Lucene search
K

4251 matches found

ICS
ICS
added 2017/01/31 12:0 a.m.59 views

Ecava IntegraXor

CVSS v3 7.3 ATTENTION: Remotely Exploitable/low skill level to exploit Vendor: Ecava Equipment: IntegraXor Vulnerability: SQL Injection AFFECTED PRODUCTS The following IntegraXor version is affected: IntegraXor Version 5.0.413.0 IMPACT A successful exploit of this vulnerability could lead to...

9.8CVSS10AI score0.01645EPSS
Exploits0References3
ICS
ICS
added 2017/01/26 12:0 a.m.58 views

Belden Hirschmann GECKO

CVSS v3 5.9 ATTENTION: Remotely Exploitable/high skill level to exploit. Vendor: Belden Equipment: Hirschmann GECKO Vulnerability: Authentication Bypass Using an Alternate Path or Channel AFFECTED PRODUCTS The following GECKO switch versions are affected: Hirschmann GECKO Lite Managed switch,...

5.9CVSS6.3AI score0.01901EPSS
Exploits0References26
ICS
ICS
added 2017/01/26 12:0 a.m.73 views

Eaton ePDU Path Traversal Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified a path traversal vulnerability in certain legacy Eaton ePDUs. Although the affected products are past end-of-life EoL and is no longer supported, Eaton has provided defense-in-depth mitigation instructions to protect devices that are still...

5.3CVSS5.6AI score0.01883EPSS
Exploits0References2
ICS
ICS
added 2017/01/26 12:0 a.m.46 views

Belden Hirschmann GECKO (Update A)

CVSS v3 7.1 ATTENTION: Remotely Exploitable/low skill level to exploit. Vendor: Belden Equipment: Hirschmann GECKO --------- Begin Update A Part 1 of 5 -------- Vulnerabilities: Path Traversal, Server-Side Request Forgery, Cross-Site Request Forgery, Information Exposure --------- End Update A...

5.9CVSS6.7AI score0.01901EPSS
Exploits0References3
ICS
ICS
added 2017/01/24 12:0 a.m.54 views

Schneider Electric Wonderware Historian

CVSS V3 7.3 ATTENTION: Remotely exploitable/Low skill level to exploit Vendor: Schneider Electric Equipment: Wonderware Historian Vulnerability: Credentials Management AFFECTED PRODUCTS The following Wonderware Historian versions are affected: Wonderware Historian 2014 R2 SP1 P01 and earlier...

7.5CVSS7.7AI score0.01659EPSS
Exploits0References3
ICS
ICS
added 2017/01/19 12:0 a.m.53 views

Schneider Electric homeLYnk Controller

CVSS V3 6.3 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: homeLYnk Controller, LSS100100 Vulnerability: Cross-site Scripting AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following products: homeLYnk Controller,...

6.1CVSS7AI score0.01463EPSS
Exploits0References26
ICS
ICS
added 2017/01/19 12:0 a.m.56 views

Schneider Electric homeLYnk Controller (Update A)

CVSS V3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: homeLYnk Controller, LSS100100 Vulnerability: Cross-site Scripting, Command Injection UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-019-01...

6.1CVSS7.6AI score0.01463EPSS
Exploits0References2
ICS
ICS
added 2017/01/17 12:0 a.m.85 views

GE Proficy HMI/SCADA iFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-05 GE Proficy HMI/SCADA IFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability that was published January 17, 2017, on the NCCIC/ICS-CERT web site. GE has reported an insufficiently protecte...

6.7CVSS1.1AI score0.00369EPSS
Exploits0References27
ICS
ICS
added 2017/01/17 12:0 a.m.82 views

GE Proficy HMI/SCADA iFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability

OVERVIEW This advisory was originally posted to the NCCIC Portal on December 1, 2016, and is being released to the ICS-CERT web site. GE has reported an insufficiently protected credentials vulnerability in Proficy Human-Machine Interface/Supervisory Control and Data Acquisition HMI/SCADA iFIX,...

