Stay connected

Trending News

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks 
2 weeks ago 4 min read  
Schneider Electric Security Notification Trio™ Licensed and License-free Data RadiosSchneider Electric Security Notification 
2 weeks ago 3 min read  
Schneider Electric Security Notification Easergy Studio Vulnerability 
2 weeks ago 3 min read  
B&R Automation RuntimeFTP uses unsecure encryption mechanismsCVE ID: CVE-2024-0323/2024-02-05 
2 weeks ago 6 min read  
AC500 V3Multiple DoS vulnerabilities – 2024-01-10 
2 weeks ago 8 min read  
Distributed Energy Resources Cybersecurity Outlook:Vulnerabilities, Attacks, Impacts, and Mitigations 
2 weeks ago 46 min read  
Critical vulnerabiliities, Industrial IoT (IIoT), Market, News, Recommendations, Standards, Uncategorized...

CISCO Identity Services Engine Unauthorized File Access Vulnerability 

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device.This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending…

IoT, 2 years ago 4 min read  
Critical vulnerabiliities, News, Recommendations

Siemens LOGO! 8 BM Devices  

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: LOGO! 8 BM Devices Vulnerabilities: Buffer Copy without Checking Size of Input; Improper Input Validation; Improper Validation of Specified Index, Position, or Offset in Input. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could…

IoT, 2 years ago 3 min read  
Critical vulnerabiliities, Cyber Security, News, Recommendations, Security Patches, Vulnerabilities

Cisco Releases Security Updates for Multiple Products 

Cisco has released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page. Reporting or Obtaining Support for a Suspected Security…

IoT, 2 years ago 19 min read  
Critical vulnerabiliities, Market, News, Recommendations, Vulnerabilities

Hitachi Energy AFF660/665 Series 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Hitachi Energy Equipment: AFF660/665 Firewall Vulnerability: Stack-based Buffer Overflow  2. RISK EVALUATION Successful exploitation of this vulnerability could overflow a buffer on the device and fully compromise it.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

IoT, 2 years ago 2 min read  
Critical vulnerabiliities, Industrial IoT (IIoT), IoT Security, Market, News, Recommendations

Siemens SINEC INS 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/Low attack complexity  Vendor: Siemens Equipment: SINEC INS Vulnerabilities: Improper Input Validation, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Command Injection, Inadequate Encryption Strength, Missing Encryption of Sensitive Data, Improper Restriction of Operations Within the Bounds of a Memory Buffer, Exposure…

IoT, 2 years ago 6 min read  
Critical vulnerabiliities, Market, News, Recommendations, Uncategorized, Vulnerabilities

Delta Industrial Automation DIAEnergie 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Delta Industrial Automation Equipment: DIAEnergie Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Delta Industrial Automation reports the following versions…

IoT, 2 years ago 2 min read  
Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Delta Electronics DOPSoft 2 (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft 2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Heap-based Buffer Overflow 2. UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-252-02 Delta Electronics DOPSoft 2 that was published September 9,…

IoT, 2 years ago 3 min read  
Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Mitsubishi Electric Multiple Factory Automation Products (Update B) 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the…

IoT, 2 years ago 3 min read  
Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Hitachi Energy MSM Product 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MSM Product Vulnerability: Reliance on Uncontrolled Component 2. RISK EVALUATION Successful exploitation of this vulnerability could disrupt the functionality of the MSM web interface, steal sensitive user credentials, or cause a denial-of-service condition. 3….

IoT, 2 years ago 2 min read  
Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Schneider Electric  Equipment: EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70  Vulnerabilities: Heap-based Buffer Overflow, Wrap or Wraparound, Classic Buffer Overflow, Out-of-bounds Write  2. RISK EVALUATION The successful exploitation of these vulnerabilities on the affected products could…

IoT, 2 years ago 8 min read