Panasonic FPWIN Pro
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Panasonic Equipment: FPWIN Pro Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an out-of-bounds read, which may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…
GE Reason RT43X Clocks
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Reason RT43X Clocks Vulnerabilities: Code Injection, Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary code on the system or…
Red Lion Crimson 3.1
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Equipment: Crimson 3.1 Vulnerabilities: NULL Pointer Dereference, Missing Authentication for Critical Function, Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service…
Delta Electronics DOPSoft
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: DOPSoft Vulnerabilities: Out-of-bounds Write, Untrusted Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of DOPSoft, a software…
Delta Electronics CNCSoft ScreenEditor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of CNCSoft ScreenEditor are affected: CNCSoft…
PTC Kepware KEPServerEX (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PTC Equipment: Kepware KEPServerEX Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-352-02 PTC Kepware KEPServerEX that was published…
ARC Informatique PcVue (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ARC Informatique Equipment: PcVue Vulnerabilities: Deserialization of Untrusted Data, Access to Critical Private Variable via Public Method, Information Exposure of Sensitive Information to an Unauthorized Actor 2. UPDATE INFORMATION This updated advisory is a follow-up…
Johnson Controls Sensormatic Electronics American Dynamics victor Web Client and Software House C•CURE Web Client (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: American Dynamics victor Web Client Vulnerability: Improper Authorization 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-282-01…
Yokogawa CENTUM (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: CENTUM Vulnerabilities: Improper Authentication, Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-224-01 Yokogawa CENTUM that was published August 11, 2020, on the ICS webpage…
Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products Vulnerability: Permission Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-212-02 Mitsubishi Electric Multiple Factory Automation Engineering Software Products that was…
Stay connected