Lucene search
K

4251 matches found

ics
ics
added 2025/10/14 12:0 a.m.5 views

Siemens SiPass Integrated

SUMMARY SiPass integrated before V3.0 contains multiple vulnerabilities that could allow an unauthenticated remote attacker to exploit user accounts, manipulate data, impersonate users, or achieve arbitrary code execution on the SiPass integrated server. Siemens has released a new version for...

9.3AI score
Exploits0References10
ics
ics
added 2025/10/09 7:50 p.m.8 views

Newforma Project Center multiple vulnerabilities

RISK EVALUATION Newforma Project Center contains multiple vulnerabilities. In the worst case, successful exploitation could allow unauthenticated, remote code execution. 2. RECOMMENDED PRACTICES Follow updated hardening guides and upgrade to most recent version of Newforma Project Center. 3...

9.8CVSS8.2AI score0.00861EPSS
Exploits0References1
ics
ics
added 2025/10/09 6:0 a.m.6 views

Rockwell Automation Stratix

RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

7.7CVSS7.8AI score0.37613EPSS
Exploits1References11
ics
ics
added 2025/10/09 6:0 a.m.9 views

Rockwell Automation Lifecycle Services with Cisco

RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

7.7CVSS7.8AI score0.37613EPSS
Exploits1References11
ics
ics
added 2025/10/08 12:30 a.m.10 views

ABB LVS MConfig

SUMMARY ABB became aware of an internally discovered vulnerability in the MConfig product versions listed as affected in the advisory. An attacker with access to local networks who successfully exploits vulnerability could have access to application’s sensitive information. ABB strongly advises...

7.4CVSS5.8AI score0.00094EPSS
Exploits0References10
ics
ics
added 2025/10/07 10:50 p.m.5 views

OPEXUS FOIAXpress stored XSS

RISK EVALUATION OPEXUS FOIAXpress before 11.13.3.0 contains multiple stored cross-site-scripting vulnerabilities. These vulnerabilities allow an authenticated administrative user to inject JavaScript or other content into various components of FOIAXpress. Successful exploitation allows the...

4.8CVSS6.5AI score0.00225EPSS
Exploits0References1
ics
ics
added 2025/10/07 6:0 a.m.5 views

Delta Electronics DIAScreen

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA...

7.8CVSS6.6AI score0.00155EPSS
Exploits0References10
ics
ics
added 2025/10/07 12:30 a.m.9 views

ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)

SUMMARY An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could cause the product to stop. 2. MITIGATING FACTORS Deactivate the...

10CVSS5.8AI score0.0026EPSS
Exploits0References10
ics
ics
added 2025/10/07 12:30 a.m.10 views

ABB B&R Automation Runtime

SUMMARY An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could take over a remote session or execute code in the context of...

6.1CVSS6AI score0.00251EPSS
Exploits0References10
ics
ics
added 2025/10/07 12:30 a.m.14 views

ABB EIBPORT

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. A firmware update is available that resolves these privately reported vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited these...

8.5CVSS5.8AI score0.00302EPSS
Exploits0References15
ics
ics
added 2025/10/02 5:0 a.m.5 views

Raise3D Pro2 Series 3D Printers**

RISK EVALUATION Successful exploitation of this vulnerability could result in data exfiltration and compromise of the target device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

8.6CVSS6.8AI score0.00406EPSS
Exploits0References11
ics
ics
added 2025/09/30 12:50 p.m.4 views

Hitachi Energy MACH GWS

SUMMARY Hitachi Energy is aware of these vulnerabilities that affect the MACH GWS product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability impacts. Please refer to the Recommended Immediate Actions...

6.7AI score
Exploits0References9
ics
ics
added 2025/09/30 9:2 a.m.5 views

Hitachi Energy MSM

SUMMARY Hitachi Energy is aware of open-source software vulnerabilities that affect MSM product versions listed below. If exploited, these vulnerabilities could result in XSS and DoS attacks, potentially causing confidentiality, integrity and availability impact to MSM. Please refer to the...

6.5AI score
Exploits0References9
ics
ics
added 2025/09/30 8:50 a.m.6 views

Hitachi Energy Asset Suite (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in the manipulation of content or the injection of data with the potential of carrying out further malicious attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

6CVSS6.7AI score0.00277EPSS
Exploits0References9
ics
ics
added 2025/09/30 6:0 a.m.6 views

National Instruments Circuit Design Suite

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption, potentially leading to information disclosure and execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.5CVSS7.4AI score0.00171EPSS
Exploits0References11
ics
ics
added 2025/09/30 6:0 a.m.7 views

Festo Controller CECC-S,-LK,-D Family Firmware (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash services, escalate privileges, bypass authentication, or gain unauthorized access to sensitive systems and data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

8.2AI score
Exploits0References10
ics
ics
added 2025/09/30 6:0 a.m.9 views

OpenPLC_V3

RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of service, making the PLC runtime process crash. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.1CVSS7.3AI score0.00199EPSS
Exploits0References11
ics
ics
added 2025/09/30 6:0 a.m.7 views

MegaSys Enterprises Telenium Online Web Application

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to inject arbitrary operating system commands through a crafted HTTP request, leading to remote code execution on the server in the security context of the web application service account. 2...

