Stay connected

Trending News

Mitsubishi Electric MELSEC iQ-F Series
ICS, News, Vulnerabilities

Mitsubishi Electric MELSEC iQ-F Series 

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F Series Vulnerability: Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device to enter a denial-of-service condition, and a reset of…

Host Engineering H2-ECOM100 Module
ICS, News, Vulnerabilities

Host Engineering H2-ECOM100 Module 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Host Engineering Equipment: ECOM100 Module Vulnerability: Improper Input Validation  2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a denial-of-service condition, forcing an operator to manually restart the device. 3. TECHNICAL DETAILS 3.1…

Multiple Embedded TCP/IP Stacks
ICS, News, Vulnerabilities

Multiple Embedded TCP/IP Stacks 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Multiple (open source) Equipment: uIP-Contiki-OS, uIP-Contiki-NG, uIP, open-iscsi, picoTCP-NG, picoTCP, FNET, Nut/Net Vulnerabilities: Infinite Loop, Integer Wraparound, Out-of-bounds Read, Integer Overflow, Out-of-bounds Write, Improper Input Validation, Improper Null Termination CISA is aware of a public…

Mitsubishi Electric GOT and Tension Controller
ICS, News, Vulnerabilities

Mitsubishi Electric GOT and Tension Controller 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Corporation Equipment: GOT and Tension Controller Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to cause deterioration of communication performance or cause a denial-of-service condition of the…

Edit withBrizy Save draft Preview Publish 33/100 Add title Schneider Electric Easergy T300
ICS, News, Vulnerabilities

Schneider Electric Easergy T300 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: Easergy T300 Vulnerability: Missing Authentication for Critical Function, Missing Authorization, Missing Encryption of Sensitive Data, Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker…

Siemens Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33)
ICS, News, Vulnerabilities

Siemens Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) 

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SENTRON PAC3200, SENTRON PAC4200, SIRIUS 3RW5 Vulnerability: Integer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products are affected:…

Siemens XHQ Operations Intelligence
ICS, News, Vulnerabilities

Siemens XHQ Operations Intelligence 

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: XHQ Operations Intelligence Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Cross-site Scripting, Basic XSS, SQL Injection, Relative Path Traversal, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could…

Siemens SICAM A8000 RTUs
ICS, News, Vulnerabilities

Siemens SICAM A8000 RTUs 

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM A8000 Remote Terminal Unit Series Vulnerability: Protection Mechanism Failure  2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized read or write access to network traffic to…

Siemens Products using TightVNC
ICS, News, Vulnerabilities

Siemens Products using TightVNC 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC ITC Industrial Thin Clients, SIMATIC WinCC Runtime Advanced/Professional, SIMATIC HMI Panels, SIPLUS extreme products Vulnerabilities: Heap-based Buffer Overflow, NULL Pointer Dereference, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities…