Stay connected

Trending News

Siemens Industrial Real-Time (IRT) Devices
ICS, News, Vulnerabilities

Siemens Industrial Real-Time (IRT) Devices (Update C) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Real-Time (IRT) Devices Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-283-01 Siemens Industrial Real-Time (IRT) Devices (Update B) that was published…

Siemens PROFINET Devices
ICS, News, Vulnerabilities

Siemens PROFINET Devices (Update D) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-283-02 Siemens PROFINET Devices (Update C) that was published February 11, 2020, to…

Siemens Industrial Products with OPC UA
ICS, News, Vulnerabilities

Siemens Industrial Products with OPC UA (Update F) 

1. EXECUTIVE SUMMARY CVSS v3.1  7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-03 Siemens Industrial Products with OPC…

Siemens Industrial Products with OPC UA
ICS, News, Vulnerabilities

Siemens Industrial Products with OPC UA (Update F) 

1. EXECUTIVE SUMMARY CVSS v3.1  7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-03 Siemens Industrial Products with OPC…

SIMATIC S7-300 and SIMATIC S7-400
ICS, News, Vulnerabilities

Siemens S7-300/400 PLC Vulnerabilities (Update E) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-300 and SIMATIC S7-400 Vulnerabilities: Information Exposure, Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-16-348-05 SIEMENS S7-300/400 PLC Vulnerabilities (Update D) that…

Emerson ValveLink
ICS, News, Vulnerabilities

Emerson ValveLink 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: ValveLink Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ValveLink digital valve controller software are…

PHOENIX CONTACT Emalytics Controller ILC
ICS, News, Vulnerabilities

PHOENIX CONTACT Emalytics Controller ILC 

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Phoenix Contact Equipment: Emalytics Controller ILC 2050 BI(L) Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to change the device configuration and start or…

Omron PLC CJ Series
ICS, News, Vulnerabilities

Omron PLC CJ Series 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Omron Equipment: PLC CJ Series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

Moxa AWK-3131A Series
ICS, News, Vulnerabilities

Moxa AWK-3131A Series Industrial AP/Bridge/Client 

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low skill level is needed to exploit/public exploits are available Vendor: Moxa Equipment: Moxa AWK-3131A Vulnerabilities: Improper Access Control, Use of Hard-coded Cryptographic Key, OS Command Injection, Use of Hard-coded Credentials, Classic Buffer Overflow, Out-of-bounds Read, Stack-based Buffer Overflow, Improper Access…