4207 matches found
Schneider Electric IONXXXX Series Power Meter Vulnerabilities
OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-16-256-02 Schneider Electric ION Power Meter CSRF Vulnerability that was published September 12, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified a cross-site request forgery CSRF and no...
Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption...
Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certifica...
MICROSYS PROMOTIC Memory Corruption Vulnerability
OVERVIEW Security researcher Praveen Darshanam of Versa Networks has identified a memory corruption vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application. MICROSYS has produced a new version to mitigate this vulnerability. The researcher has tested the new version to validate that it...
Rockwell Automation MicroLogix 1100 PLC Overflow Vulnerability
OVERVIEW David Atch of CyberX has identified a stack-based buffer overflow vulnerability in Rockwell Automation’s Allen-Bradley MicroLogix 1100 programmable logic controller PLC systems. Rockwell Automation has produced a new firmware version to mitigate this vulnerability. This vulnerability cou...
CAREL PlantVisor Enhanced Authentication Bypass Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified an authorization bypass vulnerability in CAREL’s PlantVisor application. CAREL has confirmed that this vulnerability refers to the phased-out CAREL product PlantVisorEnhanced and is no longer supported. This vulnerability could be exploite...
Siemens OZW672 and OZW772 XSS Vulnerability
OVERVIEW Independent researcher Aditya Sood has identified a cross-site scripting vulnerability in Siemens OZW672 and OZW772 devices. Siemens has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the...
Advantech WebAccess Vulnerabilities
OVERVIEW Ilya Karpov of Positive Technologies, Ivan Sanchez, Andrea Micalizzi, Ariele Caltabiano, Fritz Sands, Steven Seeley, and an anonymous researcher have identified multiple vulnerabilities in Advantech WebAccess application. Many of these vulnerabilities were reported through the Zero Day...
Moxa ioLogik E1200 Series Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-287-05 Moxa ioLogik E1200 Series Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 4 -------- Alexandru Ariciu of Applied Risk has identified...
Kabona AB WDC Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-17-287-07 Kabona AB WDC Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. Martin Jartelius and John Stock of Outpost 24 have identified vulnerabilities in Kabona AB’s...
WAGO Ethernet Web-based Management Authentication Bypass Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in WAGO’s Ethernet Web-based Management products. WAGO has produced firmware and workarounds to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS WAGO...
Fidelix FX-20 Series Controllers Path Traversal Vulnerability
OVERVIEW Researcher Semen Rozhkov of Kaspersky Lab has identified a path traversal vulnerability in Fidelix’s FX-20 series controllers. Fidelix has produced a new software version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Fidelix reports tha...
Siemens Desigo PX Web Module Insufficient Entropy Vulnerability
OVERVIEW Siemens has released a firmware update to mitigate an insufficient entropy vulnerability that affects Siemens Desigo PX Web modules. Marcella Hastings, Joshua Fried, and Nadia Heninger from the University of Pennsylvania coordinated this vulnerability directly with Siemens. This...
FATEK Automation PLC WinProladder Stack-Based Buffer Overflow Vulnerability
OVERVIEW A researcher working with Trend Micro’s Zero Day Initiative ZDI has identified a stack-based buffer overflow vulnerability in FATEK Automation's PLC WinProladder application. Fatek Automation Fatek has not produced an update to mitigate this vulnerability. ZDI has coordinated with...
OmniMetrix OmniView Vulnerabilities
OVERVIEW Bill Voltmer of Elation Technologies LLC has identified vulnerabilities in OmniMetrix’s OmniView web application. OmniMetrix has produced a new software version for its web interface that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCT...
Siemens SIMATIC WinCC and SIMATIC PCS 7 ActiveX Vulnerability
OVERVIEW Mingzheng Li from Acorn Network Security Lab has identified an ActiveX vulnerability in Siemens’ SIMATIC WinCC and SIMATIC PCS 7. Siemens has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the...
Moxa DACenter Vulnerabilities
OVERVIEW Independent researcher Zhou Yu has identified denial-of-service and unquoted service path privilege escalation vulnerabilities in Moxa’s DACenter application. Moxa has produced a patch to mitigate these vulnerabilities. Zhou Yu has tested the patch to validate that it resolves the...
