : License Manager Service Vulnerability : Unrestricted Upload of Files with Dangerous Type 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely upload files,...

10CVSS9.8AI score0.05405EPSS
Exploits0References5
ICS
ICS
added 2019/01/24 12:0 a.m.106 views

PHOENIX CONTACT FL SWITCH

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PHOENIX CONTACT Equipment: FL SWITCH Vulnerabilities: Cross-site Request Forgery, Improper Restriction of Excessive Authentication Attempts, Cleartext Transmission of Sensitive Information, Resourc...

9.8CVSS8.1AI score0.02314EPSS
Exploits0References5
ICS
ICS
added 2019/01/24 12:0 a.m.27 views

Advantech WebAccess/SCADA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Improper Authentication, Authentication Bypass, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...

9.8CVSS10AI score0.02808EPSS
Exploits0References5
ICS
ICS
added 2019/01/22 12:0 a.m.47 views

Dräger Infinity Delta

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low skill level to exploit Vendor: Dräger Equipment: Infinity Delta Vulnerabilities: Improper Input Validation, Information Exposure Through Log Files, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

7.8CVSS8.1AI score0.0078EPSS
Exploits0References5
ICS
ICS
added 2019/01/22 12:0 a.m.98 views

Johnson Controls Facility Explorer

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: Facility Explorer Vulnerabilities: Path Traversal, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read, write, and delete...

9.8CVSS9.2AI score0.0622EPSS
Exploits0References5
ICS
ICS
added 2019/01/17 12:0 a.m.92 views

ABB CP400 Panel Builder TextEditor 2.0

1. EXECUTIVE SUMMARY CVSS v7.0 Vendor: ABB Equipment: CP400 Panel Builder TextEditor 2.0 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, and cause a denial-of-service condition within the...

7.8CVSS8.1AI score0.01567EPSS
Exploits0References6
ICS
ICS
added 2019/01/17 12:0 a.m.70 views

ControlByWeb X-320M

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ControlByWeb Equipment: X-320M Vulnerabilities: Improper Authentication, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow arbitrary code execution...

6.8CVSS7.1AI score0.01571EPSS
Exploits1References5
ICS
ICS
added 2019/01/17 12:0 a.m.105 views

Omron CX-Supervisor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Low skill level to exploit Vendor: Omron Equipment: CX-Supervisor --------- Begin Update A Part 1 of 3 -------- Vulnerabilities: Code Injection, Command Injection, Use After Free, Type Confusion, Access of Uninitialized Pointer, Out-of-bounds Read...

8.8CVSS7.8AI score0.02421EPSS
Exploits0References5
ICS
ICS
added 2019/01/15 12:0 a.m.98 views

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerabilities: Improper Input Validation, Out-of-Bounds Read, Code Injection, Untrusted Pointer Dereference,...

9.8CVSS8.4AI score0.39487EPSS
Exploits0References6
ICS
ICS
added 2019/01/10 12:0 a.m.127 views

Pilz PNOZmulti Configurator

1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low skill level to exploit Vendor: Pilz GmbH & Co. KG Pilz Equipment: PNOZmulti Configurator Vulnerability: Clear-text Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow sensitive data to be...

7.8CVSS7.4AI score0.00241EPSS
Exploits0References5
ICS
ICS
added 2019/01/10 12:0 a.m.98 views

Emerson DeltaV

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: DeltaV Distributed Control System Workstations Vulnerability: Authentication Bypass 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to shut down a service,...

6.5CVSS7AI score0.00716EPSS
Exploits0References5
ICS
ICS
added 2019/01/10 12:0 a.m.56 views

Omron CX-One CX-Protocol

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Protocol within CX-One Vulnerabilities: Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the...

7.8CVSS8.3AI score0.01424EPSS
Exploits0References5
ICS
ICS
added 2019/01/08 12:0 a.m.72 views

Schneider Electric IIoT Monitor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: IIoT Monitor --------- Begin Update A Part 1 of 2 -------- Vulnerabilities: Path Traversal, Unrestricted Upload of File with Dangerous Type, XXE, Cryptographic Issues...

