Lucene search
K

4255 matches found

ICS
ICS
added 2018/12/20 12:0 a.m.46 views

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed, allow the attacker to read...

7.8CVSS7.7AI score0.0167EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.67 views

ABB CMS-770

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: CMS-770 Vulnerabilities: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to read sensitive...

6.5CVSS7.1AI score0.00766EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.82 views

3S-Smart Software Solutions GmbH CODESYS Control V3 Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : 3S-Smart Software Solutions GmbH Equipment : CODESYS Control V3 products Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

10CVSS9.9AI score0.01267EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.56 views

ABB GATE-E2

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: GATE-E2 Vulnerabilities: Missing Authentication for Critical Function, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...

9.8CVSS8.2AI score0.02646EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.79 views

ABB M2M ETHERNET

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: M2M ETHERNET Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload a malicious...

4.3CVSS5AI score0.00787EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.53 views

Advantech WebAccess/SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a stack buffer overflow condition. 3...

7.5CVSS7.6AI score0.02309EPSS
Exploits0References5
ICS
ICS
added 2018/12/18 12:0 a.m.75 views

3S-Smart Software Solutions GmbH CODESYS V3 Products

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : 3S-Smart Software Solutions GmbH Equipment : CODESYS V3 products Vulnerabilities : Use of Insufficiently Random Values, Improper Restriction of Communication Channel to Intended Endpoints 2. RISK...

8.2AI score
Exploits0References4
ICS
ICS
added 2018/12/13 12:0 a.m.32 views

Schneider Electric GUIcon Eurotherm

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low skill level to exploit Vendor : Schneider Electric Equipment : Eurotherm by Schneider Electric GUIcon Vulnerabilities : Type Confusion, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...

7.8CVSS8.5AI score0.01233EPSS
Exploits0References5
ICS
ICS
added 2018/12/13 12:0 a.m.42 views

GE Mark VIe, EX2100e, EX2100e

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe, EX2100e, EX2100eReg, and LS2100e Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access system data, which could result...

7.5CVSS8AI score0.02562EPSS
Exploits0References4
ICS
ICS
added 2018/12/13 12:0 a.m.45 views

Geutebrück GmbH E2 Series IP Cameras

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Geutebrück GmbH Equipment : E2 Camera Series Vulnerability : OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to inject OS...

10CVSS10AI score0.03882EPSS
Exploits0References5
ICS
ICS
added 2018/12/13 12:0 a.m.46 views

Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers

1. EXECUTIVE SUMMARY CVSS v3 4.6 ATTENTION: Low skill level to exploit Vendor: Medtronic Equipment: 9790 CareLink Programmer, 2090 CareLink Programmer, 29901 Encore Programmer Vulnerability: Missing Encryption of Sensitive Data 2. RISK EVALUATION As part of the intended functionality of this...

4.6CVSS4.7AI score0.00315EPSS
Exploits0References5
ICS
ICS
added 2018/12/11 12:0 a.m.91 views

ICSA-18-345-02 Siemens SINUMERIK Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINUMERIK Controllers Vulnerabilities: Heap-based Buffer Overflow, Integer Overflow or Wraparound, Protection Mechanism Failure, Permissions, Privileges, and Access Controls,...

9.8CVSS8.7AI score0.04593EPSS
Exploits0References9
ICS
ICS
added 2018/12/11 12:0 a.m.52 views

ICSA-18-345-01 McAfee SINAMICS PERFECT HARMONY GH180

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: McAfee Equipment: SINAMICS PERFECT HARMONY GH180 Vulnerability: Improper Access Control 2. RISK EVALUATION These files can be executed to compromise the HMI, and by extension, the drive system. 3. TECHNICAL DETAILS...

7.1CVSS6.9AI score0.00262EPSS
Exploits0References9
ICS
ICS
added 2018/12/11 12:0 a.m.70 views

Siemens TIM 1531 IRC Modules

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: TIM 1531 IRC Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform...

10CVSS9.8AI score0.02796EPSS
Exploits0References9
ICS
ICS
added 2018/12/06 12:0 a.m.44 views

GE Proficy GDS

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: General Electric GE Equipment: Proficy GDS Vulnerability: XXE 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to initiate an OPC UA session and retrieve an...

9.1CVSS9.6AI score0.02691EPSS
Exploits0References6
ICS
ICS
added 2018/12/06 12:0 a.m.24 views

Philips HealthSuite Health Android App

1. EXECUTIVE SUMMARY CVSS v3 3.5 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Philips HealthSuite Health Android App Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker with physical access to...

4.6CVSS4.5AI score0.00158EPSS
Exploits0References4
ICS
ICS
added 2018/12/04 12:0 a.m.49 views

SpiderControl SCADA WebServer

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SpiderControl Equipment: SCADA WebServer Vulnerability: Reflected Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute JavaScript...

6.1CVSS6.3AI score0.00852EPSS
Exploits0References5
ICS
ICS
added 2018/12/04 12:0 a.m.42 views

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow, Use After Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of...

