SIMATIC S7-300 CPUs and SINUMERIK Controller
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-300 CPUs and SINUMERIK Controller Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the…
Siemens SCALANCE W 1750D
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE W 1750D Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…
Siemens SIMATIC S7-300 and S7-400 CPUs (Update C)
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-300 and S7-400 CPUs Vulnerability: Insufficiently Protected Credentials 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-252-02 Siemens SIMATIC S7-300 and S7-400 CPUs (Update B) that was…
Siemens UMC Stack (Update D)
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: UMC Stack Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-196-05 Siemens UMC Stack (Update…
Mitsubishi Electric GT14 Model of GOT1000 Series
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: GT14 model of GOT1000 Series Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation, NULL Pointer Dereference, Improper Access Control, Argument Injection, Resource Management Errors 2. RISK…
WECON PLC Editor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Equipment: PLC Editor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application. 3. TECHNICAL DETAILS 3.1…
Mitsubishi Electric Factory Automation Engineering Products (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Low skill level to exploit Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Factory Automation Engineering products Vulnerability: Unquoted Search Path or Element 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products…
Mitsubishi Electric MELSEC iQ-R Series (Update B)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series Vulnerability: Resource Exhaustion 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-161-02 Mitsubishi Electric MELSEC iQ-R series (Update A) that was published June…
NEXCOM NIO50
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: NEXCOM Equipment: NIO 50 Vulnerabilities: Improper Input Validation, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to view sensitive information and cause a denial-of-service condition due…
WAGO Series 750-88x and 750-352
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: 750-88x and 750-352 Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the device being accessed using a denial-of-service attack. 3. TECHNICAL DETAILS 3.1…
Stay connected