9.8CVSS7.5AI score0.3198EPSS
Exploits0References5
ICS
ICS
added 2019/01/08 12:0 a.m.195 views

ICSA-19-038-01 Siemens SICAM A8000 RTU Series

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM A8000 RTU Vulnerability: Uncaught Exception 2. RISK EVALUATION The SICAM A8000 RTU series is affected by a security vulnerability that could allow unauthenticated remote...

7.8CVSS7.8AI score0.01986EPSS
Exploits2References9
ICS
ICS
added 2019/01/08 12:0 a.m.63 views

Schneider Electric Zelio Soft 2

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Zelio Soft 2 Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for remote code execution when opening a specially crafted project...

7.8CVSS8.3AI score0.03037EPSS
Exploits0References6
ICS
ICS
added 2019/01/08 12:0 a.m.84 views

ICSA-19-043-06 Siemens CP1604 and CP1616 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : CP1604 and CP1616 Vulnerabilities : Cleartext Transmission of Sensitive Information, Cross-site Scripting, Cross-site Request Forgery 2. UPDATE INFORMATION This updated...

9.1CVSS8.3AI score0.01769EPSS
Exploits0References9
ICS
ICS
added 2019/01/08 12:0 a.m.101 views

ICSA-19-038-02 Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : EN100 Ethernet module Vulnerabilities : Improper Input Validation 2. RISK EVALUATION The EN100 Ethernet module for the SWT 3000 management platform is affected by security...

7.8CVSS8.1AI score0.02389EPSS
Exploits0References9
ICS
ICS
added 2019/01/08 12:0 a.m.65 views

Siemens SIMATIC S7-1500 CPU

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-1500 CPU Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a denial of service condition of...

7.8CVSS8.2AI score0.01986EPSS
Exploits0References9
ICS
ICS
added 2019/01/08 12:0 a.m.52 views

Siemens SIMATIC S7-300 CPU

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : SIMATIC S7-300 CPU Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed, resulting...

7.8CVSS7.7AI score0.01358EPSS
Exploits0References9
ICS
ICS
added 2019/01/03 12:0 a.m.40 views

Hetronic Nova-M

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit Vendor: Hetronic Equipment: Nova-M Vulnerability: Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands,...

8.8CVSS8.8AI score0.00753EPSS
Exploits0References4
ICS
ICS
added 2019/01/03 12:0 a.m.115 views

Yokogawa Vnet/IP Open Communication Driver

1. EXECUTIVE SUMMARY CVSS v7.5 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Yokogawa Equipment: Vnet/IP Open Communication Driver Vulnerability: Resource Management Error 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause...

7.5CVSS7.7AI score0.03342EPSS
Exploits0References5
ICS
ICS
added 2019/01/03 12:0 a.m.59 views

Schneider Electric Pro-face GP-Pro EX

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Pro-face GP-Pro EX Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify code to...

8.8CVSS8.9AI score0.02196EPSS
Exploits0References6
ICS
ICS
added 2018/12/20 12:0 a.m.130 views

Schneider Electric EcoStruxure

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EcoStruxure Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use this device as a platform to...

6.1CVSS6.6AI score0.00755EPSS
Exploits0References5
ICS
ICS
added 2018/12/20 12:0 a.m.46 views

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed, allow the attacker to read...

7.8CVSS7.7AI score0.0167EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.56 views

ABB GATE-E2

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: GATE-E2 Vulnerabilities: Missing Authentication for Critical Function, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

9.8CVSS8.2AI score0.02646EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.79 views

ABB M2M ETHERNET

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: M2M ETHERNET Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload a malicious...

4.3CVSS5AI score0.00787EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.53 views

Advantech WebAccess/SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a stack buffer overflow condition. 3...

7.5CVSS7.6AI score0.02309EPSS
Exploits0References5
Total number of security vulnerabilities4251