Stay connected

Trending News

Author: Maja Djordjevic

Eaton HMiSoft VU3
ICS, News, Vulnerabilities

Eaton HMiSoft VU3 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Eaton Equipment: HMiSoft VU3 (HMIVU3 runtime not impacted) Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed and may allow remote code execution or information…

Triangle MicroWorks DNP3 Outstation Libraries
ICS, News, Vulnerabilities

Triangle MicroWorks DNP3 Outstation Libraries 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Triangle MicroWorks Equipment: DNP3 Outstation Libraries Vulnerability: Stacked-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could possibly allow remote attackers to stop the execution of code on affected equipment. 3. TECHNICAL DETAILS…

Triangle MicroWorks SCADA Data Gateway
ICS, News, Vulnerabilities

Triangle MicroWorks SCADA Data Gateway 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Triangle MicroWorks Equipment: SCADA Data Gateway Vulnerabilities: Stacked-based Buffer Overflow, Out-of-Bounds Read, Type Confusion 2. RISK EVALUATION These vulnerabilities allow remote attackers to execute arbitrary code and disclose on affected installations…

Active Directory DCSync
News, White Papers

Active Directory DCSync 

INTRODUCTIONIn many environments Domain Controller and Active Directory are used to manage the network, users and computers. The organizations often need the existence of more than one Domain Controller for its Active Directory. For keeping an environment with more than one Domain Controller consistent, it…

Siemens climatix
ICS, News, Vulnerabilities

Siemens Climatix 

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Climatix Vulnerability: Cross-site Scripting, Basic XSS 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code to access confidential information without authentication. 3. TECHNICAL DETAILS 3.1…

Siemens IE/PB-Link, RUGGEDCOM, SCALANCE, SIMATIC, SINEMA
ICS, News, Vulnerabilities

Siemens IE/PB-Link, RUGGEDCOM, SCALANCE, SIMATIC, SINEMA 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: IE/PB-Link, RUGGEDCOM, SCALANCE, SIMATIC, SINEMA Vulnerabilities: Uncontrolled Resource Consumption, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote attackers to affect the availability of the devices under certain…

Siemens SCALANCE & SIMATIC
ICS, News, Vulnerabilities

Siemens SCALANCE & SIMATIC 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE, SIMATIC Vulnerability: Resource Exhaustion 2. RISK EVALUATION Successful exploitation of this vulnerability can result in a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SCALANCE are affected: SCALANCE…

Siemens KTK, SIDOOR, SIMATIC, and SINAMICS
ICS, News, Vulnerabilities

Siemens KTK, SIDOOR, SIMATIC, and SINAMICS 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: KTK, SIDOOR, SIMATIC, and SINAMICS Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could create a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are…