Stay connected

Trending News

News, Vulnerabilities

IDenticard PremiSys 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/vulnerability details have been publicly disclosed Vendor: IDenticard Equipment: PremiSys Vulnerabilities: Use of Hard-coded Credentials, Use of Hard-coded Password, Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to view sensitive…

News, Vulnerabilities

Schneider Electric EVLink Parking 

EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: EVLink Parking Vulnerabilities: Use of Hard-coded Credentials, Code Injection, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to stop the device and prevent charging, execute arbitrary commands,…

News, Vulnerabilities

AVEVA Wonderware System Platform 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: AVEVA Equipment: Wonderware System Platform Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION This vulnerability could allow unauthorized access to the credentials for the ArchestrA Network User Account. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

News, Vulnerabilities

Mitsubishi Electric MELSEC-Q Series PLCs 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC-Q series PLCs Vulnerability: Resource Exhaustion 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets to the device, causing Ethernet communication to stop….

News, Vulnerabilities

Yokogawa License Manager Service 

1. EXECUTIVE SUMMARY CVSS v8.1 ATTENTION: Exploitable remotely Vendor: Yokogawa Equipment: License Manager Service Vulnerability: Unrestricted Upload of Files with Dangerous Type 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely upload files, allowing execution of arbitrary code. 3. TECHNICAL…

News, Vulnerabilities

BD FACSLyric 

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company (BD) Equipment: FACSLyric Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to gain unauthorized access to administrative level privileges on a workstation, which could…

News, Vulnerabilities

Stryker Medical Beds 

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Public exploits are available Vendor: Stryker Equipment: Secure II MedSurg Bed, S3 MedSurg Bed, and InTouch ICU Bed Vulnerability: Reusing a Nonce 2. RISK EVALUATION Successful exploitation of this vulnerability could allow data traffic manipulation, resulting in partial disclosure of encrypted communication…

News, Vulnerabilities

PHOENIX CONTACT FL SWITCH 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PHOENIX CONTACT Equipment: FL SWITCH Vulnerabilities: Cross-site Request Forgery, Improper Restriction of Excessive Authentication Attempts, Cleartext Transmission of Sensitive Information, Resource Exhaustion, Incorrectly Specified Destination in a Communication Channel, Insecure Storage of Sensitive Information, and…

News, Vulnerabilities

Advantech WebAccess/SCADA 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Improper Authentication, Authentication Bypass, SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to access and manipulate sensitive data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…