Lucene search
K

4251 matches found

ics
ics
added 2025/11/13 7:0 a.m.10 views

General Industrial Controls Lynx+ Gateway

RISK EVALUATION Successful exploitation of these vulnerabilities could result in obtaining sensitive device information, unauthorized access, or create a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

6.9AI score
Exploits0References11
ics
ics
added 2025/11/13 7:0 a.m.10 views

AVEVA Edge

RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to reverse engineer passwords through brute force. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.4CVSS6.3AI score0.00097EPSS
Exploits0References13
ics
ics
added 2025/11/13 7:0 a.m.6 views

Rockwell Automation FactoryTalk Policy Manager

RISK EVALUATION Successful exploitation of this vulnerability could lead to resource exhaustion and denial of service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

7.5CVSS7.4AI score0.03168EPSS
Exploits0References13
ics
ics
added 2025/11/13 7:0 a.m.6 views

Siemens SICAM P850 family and SICAM P855 family

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform arbitrary actions on the device on behalf of a legitimate user, or impersonate that user. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

6.1AI score
Exploits0References13
ics
ics
added 2025/11/11 8:0 a.m.5 views

Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

8.4CVSS6.2AI score0.00097EPSS
Exploits0References11
ics
ics
added 2025/11/11 8:0 a.m.8 views

Schneider Electric PowerChute Serial Shutdown

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.8AI score
Exploits0References11
ics
ics
added 2025/11/11 12:0 a.m.3 views

Siemens Altair Grid Engine

SUMMARY Altair Grid Engine contain multiple vulnerabilities that could allow an attacker to escalate privileges and execute arbitrary code with superuser permissions. Siemens has released a new version for Altair Grid Engine and recommends to update to the latest version. 2. GENERAL...

7.7AI score
Exploits0References10
ics
ics
added 2025/11/11 12:0 a.m.7 views

Siemens Software Center and Solid Edge

SUMMARY Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest...

8.5CVSS7.7AI score0.00158EPSS
Exploits0References10
ics
ics
added 2025/11/11 12:0 a.m.7 views

Siemens COMOS

SUMMARY COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...

8.4AI score
Exploits0References10
ics
ics
added 2025/11/11 12:0 a.m.7 views

Siemens LOGO! 8 BM Devices

SUMMARY LOGO! 8 BM incl. SIPLUS variants contains multiple vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state, or change the behavior of the device. Siemens is preparing fix versions and recommends specific countermeasures for...

7.5AI score
Exploits0References10
ics
ics
added 2025/11/11 12:0 a.m.9 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by improper certificate validation while connecting to License Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released a new version for Solid Edge SE2025 and recommends to update to the...

8.7CVSS6.9AI score0.00207EPSS
Exploits0References10
ics
ics
added 2025/11/06 7:0 a.m.6 views

ABB FLXeon Controllers

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take remote control of the product, insert and run arbitrary code, and crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.8AI score
Exploits0References12
ics
ics
added 2025/11/06 7:0 a.m.8 views

Ubia Ubox (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely view camera feeds or modify settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.1CVSS5.5AI score0.0025EPSS
Exploits0References11
ics
ics
added 2025/11/06 7:0 a.m.10 views

Advantech DeviceOn/iEdge

RISK EVALUATION Successful exploitation of these vulnerabilities could result in a denial-of-service condition, remote code execution, or an attacker reading arbitrary files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

6.4CVSS7.7AI score0.00228EPSS
Exploits0References11
ics
ics
added 2025/11/04 7:0 a.m.6 views

IDIS ICM Viewer

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker executing arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

8.8CVSS7.9AI score0.0045EPSS
Exploits0References11
ics
ics
added 2025/11/04 7:0 a.m.8 views

Delta Electronics CNCSoft-G2

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to execute arbitrary code in the context of the current process. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

7.8CVSS7.5AI score0.00284EPSS
Exploits0References11
ics
ics
added 2025/11/04 7:0 a.m.8 views

Radiometrics VizAir

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to manipulate critical weather parameters and runway settings, mislead air traffic control and pilots, extract sensitive meteorological data, and cause significant disruption to airport operations, leading to...

10CVSS7.1AI score0.00751EPSS
Exploits0References11
ics
ics
added 2025/11/04 7:0 a.m.12 views

Survision License Plate Recognition Camera

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to fully access the system without requiring authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

9.3CVSS6.9AI score0.0044EPSS
Exploits0References13
ics
ics
added 2025/11/04 7:0 a.m.7 views

Fuji Electric Monitouch V-SFT-6 (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the accessed device; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive...

