Stay connected

Trending News

Category: ICS

Innokas Yhtymä Oy Vital Signs Monitor
ICS, News, Vulnerabilities

Innokas Yhtymä Oy Vital Signs Monitor 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Innokas Yhtymä Oy Equipment: Vital Signs Monitor VC150 Vulnerabilities: Cross-site Scripting, Improper Neutralization of Special Elements in Output Used by a Downstream Component 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker…

Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer
ICS, News, Vulnerabilities

Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer 

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: FOX615 Multiservice-Multiplexer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker remote access to the device without authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS…

Omron CX-One
ICS, News, Vulnerabilities

Omron CX-One 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-One Vulnerabilities: Untrusted Pointer Dereference, Stack-based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. In addition, a buffer overflow condition may allow remote code…

Eaton EASYsoft
ICS, News, Vulnerabilities

Eaton EASYsoft (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 5.8 Vendor: Eaton Equipment: EASYsoft Vulnerabilities: Type Confusion, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-007-03 Eaton EASYsoft that was published January 7, 2021, to the ICS webpage on us-cert.cisa.gov. 3. RISK EVALUATION Successful…

Delta Electronics CNCSoft-B
ICS, News, Vulnerabilities

Delta Electronics CNCSoft-B 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics  Equipment: CNCSoft-B Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Untrusted Pointer Dereference, Type Confusion  2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following…

Schneider Electric Web Server on Modicon M340
ICS, News, Vulnerabilities

Schneider Electric Web Server on Modicon M340 

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow write access and…

Panasonic FPWIN Pro
ICS, News, Vulnerabilities

Panasonic FPWIN Pro 

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Panasonic Equipment: FPWIN Pro Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an out-of-bounds read, which may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

GE Reason RT43X Clocks
ICS, News, Vulnerabilities

GE Reason RT43X Clocks 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Reason RT43X Clocks Vulnerabilities: Code Injection, Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary code on the system or…

Red Lion Crimson 3.1
ICS, News, Vulnerabilities

Red Lion Crimson 3.1 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: Crimson 3.1 Vulnerabilities: NULL Pointer Dereference, Missing Authentication for Critical Function, Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service…

Delta Electronics DOPSoft
Hacks, ICS, Vulnerabilities

Delta Electronics DOPSoft 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: DOPSoft Vulnerabilities: Out-of-bounds Write, Untrusted Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of DOPSoft, a software…