6.7CVSS1AI score0.00369EPSS
Exploits0References26
ICS
ICS
added 2017/01/17 12:0 a.m.48 views

ICSMA-17-017-01_BD Alaris 8000 Insufficiently Protected Credentials Vulnerability

OVERVIEW This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. Becton, Dickinson and Company BD has identified an insufficiently protected credentials vulnerability in BD’s Alaris 8000 Point of Care PC unit, which provid...

4.9CVSS5.4AI score0.01004EPSS
Exploits0References2
ICS
ICS
added 2017/01/17 12:0 a.m.76 views

BD Alaris 8015 PC Unit (Update B)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: BD Alaris 8015 PC Unit Vulnerabilities: Insufficiently Protected Credentials, Security Features 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...

5.3CVSS6.4AI score0.01004EPSS
Exploits0References5
ICS
ICS
added 2017/01/17 12:0 a.m.59 views

PHOENIX CONTACT mGuard

CVSS V3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: PHOENIX CONTACT Equipment: mGuard Vulnerability: Software update changes password to default AFFECTED PRODUCTS PHOENIX CONTACT reports that the vulnerability affects the following mGuard products: Only devices that hav...

9.8CVSS10AI score0.02428EPSS
Exploits0References3
ICS
ICS
added 2017/01/12 12:0 a.m.55 views

Advantech WebAccess

CVSS V3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech Equipment: WebAccess Vulnerabilities: Authentication Bypass, SQL Injection AFFECTED PRODUCTS The following WebAccess version is affected: WebAccess Version 8.1 IMPACT Successful exploitation of this...

9.8CVSS10AI score0.04398EPSS
Exploits3References3
ICS
ICS
added 2017/01/12 12:0 a.m.49 views

VideoInsight Web Client

CVSS V3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: VideoInsight Equipment: Web Client Vulnerability: SQL Injection AFFECTED PRODUCTS The following Web Client versions are affected: Web Client Version 6.3.5.11 and previous versions. IMPACT A successful exploit of this...

7.5CVSS7.9AI score0.02393EPSS
Exploits4References3
ICS
ICS
added 2017/01/12 12:0 a.m.75 views

Carlo Gavazzi VMU-C EM and VMU-C PV

CVSS V3 10 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Carlo Gavazzi Equipment: VMU-C EM, VMU-C PV Vulnerabilities: Access Control Flaws, CSRF, Sensitive Information Stored In Clear Text AFFECTED PRODUCTS Carlo Gavazzi reports that the vulnerabilities affect the following...

10CVSS9.6AI score0.09317EPSS
Exploits2References3
ICS
ICS
added 2017/01/10 12:0 a.m.56 views

OSIsoft PI Coresight and PI Web API

CVSS V3 6.1 Vendor: OSIsoft Equipment: PI Coresight, PI Web API Vulnerability: Information Exposure Through Server Log Files AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following versions: PI Coresight 2016 R2 and earlier versions, and PI Web API 2016 R2 when deployed usi...

7.8CVSS0.7AI score0.00374EPSS
Exploits0References27
ICS
ICS
added 2017/01/10 12:0 a.m.39 views

OSIsoft PI Coresight and PI Web API (Update A)

CVSS V3 6.1 Vendor: OSIsoft Equipment: PI Coresight, PI Web API Vulnerability: Information Exposure Through Server Log Files UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-010-01 OSIsoft PI Coresight and PI Web API that was published January 10,...

7.8CVSS8AI score0.00374EPSS
Exploits0References3
ICS
ICS
added 2017/01/09 12:0 a.m.64 views

ICSMA-17-009-01A_St. Jude Merlin@home Transmitter Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-009-01 St. Jude Merlin@home Transmitter Vulnerability that was published January 9, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 5 -------- MedSec Holdings has identified a channel...

