Capsule Technologies SmartLinx Neuron 2
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Capsule Technologies Equipment: SmartLinx Neuron 2 Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability could provide an attacker with full control of a trusted device on a hospital’s internal…
Advantech iView
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: iView Vulnerabilities: SQL Injection, Path Traversal, Command Injection, Improper Input Validation, Missing Authentication for Critical Function, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read/modify…
Moxa EDR-G902 and EDR-G903 Series Routers
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDR-G902 and EDR-G903 Series Routers Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution. 3….
Siemens SICAM MMU, SICAM T, and SICAM SGU
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SICAM MMU, SICAM T and SICAM SGU Vulnerabilities: Out-of-bounds Read, Missing Authentication for Critical Function, Missing Encryption of Sensitive Data, Use of Password Hash with Insufficient Computational Effort, Cross-site Scripting, Classic Buffer Overflow,…
Siemens SIMATIC HMI Panels
1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC HMI Panels Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information under certain circumstances. 3. TECHNICAL DETAILS 3.1 AFFECTED…
Siemens UMC Stack
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: UMC Stack Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a partial denial-of-service condition on…
Siemens SIMATIC S7-200 SMART CPU Family
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-200 SMART CPU family Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…
Siemens Opcenter Execution Core
1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Opcenter Execution Core Vulnerabilities: Cross-site Scripting, SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to obtain session cookies, read and modify application data, read…
Siemens LOGO! Web Server
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Web Server Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of LOGO! Web Server…
Baxter PrismaFlex and PrisMax (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: PrismaFlex and PrisMax Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Authentication, Use of Hard-Coded Password 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-170-02 Baxter PrismaFlex and…
Stay connected