Emerson OpenEnterprise
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Emerson Equipment: OpenEnterprise SCADA Server Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA Server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of…
Interpeak IPnet TCP/IP Stack (Update C)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by Wind River Vulnerabilities: Stack-based Buffer…
Schneider Electric Modicon Ethernet Serial RTU
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon BMXNOR0200H Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote code execution or cause a denial-of-service condition. 3….
Siemens SIMATIC CP 1543-1
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC CP 1543-1 Vulnerabilities: Improper Access Control, Loop with Unreachable Exit Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for remote code execution and information disclosure without authentication, or unauthenticated…
Siemens PROFINET-IO Stack
. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Siemens PROFINET-IO Stack Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Products that include the Siemens PROFINET-IO…
Siemens SIMATIC S7
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7 Vulnerability: Uncontrolled Resource Consumption (Resource Exhaustion) 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to perform a denial-of-service attack by sending a specially crafted HTTP request to…
Siemens SCALANCE X Switches
1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE X switches Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform administrative actions. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of…
Siemens SIPORT MP
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPORT MP Vulnerability: Insufficient logging 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the attacker to create special accounts with administrative privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS SIPORT MP: All…
Siemens SCALANCE S-600
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE S-600 Firewall Vulnerabilities: Resource Exhaustion, Cross-site Scripting 2. RISK EVALUATION These vulnerabilities could allow a remote attacker to conduct denial-of-service or cross-site scripting attacks. User interaction is required for a successful exploitation of the cross-site-scripting attack….
Siemens SIMATIC S7-1500
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1500 CPU family Vulnerability: Resource exhaustion 2. RISK EVALUATION This vulnerability could allow a remote attacker to conduct denial-of-service attacks. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SIMATIC are affected: SIMATIC ET 200SP…
Stay connected