Schneider Electric Security Notification-Vijeo Designer
10 September 2024OverviewSchneider Electric is aware of a vulnerability in its Vijeo Designer product. The Vijeo Designer product is HMI Configuration Software compatible with Harmony and Magelis HMI. Vijeo Designer software offers functions such as multimedia capabilities and remote access for more efficiency.Failure to apply…
ABB Relion 630 Series Protection RelaysIEC 61850 MMS and improper Input Validation Vulnerabilities
NoticeThe information in this document is subject to change without notice, and should not be construed as a commitment by ABB.ABB provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and…
IDEC CORPORATION WindLDR and WindO/I-NV4
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of WindLDR and WindO/I-NV4 are affected: 3.2 Vulnerability Overview 3.2.1 CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312 The affected…
Rockwell Automation RSLogix 5 and RSLogix 500
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation RSLogix 5 and RSLogix 500, a programming software, are affected: 3.2 Vulnerability Overview…
Viessmann Climate Solutions SE Vitogate 300
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Viessmann Climate Solutions SE Vitogate 300, a solution to connecting boilers and heat pumps to…
Cisco Smart Licensing Utility Vulnerabilities
Summary Multiple vulnerabilities in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to collect sensitive information or administer Cisco Smart Licensing Utility services on a system while the software is running. Cisco has released software updates that address these vulnerabilities. There are no…
AVEVA Historian Web Server
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to get read and write access to the database. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AVEVA Historian Server, a Process database, are affected: 3.2 Vulnerability…
Siemens INTRALOG WMS
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation could allow an unauthenticated attacker located in the INTRALOG WMS network to decrypt and modify client-server communication, or potentially execute arbitrary code on the application servers. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Siemens…
Siemens SCALANCE M-800, RUGGEDCOM RM1224
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated attacker to execute arbitrary code, escalate privilege, forge 2FA tokens of other users, or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are…
Delta Electronics DIAScreen
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a stack-based buffer overflow, resulting in execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Delta Electronics DIAScreen visualization software are affected: 3.2…
Stay connected