Stay connected

Trending News

Category: ICS

Philips IntelliBridge Enterprise IBE
ICS, News, Vulnerabilities

Philips IntelliBridge Enterprise IBE 

1. EXECUTIVE SUMMARY CVSS v3 2.0 Vendor: Philips Equipment: IntelliBridge Enterprise (IBE) Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access credentials to the hospital’s clinical information systems (EMR). 3. TECHNICAL DETAILS…

OSIsoft PI Web API 2019
ICS, News, Vulnerabilities

OSIsoft PI Web API 2019 

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: OSIsoft Equipment: PI Web API 2019 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote authenticated attacker with write access to a PI Server to trick a user into interacting with a PI…

Rockwell Automation FactoryTalk Linx Software
ICS, News, Vulnerabilities

Rockwell Automation FactoryTalk Linx Software 

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Linx Software Vulnerabilities: Improper Input Validation, Path Traversal, Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service…

Siemens LOGO!
ICS, News, Vulnerabilities

Siemens LOGO! 

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and modify device configurations and obtain project files from affected devices. 3….

Siemens SINUMERIK
ICS, News, Vulnerabilities

Siemens SINUMERIK 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINUMERIK Vulnerabilities: Buffer Underflow, Heap-based Buffer Overflow, Improper Initialization, Out-of-bounds Read, Stack-based Buffer Overflow, Access of Memory Location After End of Buffer, Off-by-one Error, Improper Null Termination, Improper Initialization 2. RISK EVALUATION Successful…

OSIsoft PI System
ICS, News, Vulnerabilities

OSIsoft PI System (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI System Vulnerabilities: Uncontrolled Search Path Element, Improper Verification of Cryptographic Signature, Incorrect Default Permissions, Uncaught Exception, Null Pointer Dereference, Improper Input Validation, Cross-site Scripting, Insertion of Sensitive Information into Log File 2….

Siemens Industrial Products
ICS, News, Vulnerabilities

Siemens Industrial Products (Update G) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Products ——— Begin Update G Part 1 of 4 ——— Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption ——— End Update G…

Siemens SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM
ICS, News, Vulnerabilities

Siemens SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update H) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM Vulnerability: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-06 Siemens SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update G)…