Hitachi Energy’s RTU500 Series Product
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash the device being accessed or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Hitachi Energy’s RTU500 Series Product, are affected: 3.2 Vulnerability…
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
SummaryCisco has provided an update regarding the ongoing investigation into the observed exploitation of the web UI feature in Cisco IOS XE Software. The initial fixed software releases are now available on the Cisco Software Download Center. Cisco will continue to update the advisory as…
Schneider Electric EcoStruxure Power Monitoring Expert
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation Products is affected: 3.2 Vulnerability Overview…
Schneider Electric IGSS
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution or loss of control of the SCADA system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports these vulnerabilities affect the following IGSS (Interactive Graphical SCADA System) products: 3.2…
Mitsubishi Electric MELSEC-Q Series PLCs (Update A)
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets to the device, causing Ethernet communication to stop. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following MELSEC-Q series PLCs are affected: 3.2 VULNERABILITY OVERVIEW…
Mitsubishi Electric FA Engineering Software
2. RISK ASSESSMENTExploiting this vulnerability successfully could enable a local attacker to execute code, potentially leading to information exposure, unauthorized data alterations, or triggering a denial-of-service (DoS) scenario. 3. TECHNICAL SPECIFICATIONS 3.1 IMPACTED PRODUCTSThe subsequent versions of Mitsubishi Electric’s FA Engineering Software Solutions are affected:…
Siemens Spectrum Power 7
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to inject arbitrary code to the update script and escalate privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: 3.2 Vulnerability Overview 3.2.1 Incorrect Permission…
Cisco Releases Security Advisories for Multiple Products
Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system or cause a denial-of service condition. CISA encourages users and administrators to review the following advisories and…
Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers
Security Assessment of Schneider Electric Products Summary of Findings: During a security assessment of Schneider Electric’s EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers, several vulnerabilities were discovered. These vulnerabilities involve improper checks for unusual or exceptional conditions and could potentially lead to unauthorized access,…
Hitachi Energy’s AFS65x, AFS67x, AFR67x and AFF66x Products
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or lead to a Denial-of-Service (DoS). 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Hitachi Energy’s AFS65x, AFS67x, AFR67x and AFF66x series products, are…
Stay connected