Stay connected

Trending News

Author: Maja Djordjevic

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software
ICS, News, Vulnerabilities

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 Controllers, MicroLogix 1100 Controllers, and RSLogix 500 Software Vulnerabilities: Use of Hard-coded Cryptographic Key, Use of a Broken or Risky Algorithm for Password Protection, Use of Client-Side Authentication, Cleartext Storage…

Siemens PROFINET-IO Stack
ICS, News, Vulnerabilities

Siemens PROFINET-IO Stack (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Siemens PROFINET-IO Stack Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-042-04 Siemens PROFINET-IO Stack that was published February 11, 2020, to the…

Siemens SIMATIC S7
ICS, News, Vulnerabilities

Siemens SIMATIC S7 (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7 Vulnerability: Uncontrolled Resource Consumption (Resource Exhaustion) 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-042-05 Siemens SIMATIC S7 that was published February 11, 2020, on…

Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC
ICS, News, Vulnerabilities

Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC PCS 7, SIMATIC WinCC, SIMATIC NET PC Vulnerability: Incorrect Calculation of Buffer Size 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-042-06 ICSA-20-042-06 Siemens SIMATIC PCS…

Siemens SIMATIC S7-1500
ICS, News, Vulnerabilities

Siemens SIMATIC S7-1500 (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1500 CPU family Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-042-11 Siemens SIMATIC S7-1500 that was published February 11, 2020, to the ICS webpage on us-cert.gov….

Siemens SIMATIC Products
ICS, News, Vulnerabilities

Siemens SIMATIC Products (Update B) 

1. EXECUTIVE SUMMARY CVSS v3.1  3.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC CP 1626; HMI Panel (incl. SIPLUS variants); NET PC software; STEP 7 (TIA Portal); WinCC (TIA Portal); WinCC OA; WinCC Runtime (Pro and Advanced); TIM 1531 IRC (incl. SIPLUS variant) Vulnerability: Exposed Dangerous Method or Function…

Siemens Industrial Real-Time (IRT) Devices
ICS, News, Vulnerabilities

Siemens Industrial Real-Time (IRT) Devices (Update C) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Real-Time (IRT) Devices Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-283-01 Siemens Industrial Real-Time (IRT) Devices (Update B) that was published…

Siemens PROFINET Devices
ICS, News, Vulnerabilities

Siemens PROFINET Devices (Update D) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-283-02 Siemens PROFINET Devices (Update C) that was published February 11, 2020, to…

Siemens Industrial Products with OPC UA
ICS, News, Vulnerabilities

Siemens Industrial Products with OPC UA (Update F) 

1. EXECUTIVE SUMMARY CVSS v3.1  7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-03 Siemens Industrial Products with OPC…