8.4CVSS8.1AI score0.00219EPSS
Exploits0References10
ics
ics
added 2025/11/03 12:30 a.m.8 views

ABB PCM600

SUMMARY An update is available that resolves vulnerability in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could insert and run arbitrary code in the system. 2. MITIGATING FACTORS Mitigating factors describe conditions and...

5.5CVSS6.7AI score0.08926EPSS
Exploits1References11
ics
ics
added 2025/10/31 5:2 p.m.9 views

Restaurant Brands International assistant platform multiple vulnerabilities

RISK EVALUATION Restaurant Brands International assistant platform is used to manage restaurants owned by RBI. Multiple vulnerabilities were found in the assistant platform. The most severe vulnerabilities chained together could allow a remote, unauthenticated attacker to create an account and...

8.6CVSS7.1AI score0.00443EPSS
Exploits1References1
ics
ics
added 2025/10/31 4:57 p.m.7 views

ELOG multiple vulnerabilities

RISK EVALUATION ELOG the Electronic Logbook package contains multiple vulnerabilities. Regardless of configuration, low-privileged attackers can modify user profiles, escalate privileges, and deny access to ELOG. If the execute facility is specifically enabled with the "-x" command line flag,...

8.6CVSS7.4AI score0.00291EPSS
Exploits0References1
ics
ics
added 2025/10/30 6:0 a.m.7 views

Hitachi Energy TropOS

RISK EVALUATION Successful exploitation of these vulnerabilities could allow command injections and privilege escalation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for...

8AI score
Exploits0References13
ics
ics
added 2025/10/30 5:0 a.m.13 views

International Standards Organization ISO 15118-2 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in man-in-the-middle attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

6.3CVSS5.7AI score0.00234EPSS
Exploits0References11
ics
ics
added 2025/10/28 6:0 a.m.6 views

Vertikal Systems Hospital Manager Backend Services

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain unauthorized access to and disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

6.7AI score
Exploits0References13
ics
ics
added 2025/10/23 6:0 a.m.6 views

ASKI Energy ALS-Mini-S8 and ALS-Mini-S4

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full control over the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

10CVSS7.1AI score0.00754EPSS
Exploits0References11
ics
ics
added 2025/10/23 6:0 a.m.14 views

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA...

7.8CVSS6.9AI score0.00195EPSS
Exploits0References10
ics
ics
added 2025/10/23 6:0 a.m.9 views

NIHON KOHDEN Central Monitor CNS-6201

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: When remote access is...

8.7CVSS6.8AI score0.00439EPSS
Exploits0References10
ics
ics
added 2025/10/23 6:0 a.m.5 views

Veeder-Root TLS4B Automatic Tank Gauge System

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to execute system-level commands, gain full shell access, achieve remote command execution, move laterally within the network, trigger a denial of service condition, cause administrative lockout, and disrupt...

9.9CVSS7.6AI score0.01308EPSS
Exploits0References11
ics
ics
added 2025/10/23 6:0 a.m.9 views

AutomationDirect Productivity Suite

RISK EVALUATION Successful exploitation of these vulnerabilities could enable an attacker to execute arbitrary code, disclose information, gain full-control access to projects, or obtain read and write access to files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

7.9AI score
Exploits0References13
ics
ics
added 2025/10/23 12:0 a.m.5 views

Frontier Airlines website publicly available email address validation

RISK EVALUATION The Frontier Airlines website has a publicly available endpoint that validates if an email addresses is associated with an account. An unauthenticated, remote attacker could determine valid email addresses, possibly aiding in further attacks. 2. RECOMMENDED PRACTICES Use a...

6.9CVSS7.1AI score0.00303EPSS
Exploits0References1
ics
ics
added 2025/10/22 6:45 p.m.7 views

IBM DOORS Next Generation multiple vulnerabilities

RISK EVALUATION IBM Engineering Requirements Management DOORS contains multiple vulnerabilities that require authentication. These vulnerabilities include the ability to cause an application denial of service and JavaScript execution in the victim's browser through stored cross site scripting...

6.5AI score
Exploits0References1
ics
ics
added 2025/10/21 6:0 a.m.12 views

Rockwell Automation 1783-NATR

RISK EVALUATION Successful exploitation of these vulnerabilities could result in a denial-of-service, data modification, or in an attacker obtaining sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

9.9CVSS6.1AI score0.0052EPSS
Exploits0References11
ics
ics
added 2025/10/21 6:0 a.m.5 views

Oxford Nanopore Technologies MinKNOW

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disrupt sequencing operations and processes, exfiltrate and manipulate data, and bypass authentication controls. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk...

