4207 matches found
Rockwell Automation FactoryTalk EnergyMetrix Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 21, 2016, and is being released to the NCCIC/ICS-CERT web site. Rockwell Automation has identified authentication vulnerabilities in the FactoryTalk EnergyMetrix application. Rockwell Automation has produced...
Advantech WebAccess ActiveX Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-173-01 Advantech WebAccess ActiveX Vulnerabilities that was published June 21, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- Zhou Yu of Acorn Network Security and ZDI Zero...
Schneider Electric PowerLogic PM8ECC Cross-site Scripting Vulnerability
OVERVIEW Schneider Electric has notified NCCIC/ICS-CERT of a Cross-site Scripting XSS vulnerability in Schneider Electric’s PowerLogic PM8ECC communications add-on module for the Series 800 PowerMeter. Schneider Electric has produced a firmware update to mitigate this vulnerability. This...
Siemens APOGEE Insight Incorrect File Permissions Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-082-01 Siemens APOGEE Insight Incorrect File Permissions Vulnerability that was published March 22, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3 -------- Siemens has identified an...
Moxa PT-7728 Series Switch Improper Authorization Vulnerability
OVERVIEW Researcher Can Demirel of Biznet Bilisim has identified an improper authorization vulnerability in Moxa’s Industrial Ethernet Switch PT-7728 series. Moxa has produced an update to mitigate this vulnerability. Can Demirel has tested the update to validate that it resolves the vulnerabilit...
OSIsoft PI SQL Data Access Server Input Validation Vulnerability
OVERVIEW OSIsoft has identified an input validation vulnerability in its own PI SQL Data Access Server. OSIsoft has produced a new version of PI SQL Data Access Server OLE DB 2016 1.5 to address this issue. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Affected versions of PI...
OSIsoft PI AF Server Input Validation Vulnerability
OVERVIEW OSIsoft has identified an input validation vulnerability in its own PI AF Server. OSIsoft has produced a new version of PI AF Server 2016 to address this issue. This vulnerability could be exploited remotely. AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following...
ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-077-01 ABB Panel Builder 800 DLL Hijacking Vulnerability that was published March 17, 2016, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in the ABB...
Siemens SIMATIC WinCC Flexible Weakly Protected Credentials Vulnerability
OVERVIEW Siemens has identified a weakly protected credentials vulnerability in SIMATIC WinCC flexible. Gleb Gritsai and Roman Ilin from Positive Technologies reported this issue directly to Siemens. Siemens has produced an update to mitigate this vulnerability. This vulnerability could be...
Siemens SIMATIC S7-300 Denial-of-Service Vulnerability
OVERVIEW Siemens has identified a denial-of-service vulnerability in the SIMATIC S7-300 CPU family. The vulnerability was reported directly to Siemens by Mate J. Csorba of DNV GL, Marine Cybernetics Services, and Amund Sole of Norwegian University of Science and Technology. Siemens has produced a...
Trihedral Engineering Limited VTScada Vulnerabilities
OVERVIEW An anonymous researcher has identified several vulnerabilities in Trihedral Engineering Ltd.’s Trihedral VTScada and reported them to Zero Day Initiative ZDI, which reported them to NCCIC/ICS-CERT. Trihedral Engineering Ltd. has produced a new version to mitigate these vulnerabilities...
GE MultiLink Series Hard-coded Credential Vulnerability
OVERVIEW GE has identified a hard-coded credential vulnerability in GE’s MultiLink series managed switches. GE has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following MultiLink products are affected: GE ML8...
ABB PCM600 Vulnerabilities
OVERVIEW ABB has identified one use of password hash with insufficient computational effort and three insufficiently protected credentials vulnerabilities in ABB’s PCM600. These vulnerabilities were reported directly to ABB by Ilya Karpov from Positive Technologies. ABB has produced a new version...
Moxa UC 7408-LX-Plus Firmware Overwrite Vulnerability
OVERVIEW NCCIC/ICS-CERT has received information from a third party that identified a firmware overwrite vulnerability in Moxa’s UC 7408-LX-Plus device. Moxa has produced instructions to reduce exposure to this vulnerability. The Moxa UC 7408-LX-Plus device has been discontinued. This vulnerabili...
