Stay connected

Trending News

Siemens SCALANCE X Switches
News, Vulnerabilities

Siemens SCALANCE X Switches 

1.Executive Sumary CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to violate access-control rules. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following…

Honeywell Maxpro VMS & NVR
News, Vulnerabilities

Honeywell Maxpro VMS & NVR 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: MAXPRO VMS & NVR Vulnerabilities: Deserialization of Untrusted Data, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in elevation of privileges, cause a denial-of-service condition, or allow unauthenticated…

Schneider Electric Modicon Controllers
News, Vulnerabilities

Schneider Electric Modicon Controllers 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 3….

Siemens SINAMICS PERFECT HARMONY GH180
News, Vulnerabilities

Siemens SINAMICS PERFECT HARMONY GH180 

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SINAMICS PERFECT HARMONY GH180 Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attacker with physical access to the affected device to restart the HMI with disabled…

Siemens TIA portal
News, Vulnerabilities

Siemens TIA Portal 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: TIA Portal Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code with SYSTEM privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

OSIsoft PI Vision
News, Vulnerabilities

OSIsoft PI Vision 

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft LLC Equipment: PI Vision Vulnerabilities: Improper Access Control, Cross-site Request Forgery (CSRF), Cross-site Scripting, Inclusion of Sensitive Information in Log Files 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow disclosure of sensitive…

Siemens EN100 Ethernet Module
News, Vulnerabilities

Siemens EN100 Ethernet Module (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Cross-site Scripting, Relative Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory…

Siemens Industrial Real-Time (IRT) Devices
News, Vulnerabilities

Siemens Industrial Real-Time (IRT) Devices (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Real-Time (IRT) Devices Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-283-01 Siemens Industrial Real-Time (IRT) Devices that was published October 10,…