Stay connected

Trending News

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks 
2 hours ago 4 min read  
Schneider Electric Security Notification Trio™ Licensed and License-free Data RadiosSchneider Electric Security Notification 
2 days ago 3 min read  
Schneider Electric Security Notification Easergy Studio Vulnerability 
2 days ago 3 min read  
B&R Automation RuntimeFTP uses unsecure encryption mechanismsCVE ID: CVE-2024-0323/2024-02-05 
3 days ago 6 min read  
AC500 V3Multiple DoS vulnerabilities – 2024-01-10 
3 days ago 8 min read  
Distributed Energy Resources Cybersecurity Outlook:Vulnerabilities, Attacks, Impacts, and Mitigations 
4 days ago 46 min read  
Rockwell Automation RSLinx Classic
ICS, News, Vulnerabilities

Rockwell Automation RSLinx Classic 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: RSLinx Classic Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local authenticated attacker to execute malicious code when opening RSLinx Classic. 3. TECHNICAL…

(I) IoT, 4 years ago 2 min read  
Advantech WebAccess/NMS
ICS, News, Vulnerabilities

Advantech WebAccess/NMS 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/NMS Vulnerabilities: Unrestricted Upload of File with Dangerous Type, SQL Injection, Relative Path Traversal, Missing Authentication for Critical Function, Improper Restriction of XML External Entity Reference, OS Command Injection 2. RISK EVALUATION Successful…

(I) IoT, 4 years ago 4 min read  
GE Digital CIMPLICITY
ICS, News, Vulnerabilities

GE Digital CIMPLICITY 

1. EXECUTIVE SUMMARY CVSS v3 6.0 ATTENTION: Low skill level to exploit Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an adversary to modify the systemwide CIMPLICITY configuration, leading to the arbitrary execution of code. 3. TECHNICAL DETAILS…

(I) IoT, 4 years ago 3 min read  
HMS Networks eWON Flexy and Cosy
ICS, News, Vulnerabilities

HMS Networks eWON Flexy and Cosy 

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely Vendor: HMS Networks Equipment: eWON Flexy and Cosy Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could initiate a password change. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following eWON products are affected: eWON Flexy: All firmware…

(I) IoT, 4 years ago 2 min read  
Fuji Electric V-Server Lite
ICS, News, Vulnerabilities

Fuji Electric V-Server Lite 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to gain elevated privileges for remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED…

(I) IoT, 4 years ago 2 min read  
B&R Automation Studio
ICS, News, Vulnerabilities

B&R Automation Studio 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Automation Equipment: Automation Studio Vulnerabilities: Improper Privilege Management, Missing Required Cryptographic Step, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to delete arbitrary files from this system, fetch…

(I) IoT, 4 years ago 4 min read  
KUKA.Sim Pro
ICS, News, Vulnerabilities

KUKA.Sim Pro 

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: KUKA Equipment: Sim Pro Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a loss of integrity in external 3D models…

(I) IoT, 4 years ago 2 min read  
Synergy Systems & Solutions HUSKY RTU
ICS, News, Vulnerabilities

Synergy Systems & Solutions HUSKY RTU (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Synergy Systems & Solutions (SSS) Equipment: HUSKY RTU ——— Begin Update A Part 1 of 3 ——— Vulnerabilities: Improper Authentication, Improper Input Validation, Missing Authentication for Critical Function, Improper Check for Unusual or Exceptional…

(I) IoT, 4 years ago 4 min read  
Mitsubishi Electric MELSEC
ICS, News, Vulnerabilities

Mitsubishi Electric MELSEC 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may render the device unresponsive. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of MELSEC programmable controllers with…

(I) IoT, 4 years ago 2 min read