Black Box AlertWerks ServSensor Credential Management Vulnerability
OVERVIEW Independent researcher Lee Ryman has identified a credential management vulnerability in Black Box’s AlertWerks ServSensor devices. ICS-CERT and CERT Australia have coordinated with Black Box that has produced a new firmware version to mitigate this vulnerability. Lee Ryman has tested th...
Sixnet BT Series Hard-coded Credentials Vulnerability
OVERVIEW Independent researcher Neil Smith has identified a hard-coded credential vulnerability in Sixnet’s BT series routers. Sixnet has produced patches and new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are...
Environmental Systems Corporation Data Controllers Vulnerabilities
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-147-01A Environmental Systems Corporation Data Controllers Vulnerabilities that was published June 2, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified data controller...
Moxa MiiNePort Vulnerabilities
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-145-01 Moxa MiiNePort Vulnerabilities that was published May 24, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified weak credential management, sensitive information not...
Siemens SIPROTEC Information Disclosure Vulnerabilities (Update B)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : SIPROTEC 4 and SIPROTEC Compact Vulnerabilities : Information Exposure 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-16-140-02...
Resource Data Management Intuitive 650 TDB Controller Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-140-01 Resource Data Management Intuitive 650 TBD Controller Vulnerabilities that was published May 19, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified a privilege escalati...
IRZ RUH2 3G Firmware Overwrite Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-138-01 iRZ RUH2 3G Firmware Overwrite Vulnerability that was published May 17, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT has identified a firmware overwrite vulnerability in iRZ’s RUH2 device. iRZ has...
AMX Multiple Products Credential Management Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-049-02 AMX Multiple Products Credential Management Vulnerabilities that was published February 18, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- ICS-CERT has become aware of...
Meteocontrol WEB'log Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-133-01 Meteocontrol WEB'log Vulnerabilities that was published May 12, 2016, on the NCCIC/ICS‑CERT web site. Independent researcher Karn Ganeshen has identified one authentication and two information exposure...
Panasonic FPWIN Pro Vulnerabilities
OVERVIEW NCCIC/ICS-CERT received a report from Trend Micro’s Zero Day Initiative ZDI concerning buffer overflow vulnerabilities in Panasonic FPWIN Pro software. These vulnerabilities were reported to ZDI by security researcher Steven Seeley. Panasonic has produced a new version to mitigate these...
KMC Controls Conquest BACnet Router Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on May 5, 2016, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified authentication and cross-site request forgery CSRF vulnerabilities in KMC Controls’ Conquest...
Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certifica...
Sierra Wireless ACEmanager Information Exposure Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified an exposure of sensitive information vulnerability in the Sierra Wireless ACEmanager application. Sierra Wireless has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS...
Accuenergy Acuvim II Series AXM-NET Module Vulnerabilities
OVERVIEW Independent researcher Maxim Rupp has identified authentication bypass vulnerabilities in Accuenergy’s Acuvim II Series AXM-NET module. Accuenergy has produced guidelines to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following...
Ecava IntegraXor Vulnerabilities
OVERVIEW Independent security researcher Marcus Richerson and Steven Seeley of Source Incite, working with Trend Micro’s Zero Day Initiative, independently identified vulnerabilities in Ecava’s IntegraXor application. Ecava has produced a new version to mitigate these vulnerabilities. Marcus...
Siemens Industrial Products glibc Library Vulnerability (Update C)
OVERVIEW This updated advisory is a follow-up to the advisory update titled ICSA-16-103-01B Siemens Industrial Products glibc Library Vulnerability that was published July 14, 2016, on the NCCIC/ICS-CERT web site. Siemens reports that a buffer overflow vulnerability in the glibc library could...
Siemens SCALANCE S613 Denial-of-Service Vulnerability
OVERVIEW Siemens has identified a resource exhaustion vulnerability that causes a denial-of-service condition in the Siemens SCALANCE S613 device. Siemens recommends that customers contact Siemens customer support in order to obtain advice on a solution for the customer’s specific environment. Th...
Siemens Industrial Products DROWN Vulnerability (Update C)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-103-03B Siemens Industrial Products DROWN Vulnerability that was published June 15, 2017, on the NCCIC/ICS-CERT web site. Siemens has found that a DROWNThe DROWN Attack, https://drownattack.com/, web site last...