7.3AI score
Exploits0References13
ics
ics
added 2025/10/21 6:0 a.m.13 views

Rockwell Automation Compact GuardLogix 5370

RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...

8.7CVSS6.5AI score0.00383EPSS
Exploits0References11
ics
ics
added 2025/10/21 6:0 a.m.10 views

Raisecomm RAX701-GC Series

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication and gain unauthenticated root shell access to the affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

9.3CVSS7.3AI score0.00809EPSS
Exploits3References13
ics
ics
added 2025/10/21 6:0 a.m.17 views

CloudEdge Online Cameras and App

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to live video feed and camera control. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

8.7CVSS7AI score0.00296EPSS
Exploits0References13
ics
ics
added 2025/10/20 12:30 a.m.11 views

ABB Terra AC

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash...

6.8CVSS6.1AI score0.00264EPSS
Exploits0References12
ics
ics
added 2025/10/16 4:43 p.m.6 views

OPEXUS FOIAXpress unauthenticated administrator password reset

RISK EVALUATION OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password and gain full administrative access to a vulnerable system. 2. RECOMMENDED PRACTICES Update to FOIAXpress version 11.13.2.0 or later. 3. DESCRIPTION OPEXUS FOIAXpress allows a remote,...

9.8CVSS6.9AI score0.00672EPSS
Exploits0References1
ics
ics
added 2025/10/16 6:0 a.m.14 views

Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to access to the device's file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

9.1CVSS6.9AI score0.00567EPSS
Exploits0References10
ics
ics
added 2025/10/16 6:0 a.m.5 views

Rockwell Automation ArmorStart AOP

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.7CVSS6.6AI score0.00353EPSS
Exploits0References11
ics
ics
added 2025/10/16 6:0 a.m.14 views

Rockwell Automation FactoryTalk ViewPoint

RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated attackers to achieve XML external entity injection, resulting in a temporary denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.7CVSS6.8AI score0.00425EPSS
Exploits0References11
ics
ics
added 2025/10/16 6:0 a.m.7 views

Rockwell Automation FactoryTalk Linx

RISK EVALUATION Successful exploitation of these vulnerabilities may allow full access to all files, processes, and system resources. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also...

8.5CVSS6.5AI score0.00176EPSS
Exploits0References10
ics
ics
added 2025/10/14 7:0 a.m.10 views

Schneider Electric EcoStruxure

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.4AI score
Exploits0References11
ics
ics
added 2025/10/14 6:0 a.m.7 views

Rockwell Automation 1715 EtherNet/IP Comms Module

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause the web server to crash, requiring a restart to recover. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such...

6.6AI score
Exploits0References13
ics
ics
added 2025/10/14 12:0 a.m.8 views

Siemens HyperLynx and Industrial Edge App Publisher

SUMMARY Multiple Siemens products are affected by a type confusion vulnerability in Google Chrome prior to 138.0.7204.96. This could allow a remote attacker to perform arbitrary code execution via a crafted HTML page. Siemens has released a new version for Industrial Edge App Publisher and...

8.1CVSS6.8AI score0.06564EPSS
Exploits5References10
ics
ics
added 2025/10/14 12:0 a.m.9 views

Siemens Solid Edge

SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released new versions for the affected...

7.4AI score
Exploits0References10
ics
ics
added 2025/10/14 12:0 a.m.11 views

Siemens TeleControl Server Basic

SUMMARY TeleControl Server Basic V3.1 contains an information disclosure vulnerability that could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service. Siemens has released a new version for...

9.8CVSS6.6AI score0.00519EPSS
Exploits0References10
ics
ics
added 2025/10/14 12:0 a.m.6 views

Siemens SIMATIC ET 200SP Communication Processors

SUMMARY SIMATIC ET 200SP communication processors CP 1542SP-1, CP 1542SP-1 IRC and CP 1543SP-1, incl. SIPLUS variants contain an authentication vulnerability that could allow an unauthenticated remote attacker to access the configuration data. Siemens has released new versions for the affected...

9.8CVSS7.1AI score0.00496EPSS
Exploits0References10
ics
ics
added 2025/10/14 12:0 a.m.7 views

Siemens SINEC NMS

SUMMARY SINEC NMS is affected by SQL injection vulnerability that could allow an authenticated low privileged attacker to exploit by inserting malicious data and achieve privilege escalation. Siemens has released a new version for SINEC NMS and recommends to update to the latest version. 2...

8.8CVSS7.6AI score0.00346EPSS
Exploits0References10
Total number of security vulnerabilities4251