7.8CVSS8.6AI score0.01754EPSS
Exploits0References6
ICS
ICS
added 2018/12/03 12:0 p.m.39 views

SamSam Ransomware

Summary The Department of Homeland Security DHS National Cybersecurity and Communications Integration Center NCCIC and the Federal Bureau of Investigation FBI are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, th...

9.7AI score
Exploits0References19
ICS
ICS
added 2018/11/29 12:0 a.m.69 views

ICSA-18-333-02_Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low skill level Vendor : Tridium Equipment : Niagara Enterprise Security, Niagara AX, and Niagara 4 Vulnerability : Cross-site Scripting 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on...

5.4CVSS5.3AI score0.00973EPSS
Exploits0References2
ICS
ICS
added 2018/11/29 12:0 a.m.50 views

INVT Electric VT-Designer

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: INVT Electric Equipment: VT-Designer Vulnerabilities: Deserialization of Untrusted Data, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause...

8.8CVSS9.1AI score0.03199EPSS
Exploits0References6
ICS
ICS
added 2018/11/27 12:0 a.m.104 views

AVEVA Vijeo Citect and Citect SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: AVEVA Software, LLC AVEVA Equipment: Vijeo Citect, Citect SCADA Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute...

9.3CVSS8.1AI score0.02794EPSS
Exploits0References5
ICS
ICS
added 2018/11/27 12:0 a.m.81 views

Rockwell Automation FactoryTalk Services Platform

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Services Platform Vulnerability: Heap-based Buffer Overflow 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on...

7.8CVSS7.8AI score0.03866EPSS
Exploits0References5
ICS
ICS
added 2018/11/20 12:0 a.m.252 views

Schneider Electric Modicon M221

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon M221 Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a change of...

8.2CVSS8.5AI score0.00655EPSS
Exploits0References4
ICS
ICS
added 2018/11/20 12:0 a.m.246 views

Teledyne DALSA Sherlock

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Teledyne DALSA Equipment: Sherlock Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may...

10CVSS9.9AI score0.0726EPSS
Exploits0References5
ICS
ICS
added 2018/11/13 12:0 a.m.388 views

ICSA-18-317-04 Siemens SCALANCE S

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE S Vulnerability: Cross-site Scripting 2. RISK EVALUATION If an attacker tricks a user into clicking a malicious link, the device could allow arbitrary script injection XSS. 3. TECHNICAL DETAILS...

5.4CVSS5.7AI score0.00689EPSS
Exploits0References9
ICS
ICS
added 2018/11/13 12:0 a.m.432 views

Siemens S7-400 CPUs (Update B)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

8.2CVSS8.4AI score0.01545EPSS
Exploits0References12
ICS
ICS
added 2018/11/13 12:0 a.m.413 views

ICSA-18-317-07 Siemens SIMATIC IT Production Suite

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC IT Production Suite Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise confidentiality, integrity and...

9.3CVSS8.3AI score0.02656EPSS
Exploits0References9
ICS
ICS
added 2018/11/13 12:0 a.m.398 views

ICSA-18-317-06 Siemens SIMATIC STEP 7 (TIA Portal)

1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC STEP 7 TIA Portal Vulnerability: Unprotected Storage of Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to reconstruct passwords. 3...

5.5CVSS5.3AI score0.0024EPSS
Exploits0References9
ICS
ICS
added 2018/11/13 12:0 a.m.394 views

Siemens SIMATIC S7 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7 Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-317-05 Siemens SIMATIC S7 that...

7.5CVSS7.6AI score0.01799EPSS
Exploits0References9
ICS
ICS
added 2018/11/13 12:0 a.m.423 views

Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal)

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Panels and SIMATIC WinCC TIA Portal Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network...

8.8CVSS9AI score0.01684EPSS
Exploits0References9
ICS
ICS
added 2018/11/13 12:0 a.m.449 views

Siemens SIMATIC Panels

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Panels Vulnerabilities: Path Traversal, Open Redirect 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow download of arbitrary files from the...

8.1CVSS8.3AI score0.03572EPSS
Exploits0References9
ICS
ICS
added 2018/11/08 12:0 a.m.37 views

Philips iSite and IntelliSpace PACS

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerability: Weak Password Requirements 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker with local network access to impact...

8.8CVSS8.8AI score0.00812EPSS
Exploits0References5
ICS
ICS
added 2018/11/06 12:0 a.m.56 views

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules Vulnerability: Missing Authentication for Critical Function 2. REPOSTED INFORMATION This...

8.6CVSS8.9AI score0.043EPSS
Exploits0References5
ICS
ICS
added 2018/11/06 12:0 a.m.39 views

gpsd Open Source Project

1. EXECUTIVE SUMMARY CVSS v3 8.3 Vendor: gpsd Open Source Project Equipment: gpsd, microjson Vulnerability: Stack-based Buffer Overflow 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on November 6, 2018, and is being released to the NCCIC/ICS-CERT...