8.9CVSS9AI score0.0124EPSS
Exploits0References2
ICS
ICS
added 2017/01/05 12:0 p.m.67 views

Rockwell Automation MicroLogix 1100 and 1400 Vulnerabilities

OVERVIEW This advisory was originally posted to the NCCIC Portal library on December 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Alexey Osipov and Ilya Karpov of Positive Technologies have identified vulnerabilities in Rockwell Automation’s Allen-Bradley MicroLogix 1100 and 140...

7.3CVSS5.9AI score0.04028EPSS
Exploits0References20
ICS
ICS
added 2017/01/05 12:0 a.m.84 views

Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-343-05 Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability that was published January 5, 2017, on the NCCIC/ICS-CERT web site. Rockwell Automation has identified a buff...

10CVSS1.6AI score0.10494EPSS
Exploits0References27
ICS
ICS
added 2016/12/26 7:0 a.m.67 views

Cogent DataHub Elevation of Privilege Vulnerability

OVERVIEW Steven Seeley of Source Incite has identified a privilege elevation vulnerability in the Cogent DataHub application produced by Cogent Real-Time Systems, Inc. Cogent has produced a new version to mitigate this vulnerability. Steven Seeley has tested the new version to validate that it...

7.8CVSS8.1AI score0.01331EPSS
Exploits4References10
ICS
ICS
added 2016/12/24 7:0 a.m.30 views

Siemens APOGEE Insight Incorrect File Permissions Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-082-01 Siemens APOGEE Insight Incorrect File Permissions Vulnerability that was published March 22, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3 -------- Siemens has identified an...

3.6CVSS3.6AI score0.00313EPSS
Exploits0References10
ICS
ICS
added 2016/12/19 7:0 a.m.41 views

ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-077-01 ABB Panel Builder 800 DLL Hijacking Vulnerability that was published March 17, 2016, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in the ABB...

7.2CVSS7.3AI score0.00305EPSS
Exploits0References10
ICS
ICS
added 2016/12/17 7:0 a.m.65 views

Siemens SIMATIC S7-1200 CPU Protection Mechanism Failure

OVERVIEW Siemens has identified a protection mechanism failure vulnerability in old firmware versions of SIMATIC S7-1200. Maik Brüggemann and Ralf Spenneberg from Open Source Training reported this issue directly to Siemens. Siemens provides SIMATIC S7-1200 CPU product, release V4.0 or newer, to...

6.5CVSS6.9AI score0.01691EPSS
Exploits0References10
ICS
ICS
added 2016/12/12 7:0 a.m.45 views

Schneider Electric Telvent RTU Improper Ethernet Frame Padding Vulnerability

OVERVIEW David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers IEEE conformance issue involving improper frame padding in Schneider Electric’s Telvent SAGE 2300 and 2400 remote terminal units RTUs. Schneider...

5.3CVSS5.6AI score0.01176EPSS
Exploits0References10
ICS
ICS
added 2016/12/12 7:0 a.m.31 views

Honeywell Uniformance PHD Denial Of Service (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-070-02 Honeywell Uniformance PHD Denial of Service that was published April 12, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 5 -------- Honeywell has identified a buffer overflow...

7.8CVSS8AI score0.01517EPSS
Exploits0References10
ICS
ICS
added 2016/12/08 12:0 p.m.67 views

INTERSCHALT VDR G4e Path Traversal Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified a path traversal vulnerability in INTERSCHALT Maritime Systems’s INTERSCHALT VDR G4e application. INTERSCHALT has produced a patch to mitigate this vulnerability. Maxim Rupp has tested the patch to validate that it resolves the...

5.3CVSS5.3AI score0.01713EPSS
Exploits0References17
ICS
ICS
added 2016/12/05 7:0 a.m.56 views

Moxa ioLogik E2200 Series Weak Authentication Practices

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-15-224-04 Moxa ioLogik E2210 VulnerabilitiesICS-ALERT-15-224-04 Moxa ioLogik E2210 Vulnerabilities, https://ics-cert.us-cert.gov/alerts/ICS-ALERT-15-224-04, web site last accessed March 03, 2016. that was published August 12, 201...

