4251 matches found
Siemens SIMATIC S7-1200 CPU Family Version 4
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1200 CPU Family Version 4 Vulnerability: Cross-Site Request Forgery CSRF 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a CSRF attack if an unsuspecting user is...
ICSA-18-282-02 Siemens SCALANCE W1750D
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely/public exploits are available Vendor: Siemens Equipment: SCALANCE W1750D Vulnerability: Cryptographic issues 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to decrypt TLS traffic. 3...
ICSA-18-282-03 Siemens ROX II
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: ROX II Vulnerabilities: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow valid users to escalate their privileges and...
Siemens SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP OpenController (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP Open Controller Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is...
Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit/information related to these vulnerabilities is publicly available Vendor: Hangzhou Xiongmai Technology Co., Ltd Equipment: XMeye P2P Cloud Server Vulnerabilities: Predictable From Observable State, Hidden...
WECON PI Studio (Update A)
1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 4 --------- CVSS v3 7.8 ATTENTION: Low attack complexity --------- End Update A Part 1 of 4 --------- Vendor: WECON Technology Co., Ltd. WECON Equipment: PI Studio Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write,...
Carestream Vue RIS
1. EXECUTIVE SUMMARY CVSS v3 3.7 ATTENTION: Exploitable remotely Vendor: Carestream Equipment: Carestream Vue RIS Vulnerability: Information Exposure Through an Error Message 2. RISK EVALUATION An attacker with access to the network of the affected system can passively read traffic. 3. TECHNICAL...
Change Healthcare PeerVue Web Server
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable on an adjacent network/low skill level to exploit Vendor: Change Healthcare Equipment: PeerVue Web Server Vulnerability: Information Exposure Through an Error Message 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Philips iSite/IntelliSpace PACS Vulnerabilities (Update A)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code...
Delta Electronics ISPSoft
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Delta Electronics Equipment: ISPSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the...
Entes EMG 12
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Entes Equipment: EMG 12 Vulnerabilities: Improper Authentication, Information Exposure Through Query Strings in GET Request 2. RISK EVALUATION Successful exploitation of these vulnerabilities may...
GE Communicator
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Communicator Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. 3...
Fuji Electric FRENIC Devices (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit/public exploits are available Vendor : Fuji Electric Equipment : FRENIC Loader, FRENIC-Mini C1, FRENIC-Mini C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace Vulnerabilities : Buffer Over-read,...
Fuji Electric Alpha5 Smart Loader (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Fuji Electric Equipment: Alpha5 Smart Loader Vulnerabilities: Classic Buffer Overflow, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a...
Delta Electronics Delta Industrial Automation PMSoft
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Electronics Equipment: Delta Industrial Automation PMSoft Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read...
Emerson AMS Device Manager
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: AMS Device Manager Vulnerabilities: Improper Access Control, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
Tec4Data SmartCooler
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Tec4Data Equipment: SmartCooler Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device to shut down by...
Rockwell Automation RSLinx Classic
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: RSLinx Classic Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Resource Exhaustion 2. RISK EVALUATION Successful exploitation of these...
Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability (Update B)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Logix5000 Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the previously updated advisory titled...
WECON PLC Editor
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WECON Equipment: PLC Editor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could result in unauthorized code execution within the...
Rockwell Automation MicroLogix
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Rockwell Equipment : MicroLogix Controller Vulnerabilities : Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause denial of service,...
Honeywell Mobile Computers with Android Operating Systems
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely Vendor: Honeywell Equipment: Mobile Computers Vulnerability: Improper Privilege Management 2. RISK EVALUATION A vulnerability in a system service on CT60, CN80, CT40, CK75, CN75, CT50, D75e, CN51, and EDA series mobile computers...
Fuji Electric V-Server Lite
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to view sensitive...
Fuji Electric V-Server
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Fuji Electric Equipment: V-Server Vulnerabilities: Use-After Free, Untrusted Pointer Dereference, Heap-based Buffer Overflow, Out-of-Bounds Write, Integer Underflow,...
ICSA-18-254-03 Siemens TD Keypad Designer
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: TD Keypad Designer Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local low-privileged attacker to escalate their...
ICSA-18-254-04 Siemens SIMATIC WinCC OA
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC OA Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote user to escalate...
Siemens SCALANCE X Switches
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-329-02A Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities that was published December 2, 2014, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities within products using the Siemen...
Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-329-02 Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities that was published November 25, 2014, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities within products utilizing the...
Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities
OVERVIEW Siemens has identified two vulnerabilities within products utilizing the Siemens WinCC application. Siemens has produced a patch that mitigates this vulnerability in the WinCC application and is working on updates for the remaining affected products to address the other vulnerability in...
Siemens SIMATIC HMI Devices Vulnerabilities
OVERVIEW Siemens has identified three vulnerabilities in its SIMATIC HMI devices. These vulnerabilities were reported directly to Siemens by the Quarkslab team and Ilya Karpov from Positive Technologies. Siemens has produced updates that mitigate these vulnerabilities in most of the affected...
Schneider Electric StruxureWare Building Expert Plaintext Credentials Vulnerability
OVERVIEW Independent researcher Artyom Kurbatov has identified a cleartext transmission vulnerability in Schneider Electric’s StruxureWare Building Expert product. Schneider Electric has produced a new firmware version that mitigates this vulnerability. Artyom Kurbatov has tested the new firmware...