Pro-face GP-Pro EX HMI Vulnerabilities
OVERVIEW ZDI Zero Day Initiative has identified one information disclosure and two buffer overflow vulnerabilities, and independent researcher Jeremy Brown has identified hard-coded credentials in Pro-face’s GP-Pro EX HMI software. Pro-face has produced a module to mitigate these vulnerabilities...
ICONICS WebHMI Directory Traversal Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified a directory traversal vulnerability in the ICONICS WebHMI V9 application. ICONICS has produced recommendations to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following ICONICS product ...
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-085-01 Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities, that was published March 26, 2015, to the NCCIC/ICS-CERT web site. Gleb Gritsai, Ilya Karpov, and Kirill Nesterov o...
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities
OVERVIEW Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies Security Lab and independent researcher Alisa Esage Shevchenko have identified vulnerabilities in the Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014. Schneider Electric has released new patch...
XZERES 442SR Wind Turbine Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified a cross-site request forgery CSRF vulnerability in XZERES’s 442SR turbine generator operating system OS. XZERES has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The...
Honeywell XL Web Controller Directory Traversal Vulnerability
OVERVIEW Martin Jartelius of Outpost24 has identified a directory traversal vulnerability in Honeywell’s XL Web Controller. Honeywell has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following XLWeb controller versions...
Schneider Electric Pelco DS-NVs Buffer Overflow Vulnerability
OVERVIEW NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative ZDI concerning a buffer overflow vulnerability in Schneider Electric’s Pelco DS-NVs software package. This vulnerability was reported to ZDI by security researchers Ariele Caltabiano and Andrea Micalizzi. Schneider Electric h...
Cimon CmnView DLL Hijacking Vulnerability
OVERVIEW Ivan Sanchez of Wise Security has identified a DLL Hijacking vulnerability in the CIMON CmnView.exe application. CIMON, Inc. has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely with social engineering and requires local user input...
Elipse E3 Process Control Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-069-04 Elipse E3 Process Control Vulnerability that was published March 10, 2015, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a process control vulnerability in the Elipse E3...
SCADA Engine BACnet OPC Server Vulnerabilities
OVERVIEW Independent researcher Josep Pi Rodriguez has identified three vulnerabilities in the SCADA Engine BACnet OPC Server application. SCADA Engine has produced a new software version that mitigates these vulnerabilities. Josep Pi Rodriguez has tested the new software version to validate that...
ABB HART Device DTM Vulnerability
OVERVIEW Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library used in ABB’s HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which ABB have begun to integrate. AFFECTE...
Elipse E3 Process Control Vulnerability
OVERVIEW Ivan Sanchez from Nullcode Team has identified a process control vulnerability in the Elipse E3 application. The process control vulnerability is a result of a third-party DLL, developed by Telerik, which is used in the Elipse E3 application. Elipse has released a new version that...
Advantech EKI Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-344-01A Advantech EKI Vulnerabilities that was published December 15, 2015, on the NCCIC/ICS-CERT web site. --------- Begin Update B Part 1 of 3 -------- HD Moore of Rapid7 identified several vulnerabilities in...
XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability (Update C)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-342-01B XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability that was published March 21, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update C Part 1 of 2 -------- Independent researchers Karn...
Siemens SIMATIC S7-300 CPU Denial-of-Service Vulnerability
OVERVIEW Johannes Klick, Christian Pfahl, Martin Gebert, and Lucas Jacob from Freie Universität Berlin’s work team SCADACS have identified a Denial-of-Service DoS vulnerability in Siemens SIMATIC S7-300 CPUs. Siemens has developed mitigations for this vulnerability. This vulnerability could be...
Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-064-02 Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths that was published March 5, 2015, on the NCCIC/ICS‑CERT web site. Ivan Sanchez from...
Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-064-01 Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability that was published March 5, 2015, on the NCCIC/ICS-CERT web site. The “GHOST”Further information about the GHOST vulnerability:...
Siemens SPC Controller Series Denial-of-Service Vulnerability
OVERVIEW Davide Peruzzi of GoSecure! has identified a denial-of-service DoS vulnerability in the Siemens SPC Controllers. Siemens has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following SPC Controllers are affected:...