5.3CVSS6.3AI score0.01707EPSS
Exploits0References10
ICS
ICS
added 2016/12/03 7:0 a.m.48 views

Schneider Electric Building Operation Automation Server Vulnerability

OVERVIEW Independent researcher Karn Ganeshen has identified a vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software. Schneider Electric has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely...

9CVSS7.1AI score0.13426EPSS
Exploits7References10
ICS
ICS
added 2016/12/03 7:0 a.m.42 views

Eaton Lighting Systems EG2 Web Control Authentication Bypass Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on March 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Eaton Lighting Systems’ EG2 Web Control application. Eaton Lighting Systems...

8.1AI score
Exploits0References10
ICS
ICS
added 2016/12/03 7:0 a.m.80 views

Rockwell Automation Allen-Bradley CompactLogix Reflective Cross-Site Scripting Vulnerability (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.1 --------- Begin Update A Part 1 of 5 -------- ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available --------- End Update A Part 1 of 5 --------- Vendor: Rockwell Automation Equipment: Allen-Bradley CompactLogix Vulnerability:...

6.1CVSS6.7AI score0.07531EPSS
Exploits5References10
ICS
ICS
added 2016/12/01 12:0 a.m.199 views

Moxa NPort Device Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-02 Moxa NPort Device Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Security researchers Reid Wightman of RevICS Security, Mikael Vingaard, and Maxim Rupp have identifie...

10CVSS0.7AI score0.19856EPSS
Exploits4References33
ICS
ICS
added 2016/12/01 12:0 a.m.84 views

Siemens SICAM PAS Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-01 Siemens SICAM PAS Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Siemens has released an advisory to inform its users on how to mitigate vulnerabilities that affect...

9.8CVSS1AI score0.03255EPSS
Exploits0References21
ICS
ICS
added 2016/11/28 7:0 a.m.48 views

Rockwell Automation Integrated Architecture Builder Access Violation Memory Error

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on February 25, 2016, and is being released to the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified an access violation memory error in Rockwell Automation’s Integrated Architecture Builder IA...

6.9CVSS6.5AI score0.00902EPSS
Exploits0References10
ICS
ICS
added 2016/11/21 7:0 a.m.29 views

B+B SmartWorx VESP211 Authentication Bypass Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in B+B SmartWorx’s VESP211 serial servers. B+B SmartWorx has produced an implementation plan to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The...

10CVSS10AI score0.0254EPSS
Exploits0References10
ICS
ICS
added 2016/11/21 7:0 a.m.48 views

AMX Multiple Products Credential Management Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-049-02 AMX Multiple Products Credential Management Vulnerabilities that was published February 18, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- ICS-CERT has become aware of...

10CVSS10AI score0.04674EPSS
Exploits2References10
ICS
ICS
added 2016/11/14 7:0 a.m.57 views

Moxa EDR-G903 Secure Router Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-042-01 Moxa EDR‑G903 Secure Router Vulnerabilities that was published May 17, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Moxa’s EDR‑G903 secure...

7.8CVSS8.3AI score0.02221EPSS
Exploits0References10
ICS
ICS
added 2016/11/12 7:0 a.m.26 views

Siemens SIMATIC S7-1500 CPU Vulnerabilities

OVERVIEW Siemens has identified two vulnerabilities in the Siemens SIMATIC S7-1500 CPU family. Siemens has produced a firmware update to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens SIMATIC S7-1500 CPU versions are...

6.7AI score
Exploits0References10
ICS
ICS
added 2016/11/12 7:0 a.m.53 views

Tollgrade SmartGrid Sensor Management System Software Vulnerabilities

OVERVIEW Independent researcher Maxim Rupp has identified vulnerabilities in Tollgrade Communications, Inc.’s SmartGrid LightHouse Sensor Management System SMS Software EMS. Tollgrade Communications, Inc. has produced an update to mitigate these vulnerabilities. Maxim Rupp has tested the update t...

9CVSS8.7AI score0.02055EPSS
Exploits0References10
ICS
ICS
added 2016/11/10 12:0 a.m.40 views

CA Unified Infrastructure Management Directory Traversal Vulnerability (Update B)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-315-01A CA Unified Infrastructure Management Directory Traversal Vulnerability that was published November 15, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi, working with Zero Day...

