Open Design Alliance Drawings SDK
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Open Design Alliance Equipment: Drawings SDK Vulnerabilities: Stack-based Buffer Overflow, Type Confusion, Untrusted Pointer Dereference, Incorrect Type Conversion or Cast, Memory Allocation with Excessive Size Value 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow…
Rockwell Automation Allen-Bradley Micrologix 1100
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley MicroLogix 1100 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability could result in denial-of-service conditions. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports…
GE Digital HMI/SCADA iFIX
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: GE Digital Equipment: HMI/SCADA iFIX Vulnerabilities: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate their privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following…
Siemens SINEMA Server & SINEC NMS
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Server, SINEC NMS Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution on an affected system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…
Siemens RUGGEDCOM ROX II
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: RUGGEDCOM ROX IIB Vulnerabilities: Improper Input Validation, NULL Pointer Dereference, Out-of-Bounds Write, Insufficient Verification of Data Authenticity, Improper Certificate Validation, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow the…
Siemens TIA Administrator
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: TIA Portal and PCS neo Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow local users to escalate privileges and execute code as a local SYSTEM user. 3. TECHNICAL…
Siemens SCALANCE W780 and W740
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE W780 and W740 Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1…
Siemens SIMARIS configuration
1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMARIS configuration Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain persistence or escalate privileges within the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…
SIMATIC WinCC Graphics Designer
1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and PCS 7 Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker unauthenticated access to protected files. 3. TECHNICAL…
Siemens DIGSI 4
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: DIGSI 4 Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low privileged attacker to execute arbitrary code with SYSTEM privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…
Stay connected