Network Time Protocol Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-353-01A Network Time Protocol Vulnerabilities that was published December 23, 2014, on the NCCIC/ICS-CERT web site. Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple...
RealFlex RealWin Vulnerabilities
Overview This ICS-CERT Advisory is a follow-up to the ICS-CERT Alert titled, “ICS-ALERT-11-080-04—Multiple Vulnerabilities in RealFlex RealWin.” An independent researcher has published exploit code for seven vulnerabilities identified in RealFlex Technologies’ RealWin 2.1.10 Demo Supervisory...
ICONICS GENESIS (32 & 64) Vulnerabilities
OVERVIEW This advisory is a follow-up to ICS-ALERT-11-080-02 ICONICS GENESIS 32 & 64 Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent security researcher has published 13 vulnerabilities with proof of concept PoC code for the ICONICS GENESIS32 and GENESIS64...
DNP3 Implementation Vulnerability (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-13-291-01A DNP3 Implementation Vulnerability that was published November 21, 2013, on the NCCIC/ICS-CERT web site. Adam Crain of Automatak and Chris Sistrunk, Sr. Consultant for Mandiant, reported an improper input...
Siemens SIMATIC PLCs Reported Issues Summary (Update A)
Overview ICS-CERT has been coordinating multiple reports of issues affecting various models within the Siemens SIMATIC Step 7 S7 programmable logic controller PLC product line. ICS-CERT has coordinated the issues with both Siemens and the researcher and continues to work with both entities. A...
ABB NETCADOPS HELP SYSTEM VULNERABILITY
Overview A cross-site scriptinghttp://www.owasp.org/index.php/Cross-siteScriptingXSS vulnerability exists in the system used by the ABB Electrical Distribution Management System DMS product netCADOPS to generate online Help. Affected Products All releases of the ABB netCADOPS product. The ABB...
Schneider Electric Serial Modbus Driver Buffer Overflow
OVERVIEW Carsten Eiram of Risk-Based Security has identified a stack-based buffer overflow vulnerability in Schneider Electric’s Serial Modbus Driver that affects 11 Schneider Electric products. Schneider Electric has produced patches that mitigate this vulnerability. This vulnerability can be...
McAfee Night Dragon Report (Update A)
Overview McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”McAfee, http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf, accessed February 10, 2011. which describes advanced persistent threat activity designed to obtain...
SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability
Overview This advisory is a follow-up to ICS-ALERT-10-260-01 SCADA Engine BACnet OPC Client Buffer Overflow, which was published on the ICS-CERT Web site on September 17, 2010. A buffer overflow vulnerability has been reportedSecunia Advisory SA41466, http://secunia.com/advisories/41466/, website...
Primary Stuxnet Advisory
OVERVIEW ICS-CERT has been actively investigating and reporting on the Stuxnet vulnerability. To date, ICS-CERT has released ICSA-10-201-01 - Malware Targeting Siemens Control Software including Updates B & C and ICSA-10-238-01 - Stuxnet Mitigations including Update B. Stuxnet uses four zero-day...
RealFlex RealWin Buffer Overflow
Overview This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows, which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationResearcher, http://aluigi.altervista.org/adv/realwin1-adv.txt...
7-Technologies IGSS Vulnerabilities
Overview This advisory is a follow-up to ICS-ALERT-11-080-03 7-Technologies IGSS Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent researcher has identified eight vulnerabilities in 7-Technologies 7T IGSS SCADA human-machine interface HMI application. Each of t...
GLEG Agora SCADA+ Exploit Pack
OVERVIEW On March 15, 2011, GLEG Ltd. announced the Agora SCADA+ Exploit Pack for Immunity’s CANVAS system. CANVAS is a penetration testing framework that is extensible using CANVAS Exploit Packs. On March 25, 2011, GLEG announced it would be adding exploits for the 35 vulnerabilities released by...
Siemens Tecnomatix FactoryLink Vulnerabilities (Update A)
Overview This ICS-CERT Advisory is a follow-up to ICS-ALERT-11-080-01. An independent researcher has identified six vulnerabilities in the Siemens Tecnomatix FactoryLink supervisory control and data acquisition SCADA product. The researcher has also publicly released exploit code. The researcher...
Ecava IntegraXor Directory Traversal
Overview This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal, published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface HMI product that could all...
Wind River VxWorks Vulnerabilities
Overview A security researcher has identified two vulnerabilities affecting the Wind River Systems’ VxWorks platform. The vulnerabilities are a debug service enabled by default VU362332 and a weak hashing algorithm used in authentication VU840249. ICS-CERT has been coordinating with CERT/CC in...
Ice Qube Thermal Management Center
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Ice Qube Equipment: Thermal Management Center Vulnerabilities: Improper Authentication, Unprotected Storage of Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
AGG SCADA Viewer OPC Buffer Overflow Vulnerability
Overview The ICS-CERT has received a report from independent security researcher Steven James that a stack-based buffer overflow exists in the AGG Software OPC SCADA Viewer software. The vulnerability could allow arbitrary code execution. ICS-CERT has coordinated with AGG Software, which has...