8.6CVSS0.1AI score0.02306EPSS
Exploits0References22
ICS
ICS
added 2016/11/08 12:0 a.m.190 views

Phoenix Contact ILC PLC Authentication Vulnerabilities

OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...

7.5CVSS0.8AI score0.11199EPSS
Exploits8References19
ICS
ICS
added 2016/11/08 12:0 a.m.37 views

OSIsoft PI System Incomplete Model of Endpoint Features Vulnerability

OVERVIEW OSIsoft has identified an incomplete model of endpoint features vulnerability in OSIsoft’s PI System software. OSIsoft has produced new versions to mitigate this vulnerability. AFFECTED PRODUCTS The following PI System software versions are affected: Applications using PI Asset Framework...

5.5CVSS5.8AI score0.00359EPSS
Exploits0References20
ICS
ICS
added 2016/11/05 6:0 a.m.82 views

GE SNMP/Web Interface Vulnerabilities

OVERVIEW Independent researcher Karn Ganeshen has identified two vulnerabilities in the GE SNMP/Web Interface adapter. GE has produced a new firmware version to mitigate the identified vulnerabilities in later model devices. Earlier model SNMP/Web Interface adapters may need to be upgraded to...

6.5CVSS8.8AI score0.09933EPSS
Exploits4References10
ICS
ICS
added 2016/11/05 6:0 a.m.70 views

Sauter moduWeb Vision Vulnerabilities

OVERVIEW Martin Jartelius and John Stock of Outpost24 have identified three vulnerabilities in Sauter’s moduWeb Vision application. Sauter has produced a new firmware version to mitigate these vulnerabilities. The researchers have tested the new firmware version to validate that it resolves the...

10CVSS8.4AI score0.02473EPSS
Exploits0References10
ICS
ICS
added 2016/11/03 12:0 p.m.67 views

Schneider Electric IONXXXX Series Power Meter Vulnerabilities

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-16-256-02 Schneider Electric ION Power Meter CSRF Vulnerability that was published September 12, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified a cross-site request forgery CSRF and no...

9.8CVSS9.5AI score0.02452EPSS
Exploits4References18
ICS
ICS
added 2016/11/03 12:0 a.m.41 views

Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption...

7.8CVSS0.04301EPSS
Exploits1References21
ICS
ICS
added 2016/10/31 6:0 a.m.29 views

Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certifica...

9.3CVSS9.3AI score0.01206EPSS
Exploits0References10
ICS
ICS
added 2016/10/29 6:0 a.m.43 views

MICROSYS PROMOTIC Memory Corruption Vulnerability

OVERVIEW Security researcher Praveen Darshanam of Versa Networks has identified a memory corruption vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application. MICROSYS has produced a new version to mitigate this vulnerability. The researcher has tested the new version to validate that it...

7.1CVSS5.4AI score0.01045EPSS
Exploits0References10
ICS
ICS
added 2016/10/29 6:0 a.m.62 views

Rockwell Automation MicroLogix 1100 PLC Overflow Vulnerability

OVERVIEW David Atch of CyberX has identified a stack-based buffer overflow vulnerability in Rockwell Automation’s Allen-Bradley MicroLogix 1100 programmable logic controller PLC systems. Rockwell Automation has produced a new firmware version to mitigate this vulnerability. This vulnerability cou...

10CVSS10AI score0.06619EPSS
Exploits0References10
ICS
ICS
added 2016/10/24 6:0 a.m.39 views

CAREL PlantVisor Enhanced Authentication Bypass Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified an authorization bypass vulnerability in CAREL’s PlantVisor application. CAREL has confirmed that this vulnerability refers to the phased-out CAREL product PlantVisorEnhanced and is no longer supported. This vulnerability could be exploite...

7.8CVSS7.9AI score0.02196EPSS
Exploits0References10
Total number of security vulnerabilities4251