Delta Electronics WPLSoft, ISPSoft, and PMSoft Vulnerabilities
OVERVIEW Researchers axt and Ariele Caltabiano each working with Trend Micro's Zero Day Initiative ZDI have identified vulnerabilities in Delta Electronics’ WPLSoft, ISPSoft, and PMSoft software applications. Delta Electronics has produced new software versions to mitigate these vulnerabilities...
Visonic PowerLink2 Vulnerabilities
OVERVIEW Independent researcher Aditya K. Sood has identified cross-site scripting and source code disclosure vulnerabilities in Visonic’s PowerLink2 module. Visonic has produced an updated version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED...
Rockwell Automation RSLogix 500 and RSLogix Micro File Parser Buffer Overflow Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-224-02 Rockwell Automation RSLogix 500 and RSLogix Micro File Parser Buffer Overflow Vulnerability that was published September 15, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3...
Moxa MiiNePort Session Hijack Vulnerabilities
OVERVIEW Independent researcher Aditya Sood has identified vulnerabilities in Moxa’s MiiNePort. Moxa has produced new firmware editions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Moxa reports that the vulnerabilities affect the followin...
Sauter NovaWeb Web HMI Authentication Bypass Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in Sauter’s NovaWeb web HMI application. Sauter has not produced a mitigation for this vulnerability. This product was discontinued in 2013 and is no longer supported. This vulnerability could be...
Adcon Telemetry A850 Telemetry Gateway Base Station Vulnerabilities
OVERVIEW Independent researcher Aditya K. Sood has identified a cross-site scripting vulnerability in Adcon Telemetry’s A850 Telemetry Gateway Base Station. Adcon Telemetry has produced a new firmware version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED...
Tesla Gateway ECU Vulnerability
OVERVIEW Tencent’s Keen Security Lab has identified a Gateway ECU vulnerability in Tesla Motors Inc.’s Tesla Model S automobile. Tesla has produced an over-the-air firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following vehic...
Mitsubishi Electric MELSEC-Q Series Ethernet Interface Module Vulnerabilities
OVERVIEW Security researcher Vladimir Dashchenko of Critical Infrastructure Defense Team, Kaspersky Lab has identified vulnerabilities in the Mitsubishi Electric Automation, Inc. Mitsubishi Electric MELSEC-Q series Ethernet interface modules. NCCIC/ICS-CERT and JPCERT have coordinated the reporte...
Siemens SICAM PAS Vulnerabilities
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-01 Siemens SICAM PAS Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Siemens has released an advisory to inform its users on how to mitigate vulnerabilities that affect...
Advantech SUSIAccess Server Vulnerabilities
OVERVIEW Researcher rgod working with Zero Day Initiative ZDI has identified an information disclosure, a directory traversal, and a privilege escalation vulnerability in Advantech’s SUSIAccess Server. Advantech has produced new software to mitigate these vulnerabilities. These vulnerabilities...
Moxa NPort Device Vulnerabilities
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-02 Moxa NPort Device Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Security researchers Reid Wightman of RevICS Security, Mikael Vingaard, and Maxim Rupp have identifie...
Emerson DeltaV Wireless I/O Card Open SSH Port Vulnerability
OVERVIEW Emerson has identified an open SSH port vulnerability in the DeltaV Wireless I/O Card. Emerson has produced a firmware patch that disables the SSH port. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Emerson reports that the vulnerability affects the following products...
Emerson Liebert SiteScan XML External Entity Vulnerability
OVERVIEW Researcher Evgeny Ermakov from Kaspersky Lab has identified an XML External Entity XXE vulnerability affecting Emerson’s Liebert SiteScan application. Emerson has produced patches to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The...
Emerson DeltaV Easy Security Management Application Vulnerability
OVERVIEW Emerson has released a publication to inform its users of a vulnerability that affects DeltaV Easy Security Management. Emerson is terminating support for the DeltaV Easy Security Management application and highly recommends all users uninstall it from all DeltaV and non-DeltaV...
Moxa OnCell Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-236-01 Moxa OnCell Vulnerabilities that was published August 23, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified several vulnerabilities in Moxa’s OnCell products. Moxa has...
