Stay connected

Trending News

Siemens SIPROTEC 4 and SIPROTEC Compact
News, Vulnerabilities

Siemens SIPROTEC 4 and SIPROTEC Compact 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerability: Improper Input Validation 2. RISK EVALUATION This vulnerability could allow an attacker to conduct a denial-of-service attack over the network. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the vulnerability…

Digi ConnectPort LTS 32 MEI
News, Vulnerabilities

Digi ConnectPort LTS 32 MEI 

1. EXECUTIVE SUMMARY CVSS v3 2.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Digi International Equipment: ConnectPort LTS 32 MEI Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could limit system availability. 3. TECHNICAL DETAILS…

Siemens SIMATIC Products
News, Vulnerabilities

Siemens SIMATIC Products (Update A) 

1. EXECUTIVE SUMMARY CVSS v3.1  3.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC CP 1626; HMI Panel (incl. SIPLUS variants); NET PC software; STEP 7 (TIA Portal); WinCC (TIA Portal); WinCC OA; WinCC Runtime (Pro and Advanced); TIM 1531 IRC (incl. SIPLUS variant) Vulnerability: Exposed Dangerous Method or Function…

Siemens Industrial Real-Time (IRT) Devices
News, Vulnerabilities

Siemens Industrial Real-Time (IRT) Devices (Update B) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Real-Time (IRT) Devices Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisor update titled ICSA-19-283-01 Siemens Industrial Real-Time (IRT) Devices (Update A) that was published…

Siemens PROFINET Devices
News, Vulnerabilities

Siemens PROFINET Devices (Update C) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-283-02 Siemens PROFINET Devices (Update B) that was published January 14, 2020, to…

Siemens Industrial Products
News, Vulnerabilities

Siemens Industrial Products (Update D) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-253-03 Siemens Industrial Products (Update B) that was published…

Siemens Industrial Products with OPC UA
News, Vulnerabilities

Siemens Industrial Products with OPC UA (Update E) 

1. EXECUTIVE SUMMARY CVSS v3.1  7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-03 Siemens Industrial Products with OPC…

AutomationDirect C-More Touch Panels
News, Vulnerabilities

AutomationDirect C-More Touch Panels 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AutomationDirect Equipment: C-More Touch Panels EA9 Series Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to get account information such as usernames and passwords, obscure or manipulate…

Detecting Citrix CVE-2019-19781
News, Vulnerabilities

Detecting Citrix CVE-2019-19781 

Summary Unknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.[1] Though mitigations were released on the same day Citrix announced CVE-2019-19781, organizations that did not appropriately apply the mitigations were likely…