9.8CVSS8.2AI score0.01161EPSS
Exploits0References13
ics
ics
added 2025/09/30 5:0 a.m.6 views

LG Innotek Camera Multiple Models

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

8.8CVSS7.1AI score0.00578EPSS
Exploits0References11
ics
ics
added 2025/09/30 12:0 a.m.45 views

Microsoft Windows inconsistent driver blocking

RISK EVALUATION Microsoft Windows Defender Application Control WDAC and the Microsoft vulnerable driver blocklist do not adequately block known-vulnerable drivers. These unexpected behaviors can confuse users about whether or not driver blocking is working and which drivers are being blocked. 2...

7.4CVSS6.8AI score0.00222EPSS
Exploits0References1
ics
ics
added 2025/09/29 12:0 a.m.8 views

Medical Informatics Engineering Enterprise Health multiple vulnerabilities

RISK EVALUATION Medical Informatics Engineering Enterprise Health is an OEHR Occupational Electronic Health Record platform. Enterprise Health contains multiple vulnerabilities that could allow an attacker to inject executable content, obtain session tokens, and upload arbitrary files. 2...

7.2AI score
Exploits0References1
ics
ics
added 2025/09/25 6:0 a.m.6 views

Dingtian DT-R002

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve credentials without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.1AI score
Exploits0References11
ics
ics
added 2025/09/23 6:0 a.m.8 views

Mitsubishi Electric MELSEC-Q Series CPU Module

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial of service DoS. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

6.8CVSS6.9AI score0.00952EPSS
Exploits0References10
ics
ics
added 2025/09/23 6:0 a.m.4 views

AutomationDirect CLICK PLUS

RISK EVALUATION Successful exploitation of these vulnerabilities disclose sensitive information, modify device settings, escalate privileges, or cause a denial-of-service condition on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk...

6.7AI score
Exploits0References13
ics
ics
added 2025/09/23 6:0 a.m.6 views

Viessmann Vitogate 300

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify an intended OS command when it is sent to a downstream component, or allow an attacker to cause unexpected interactions between the client and server. 2. RECOMMENDED PRACTICES CISA recommends users...

7AI score
Exploits0References13
ics
ics
added 2025/09/22 2:6 p.m.5 views

Airship AI MFA bypass and default credentials vulnerabilities

RISK EVALUATION Airship AI Acropolis is used for video and data management. In versions before 11.1.9, 11.0.21, and 10.2.35, a remote unauthenticated attacker with valid credentials can brute force the MFA code and authenticate without an additional authentication method. Improperly configured...

7.7CVSS7.3AI score0.00303EPSS
Exploits0References1
ics
ics
added 2025/09/18 6:0 a.m.4 views

Westermo Network Technologies WeOS 5

RISK EVALUATION Successful exploitation of this vulnerability could cause the device to reboot. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...

5.9CVSS6.7AI score0.00302EPSS
Exploits0References10
ics
ics
added 2025/09/18 6:0 a.m.6 views

Dover Fueling Solutions ProGauge MagLink LX4 Devices

RISK EVALUATION Successful exploitation of these vulnerabilities could result in a remote attacker causing a denial-of-service condition or gaining administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

8.8CVSS7.2AI score0.00368EPSS
Exploits0References10
ics
ics
added 2025/09/18 6:0 a.m.17 views

Schneider Electric Saitel DR & Saitel DP Remote Terminal Unit

RISK EVALUATION Successful exploitation of these vulnerabilities could enable an attacker to execute arbitrary shell commands on the affected devices. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures...

5.8CVSS8.2AI score0.00537EPSS
Exploits0References10
ics
ics
added 2025/09/18 6:0 a.m.5 views

Cognex In-Sight Explorer and In-Sight Camera Firmware

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, steal credentials, modify files, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

6.9AI score
Exploits0References10
ics
ics
added 2025/09/18 6:0 a.m.5 views

Westermo Network Technologies WeOS 5

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative permissions to execute commands that would typically be inaccessible. This could allow the execution of commands with privileges beyond those normally granted to the attacker. 2. RECOMMENDED...

7.2AI score
Exploits0References10
ics
ics
added 2025/09/16 6:0 a.m.3 views

Siemens SIMATIC NET CP, SINEMA and SCALANCE

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service DoS condition in the affected devices by exploiting integer overflow bugs. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

7.7AI score
Exploits0References10
ics
ics
added 2025/09/16 6:0 a.m.4 views

Hitachi Energy RTU500 series

RISK EVALUATION Successful exploitation of these vulnerabilities could cause a Denial-of-Service condition in RTU500 devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure...