Moxa SoftCMS Vulnerabilities
OVERVIEW Zhou Yu working with Trend Micro’s Zero Day Initiative and Gu Ziqiang from Huawei Weiran Labs have identified vulnerabilities in Moxa’s SoftCMS Webserver Application. Moxa has produced an update to mitigate these vulnerabilities. Both researchers have tested the update to validate that i...
Vanderbilt Industries Siemens IP CCTV Cameras Vulnerability
OVERVIEW Siemens reports that there is a vulnerability in Siemens-branded IP cameras from Vanderbilt Industries. Vanderbilt has released updates to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the vulnerability affects the...
Lynxspring JENEsys BAS Bridge Vulnerabilities
OVERVIEW Independent researcher Maxim Rupp has identified several vulnerabilities in Lynxspring’s JENEsys BAS Bridge application. Lynxspring has discontinued the BAS Bridge application and recommends that users upgrade to the Onyxx Bridge product. These vulnerabilities could be exploited remotely...
CA Unified Infrastructure Management Directory Traversal Vulnerability (Update B)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-315-01A CA Unified Infrastructure Management Directory Traversal Vulnerability that was published November 15, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi, working with Zero Day...
Phoenix Contact ILC PLC Authentication Vulnerabilities
OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...
OSIsoft PI System Incomplete Model of Endpoint Features Vulnerability
OVERVIEW OSIsoft has identified an incomplete model of endpoint features vulnerability in OSIsoft’s PI System software. OSIsoft has produced new versions to mitigate this vulnerability. AFFECTED PRODUCTS The following PI System software versions are affected: Applications using PI Asset Framework...
Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption...
Moxa OnCell Security Vulnerabilities
OVERVIEW Independent researcher Maxim Rupp has identified authorization bypass and disclosed OS commanding vulnerabilities in Moxa’s OnCell Security Software. Moxa has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Th...
Schneider Electric ConneXium Buffer Overflow Vulnerability
OVERVIEW Security researcher George Lashenko of CyberX has identified a buffer overflow vulnerability in Schneider Electric’s ConneXium firewall product. Schneider Electric is developing a firmware update to mitigate this vulnerability. This vulnerability is remotely exploitable. AFFECTED PRODUCT...
Schneider Electric Unity PRO Control Flow Management Vulnerability
OVERVIEW Avihay Kain and Mille Gandelsman of Indegy have identified a vulnerability in Schneider Electric Unity PRO Software product. Schneider Electric has released a security notification with instructions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED...
IBHsoftec S7-SoftPLC CPX43 Heap-based Buffer Overflow Vulnerability
OVERVIEW Ariele Caltabiano kimiya working with Trend Micro’s Zero Day Initiative has identified a buffer overflow vulnerability in IBHsoftec’s S7-SoftPLC. IBHsoftec has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS IBHsoft...
Smiths Medical CADD-Solis Medication Safety Software Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Smiths Medical has reported two vulnerabilities in Smiths Medical’s CADD-Solis Medication Safety Software that were identified by Andrew...
Siemens SINEMA Server Privilege Escalation Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-215-02 Siemens SINEMA Server Privilege Escalation Vulnerability that was published August 2, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- Security researcher rgod working...
Honeywell Experion PKS Improper Input Validation Vulnerability
OVERVIEW Honeywell reported a denial-of-service condition caused by an improper input validation vulnerability in Honeywell’s Experion Process Knowledge System PKS platform. Honeywell has produced patches to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED...
Siemens SICAM RTU Devices Denial-of-Service Vulnerability
OVERVIEW Stephan Beirer, Markus Mahrla, Toralf Gimpel, and Sebastian Krause, from GAI NetConsult GmbH, and Adam Crain of Automatak LLC have identified a denial-of-service vulnerability in Siemens SICAM products. Siemens has produced a firmware update to mitigate this vulnerability. This...
Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities (Update C)
OVERVIEW This updated advisory is a follow-up to the advisory update titled ICSA-16-208-01B Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities that was published October 4, 2016, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities in SIMATIC WinCC,...
Moxa EDR-810 Industrial Secure Router Privilege Escalation Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified a privilege escalation vulnerability in Moxa’s EDR-810 Industrial Secure Router. Moxa has produced firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following EDR-810 versions ar...
Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability
OVERVIEW Independent researcher He Congwen has identified a hard-coded password vulnerability in Schneider Electric’s PowerLogic PM8ECC device. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following...