1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials, Classic Buffer Overflow, Cleartext Transmission of Sensitive Information,…

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Industrial Automation GmbH Equipment: Automation Studio and Automation Runtime Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to modify the configuration of affected devices. 3. TECHNICAL…

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Diagnostics Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute arbitrary code with SYSTEM level privileges. 3. TECHNICAL DETAILS…

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Honeywell Equipment: INNCOM INNControl 3 Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate user privileges within the INNControl application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Emerson Equipment: OpenEnterprise SCADA Server Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA Server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of…