Stay connected

Trending News

Siemens SCALANCE & SIMATIC
ICS, News, Vulnerabilities

Siemens SCALANCE & SIMATIC (Update D) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE, SIMATIC Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-105-07 Siemens SCALANCE & SIMATIC (Update C) that was published September 8, 2020, to…

Siemens TIA Portal
ICS, News, Vulnerabilities

Siemens TIA Portal (Update B) 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: TIA Portal Vulnerability: Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-014-05 Siemens TIA Portal (Update A) that was published April 14, 2020, to the ICS…

Siemens PROFINET Devices
ICS, News, Vulnerabilities

Siemens PROFINET Devices (Update I) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-283-02 Siemens PROFINET Devices (Update H) that was published September 8, 2020, to…

Innokas Yhtymä Oy Vital Signs Monitor
ICS, News, Vulnerabilities

Innokas Yhtymä Oy Vital Signs Monitor 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Innokas Yhtymä Oy Equipment: Vital Signs Monitor VC150 Vulnerabilities: Cross-site Scripting, Improper Neutralization of Special Elements in Output Used by a Downstream Component 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker…

Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer
ICS, News, Vulnerabilities

Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer 

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Hitachi ABB Power Grids Equipment: FOX615 Multiservice-Multiplexer Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker remote access to the device without authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS…

Omron CX-One
ICS, News, Vulnerabilities

Omron CX-One 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-One Vulnerabilities: Untrusted Pointer Dereference, Stack-based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. In addition, a buffer overflow condition may allow remote code…

Eaton EASYsoft
ICS, News, Vulnerabilities

Eaton EASYsoft (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 5.8 Vendor: Eaton Equipment: EASYsoft Vulnerabilities: Type Confusion, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-007-03 Eaton EASYsoft that was published January 7, 2021, to the ICS webpage on us-cert.cisa.gov. 3. RISK EVALUATION Successful…

Delta Electronics CNCSoft-B
ICS, News, Vulnerabilities

Delta Electronics CNCSoft-B 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics  Equipment: CNCSoft-B Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Untrusted Pointer Dereference, Type Confusion  2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following…

Schneider Electric Web Server on Modicon M340
ICS, News, Vulnerabilities

Schneider Electric Web Server on Modicon M340 

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow write access and…