Stay connected

Trending News

Softing Industrial Automation OPC
ICS, News, Vulnerabilities

Softing Industrial Automation OPC 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Softing Industrial Automation, GmbH Equipment: OPC Vulnerabilities: Heap-based Buffer Overflow, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. A buffer-overflow condition may also allow remote code…

HMS Industrial Networks eCatcher
ICS, News, Vulnerabilities

HMS Industrial Networks eCatcher 

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: HMS Industrial Networks AB Equipment: eCatcher Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed. In addition, a buffer overflow condition may allow remote code execution…

Delta Industrial Automation DOPSoft
ICS, News, Vulnerabilities

Delta Industrial Automation DOPSoft 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: Delta Industrial Automation DOPSoft Vulnerabilities: Out-of-bounds Read, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-182-01 Delta Industrial Automation DOPSoft that was published June…

Schneider Electric Triconex TriStation and Tricon Communication Module
ICS, News, Vulnerabilities

Schneider Electric Triconex TriStation and Tricon Communication Module 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Triconex TriStation and Triconex Tricon Communication Module Vulnerabilities: Cleartext Transmission of Sensitive Information, Uncontrolled Resource Consumption, Hidden Functionality, Improper Access Control 2. RISK EVALUATION Successful exploitation of these…

Treck TCP/IP Stack
ICS, News, Vulnerabilities

Treck TCP/IP Stack (Update F) 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely Vendor: Treck Inc. Equipment: TCP/IP Vulnerabilities: Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or Wraparound, Improper Null Termination, Improper Access Control CISA is aware of a public report, known as “Ripple20” that…

Capsule Technologies SmartLinx Neuron 2
ICS, News, Vulnerabilities

Capsule Technologies SmartLinx Neuron 2 

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Capsule Technologies Equipment: SmartLinx Neuron 2 Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability could provide an attacker with full control of a trusted device on a hospital’s internal…

Advantech iView
ICS, News, Vulnerabilities

Advantech iView 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Path Traversal, Command Injection, Improper Input Validation, Missing Authentication for Critical Function, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read/modify…

Moxa EDR-G902 and EDR-G903 Series Routers
ICS, News, Vulnerabilities

Moxa EDR-G902 and EDR-G903 Series Routers 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDR-G902 and EDR-G903 Series Routers Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution. 3….

Siemens SICAM MMU, SICAM T, and SICAM SGU
ICS, News, Vulnerabilities

Siemens SICAM MMU, SICAM T, and SICAM SGU 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM MMU, SICAM T and SICAM SGU Vulnerabilities: Out-of-bounds Read, Missing Authentication for Critical Function, Missing Encryption of Sensitive Data, Use of Password Hash with Insufficient Computational Effort, Cross-site Scripting, Classic Buffer Overflow,…

Siemens SIMATIC HMI Panels
ICS, News, Vulnerabilities

Siemens SIMATIC HMI Panels 

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC HMI Panels Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information under certain circumstances. 3. TECHNICAL DETAILS 3.1 AFFECTED…