Stay connected

Trending News

News, Vulnerabilities

Delta Industrial Automation DOPSoft 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Electronics Equipment: Delta Industrial Automation DOPSoft Vulnerabilities: Out-of-bounds read, Use after free 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, or crash of the application. 3. TECHNICAL…

News, Vulnerabilities

Fuji Electric Alpha5 Smart Loader 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: Alpha5 Smart Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application. 3. TECHNICAL DETAILS 3.1 AFFECTED…

News, Vulnerabilities

Siemens SINAMICS 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINAMICS Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to perform a denial-of-service attack. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the vulnerability affects…

News, Vulnerabilities

Johnson Controls Metasys 

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: Metasys Vulnerabilities: Reusing a Nonce, Key Pair in Encryption; Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of these vulnerabilities could be leveraged by an attacker to decrypt captured network traffic. 3. TECHNICAL DETAILS…

News, Vulnerabilities

Siemens SCALANCE X Switches 

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE X switches Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SCALANCE X switches…

News, Vulnerabilities

Siemens SIMATIC WinCC and PCS7 (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS7 Vulnerability: Unrestricted Upload of File with Dangerous Type 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory titled ICSA-19-192-02 Siemens SIMATIC WinCC and PCS7 that…

News, Vulnerabilities

Siemens Spectrum Power (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power Vulnerability: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-190-04 Siemens Spectrum Power that was published July 9, 2019, on the ICS webpage…

News, Vulnerabilities

Siemens SIPROTEC 5 and DIGSI 5 (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPROTEC 5 and DIGSI 5 Vulnerabilities: Improper Input Validation 2    UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-190-05 Siemens SIPROTEC 5 and DIGSI 5 that was published July…

News, Vulnerabilities

Siemens SIMATIC PCS7, WinCC, TIA Portal (Update B) 

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC PCS7, WinCC Runtime Professional, WinCC (TIA Portal) Vulnerabilities: SQL Injection, Uncaught Exception, Exposed Dangerous Method 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-134-08 Siemens SIMATIC…