Stay connected

Trending News

Fuji Electric V-Server Lite
ICS, News, Vulnerabilities

Fuji Electric V-Server Lite 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for remote code execution on the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of V-Server…

Johnson Controls Sensormatic Electronics American Dynamics victor Web Client
ICS, News, Vulnerabilities

Johnson Controls Sensormatic Electronics American Dynamics victor Web Client 

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Sensormatic Electronics, LLC; a subsidiary of Johnson Controls Equipment: American Dynamics victor Web Client, Software House C•CURE Web Client Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker on the network to…

Paradox IP150
ICS, News, Vulnerabilities

Paradox IP150 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Paradox Equipment: IP150 Vulnerabilities: Stack-based Buffer Overflow, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code, which may result in the termination of the…

Real Time Automation EtherNet/IP
ICS, News, Vulnerabilities

Real Time Automation EtherNet/IP 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Real Time Automation (RTA) Equipment: 499ES EtherNet/IP (ENIP) Adaptor Source Code Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition, and a buffer overflow may allow remote…

Schneider Electric Interactive Graphical SCADA System (IGSS)
ICS, News, Vulnerabilities

Schneider Electric Interactive Graphical SCADA System (IGSS) 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Interactive Graphical SCADA System (IGSS) Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may result in remote…

Mitsubishi Electric MELSEC iQ-F FX5-OPC
ICS, News, Vulnerabilities

Mitsubishi Electric MELSEC iQ-R Series 

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition for the affected products. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Mitsubishi Electric reports the vulnerability affects…

OSIsoft PI Interface for OPC XML-DA
ICS, News, Vulnerabilities

OSIsoft PI Interface for OPC XML-DA 

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Interface Vulnerability: Numeric Errors 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker-controlled OPC XML-DA Server to respond with a crafted XML message and exploit the PI Interface for…

OSIsoft PI Vision
ICS, News, Vulnerabilities

OSIsoft PI Vision 

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Vision 2020 Vulnerabilities: Cross-site Scripting, Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow a remote attacker with write access to the PI ProcessBook files to inject code that…

Schneider Electric PLC Simulator for EcoStruxure Control Expert
ICS, News, Vulnerabilities

Schneider Electric PLC Simulator for EcoStruxure Control Expert 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: PLC Simulator for EcoStruxure Control Expert Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition, which could result in a…