8.8CVSS9.2AI score0.02656EPSS
Exploits0References5
ICS
ICS
added 2018/11/06 12:0 a.m.61 views

Roche Diagnostics Point of Care Handheld Medical Devices (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable with adjacent access/low skill level to exploit --------- Begin Update A Part 1 of 3 -------- Vendor: Roche Diagnostics Equipment: Accu-Chek Inform II, CoaguChek Pro II/XS Plus/XS Pro, cobas h 232 POC handheld medical devices --------- End...

9.6CVSS8.6AI score0.0097EPSS
Exploits0References5
ICS
ICS
added 2018/11/01 12:0 a.m.521 views

Circontrol CirCarLife

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Circontrol Equipment: CirCarLife Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS10AI score0.03805EPSS
Exploits0References6
ICS
ICS
added 2018/11/01 12:0 a.m.532 views

Fr. Sauter AG CASE Suite

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fr. Sauter AG Equipment: CASE Suite Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

7.5CVSS7.7AI score0.01647EPSS
Exploits0References5
ICS
ICS
added 2018/11/01 12:0 a.m.543 views

AVEVA InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AVEVA Software, LLC. AVEVA Equipment: InduSoft Web Studio and InTouch Edge HMI formerly InTouch Machine Edition Vulnerabilities: Stack-based Buffer Overflow, Empty Password in Configuration File 2...

10CVSS10AI score0.04567EPSS
Exploits2References5
ICS
ICS
added 2018/11/01 12:0 a.m.631 views

Schneider Electric Software Update (SESU) (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Software Update SESU Vulnerability: DLL hijacking 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-305-02 Schneider Electric Software...

9.3CVSS8.1AI score0.02794EPSS
Exploits0References5
ICS
ICS
added 2018/10/30 12:0 a.m.506 views

PEPPERL+FUCHS CT50-Ex

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PEPPERL+FUCHS Equipment: CT50-Ex Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious third-party application to...

6.8CVSS6.1AI score0.00791EPSS
Exploits0References5
ICS
ICS
added 2018/10/25 12:0 a.m.558 views

GEOVAP Reliance 4 SCADA/HMI

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GEOVAP Equipment: Reliance 4 SCADA/HMI Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to use HTTP proxy...

6.1CVSS6.6AI score0.00852EPSS
Exploits0References6
ICS
ICS
added 2018/10/25 12:0 a.m.538 views

Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerabilities: Improper Access Control, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for arbitrary...

9.3CVSS8.6AI score0.05219EPSS
Exploits0References5
ICS
ICS
added 2018/10/23 12:0 a.m.520 views

Telecrane F25 Series

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit Vendor: Telecrane Equipment: F25 Series Vulnerability: Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands,...

8.1CVSS8.3AI score0.00663EPSS
Exploits0References5
ICS
ICS
added 2018/10/23 12:0 a.m.551 views

GAIN Electronic Co. Ltd SAGA1-L Series

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: GAIN Electronic Co. Ltd Equipment: SAGA1-L series Vulnerabilities: Authentication Bypass by Capture-replay, Improper Access Control, Improper Authentication 2. RISK EVALUATION...

9.1CVSS8.6AI score0.01563EPSS
Exploits0References5
ICS
ICS
added 2018/10/23 12:0 a.m.564 views

Advantech WebAccess

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerabilities: Stack-based Buffer Overflow, External Control of File Name or Path, Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful...

9.8CVSS10AI score0.04779EPSS
Exploits0References5
ICS
ICS
added 2018/10/17 12:0 a.m.534 views

Omron CX-Supervisor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Omron Equipment: CX-Supervisor Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-Of-Bounds Read, Use-After-Free, Incorrect Type Conversion or Cast 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

7.8CVSS6.9AI score0.01627EPSS
Exploits0References5
ICS
ICS
added 2018/10/16 12:0 a.m.529 views

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment: LAquis SCADA Vulnerabilities: Untrusted Pointer Dereference, Out-of-Bounds Read, Integer Overflow to Buffer Overflow, Path...

9.8CVSS10AI score0.08063EPSS
Exploits0References5
ICS
ICS
added 2018/10/11 12:0 a.m.500 views

NUUO CMS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: NUUO Equipment: CMS Vulnerabilities: Use of Insufficiently Random Values, Use of Obsolete Function, Incorrect Permission Assignment for Critical Resource, Use of Hard-coded Credentials 2. RISK...

9.8CVSS1.1AI score0.29639EPSS
Exploits2References36
ICS
ICS
added 2018/10/11 12:0 a.m.512 views

NUUO NVRmini2 and NVRsolo

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: NUUO Equipment: NVRmini2, NVRsolo Vulnerabilities: Stack-based Buffer Overflow, Leftover Debug Code 2. RISK EVALUATION Successful exploitation of these...

10CVSS9.6AI score0.15226EPSS
Exploits2References5
Total number of security vulnerabilities4255