7.3AI score
Exploits0References10
ics
ics
added 2025/09/16 6:0 a.m.6 views

Delta Electronics DIALink

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for...

7.3CVSS6.8AI score0.13174EPSS
Exploits0References10
ics
ics
added 2025/09/16 12:30 a.m.15 views

ABB Terra AC Wallbox

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash...

5.8AI score
Exploits0References12
ics
ics
added 2025/09/16 12:0 a.m.11 views

CISA Thorium multiple vulnerabilities

RISK EVALUATION CISA Thorium is a framework used for malware analysis. Multiple vulnerabilities were reported in Thorium. Impacts include denial of service, authenticated arbitrary file read, and failure to expire previously issued user tokens. 2. RECOMMENDED PRACTICES These issues were...

6.5CVSS7.3AI score0.00461EPSS
Exploits0References1
ics
ics
added 2025/09/15 6:41 p.m.6 views

psPAS does not enforce TLS 1.2 within Get-PASSAMLResponse

RISK EVALUATION psPAS is a PowerShell module for the CyberArk API. psPAS does not explicitly enforce TLS 1.2 when using the 'Get-PASSAMLResponse' function. An unauthenticated attacker in a 'Man-in-the-Middle' position could manipulate the TLS handshake and downgrade TLS to a deprecated protocol...

3.1CVSS6.8AI score0.00221EPSS
Exploits0References1
ics
ics
added 2025/09/11 6:0 a.m.6 views

Daikin Europe N.V Security Gateway

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

9.8CVSS7AI score0.00607EPSS
Exploits1References10
ics
ics
added 2025/09/09 8:48 p.m.5 views

OPEXUS FOIAXpress Public Access Link (PAL) SQL injection

RISK EVALUATION Successful exploitation could allow a remote, unauthenticated attacker to read, write, or delete any content in the underlying database. 2. RECOMMENDED PRACTICES Upgrade to FOIAXpress PAL version 11.13.1.0. 3. DESCRIPTION OPEXUS FOIAXpress Public Access Link PAL before version...

9.8CVSS7.6AI score0.00616EPSS
Exploits0References1
ics
ics
added 2025/09/09 6:0 a.m.8 views

Rockwell Automation CompactLogix® 5480

RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

7CVSS7.3AI score0.00188EPSS
Exploits0References10
ics
ics
added 2025/09/09 6:0 a.m.6 views

Rockwell Automation Stratix IOS

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to run malicious configurations without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.6CVSS7.7AI score0.00605EPSS
Exploits0References10
ics
ics
added 2025/09/09 6:0 a.m.6 views

Rockwell Automation Analytics LogixAI

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

8.8CVSS6.5AI score0.00269EPSS
Exploits0References13
ics
ics
added 2025/09/09 6:0 a.m.9 views

Rockwell Automation FactoryTalk Optix

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker achieving remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

8.8CVSS7.5AI score0.00519EPSS
Exploits0References10
ics
ics
added 2025/09/09 6:0 a.m.8 views

Rockwell Automation 1783-NATR

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a memory corruption on the product. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...

7.5CVSS7.2AI score0.01475EPSS
Exploits0References10
ics
ics
added 2025/09/09 6:0 a.m.5 views

Rockwell Automation ControlLogix 5580

RISK EVALUATION Successful exploitation of this vulnerability could result in a major nonrecoverable fault on the controller. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for...

8.2CVSS6.8AI score0.00386EPSS
Exploits0References10
ics
ics
added 2025/09/09 6:0 a.m.8 views

Rockwell Automation FactoryTalk Activation Manager

RISK EVALUATION Successful exploitation of this vulnerability could result in in data exposure, session hijacking, or full communication compromise. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.7CVSS6.5AI score0.00341EPSS
Exploits0References10
ics
ics
added 2025/09/09 6:0 a.m.7 views

Rockwell Automation ThinManager

RISK EVALUATION Successful exploitation of this vulnerability could expose the ThinServer service account NTLM hash. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

8.8CVSS6.6AI score0.00431EPSS
Exploits0References10
ics
ics
added 2025/09/09 5:0 a.m.5 views

ABB Cylon Aspect BMS/BAS

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to assume control of the target device or perform a denial-of-service DoS attack. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying...

6.9AI score
Exploits0References10
ics
ics
added 2025/09/09 4:0 a.m.7 views

Schneider Electric Altivar Products, ATVdPAC Module, ILC992 InterLink Converter (Update B)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

5.3CVSS5.9AI score0.00399EPSS
Exploits0References11
ics
ics
added 2025/09/09 12:0 a.m.6 views

Siemens Industrial Edge Management

SUMMARY Industrial Edge Management is affected by a vulnerability that could allow a remote attacker to cause a denial of service condition. Siemens recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS As a general security...

7.5CVSS6.8AI score0.64718EPSS
Exploits1References10
Total number of security vulnerabilities4251