Stay connected

Trending News

Critical vulnerabiliities, ICS, IoT Security, Market, News

Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers 

Security Assessment of Schneider Electric Products Summary of Findings: During a security assessment of Schneider Electric’s EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers, several vulnerabilities were discovered. These vulnerabilities involve improper checks for unusual or exceptional conditions and could potentially lead to unauthorized access,…

Critical vulnerabiliities, IoT Security, Market, News

Hitachi Energy MSM 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain user access credentials of the MSM web interface or cause a denial-of-service condition.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected:  3.2 VULNERABILITY…

Market, News, Recommendations

Dataprobe iBoot-PDU (Update A) 

1. EXECUTIVE SUMMARY 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-263-03 Dataprobe iBoot-PDU that was published September 20, 2022, on the ICS webpage on cisa.gov/ICS.  3. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to…

Critical vulnerabiliities, Exploit, ICS, IoT Security, Market, News

Industrial Control Links ScadaFlex II SCADA Controllers 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to overwrite, delete, or create files.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Industrial Control Links ScadaFlex II SCADA Controllers are affected:  3.2 VULNERABILITY OVERVIEW 3.2.1 EXTERNAL…

ICS, Industrial IoT (IIoT), Market, News

Siemens RADIUS Client of SIPROTEC 5 Devices 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Siemens ProductCERT  Equipment: RADIUS client of SIPROTEC 5 devices  Vulnerability: Loop with Unreachable Exit Condition (‘Infinite Loop’)  2. RISK EVALUATION The RADIUS client implementation of the VxWorks platform in SIPROTEC 5 devices contains a denial-of-service vulnerability that…

Critical vulnerabiliities, Cyber Security, Exploit, ICS, Market, News

Cisco Releases Security Advisory for IOS XR Software 

Cisco has released a security advisory for a vulnerability affecting IOS XR Software for ASR 9000 Series Routers. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.  CISA encourages users and administrators to…