Stay connected

Trending News

OSIsoft PI Vision
News, Vulnerabilities

OSIsoft PI Vision 

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft LLC Equipment: PI Vision Vulnerabilities: Improper Access Control, Cross-site Request Forgery (CSRF), Cross-site Scripting, Inclusion of Sensitive Information in Log Files 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow disclosure of sensitive…

Siemens EN100 Ethernet Module
News, Vulnerabilities

Siemens EN100 Ethernet Module (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Cross-site Scripting, Relative Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory…

Siemens Industrial Real-Time (IRT) Devices
News, Vulnerabilities

Siemens Industrial Real-Time (IRT) Devices (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Real-Time (IRT) Devices Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-283-01 Siemens Industrial Real-Time (IRT) Devices that was published October 10,…

Siemens PROFINET Devices
News, Vulnerabilities

Siemens PROFINET Devices (Update B) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-283-02 Siemens PROFINET Devices that was published October 10, 2019, on the ICS…

Siemens SCALANCE X
ICS, News, Vulnerabilities

Siemens SCALANCE X (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Storing Passwords in a Recoverable Format 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-162-04 Siemens SCALANCE X that was published June 11, 2019,…

Siemens Industrial Products with OPC UA
ICS, News, Vulnerabilities

Siemens Industrial Products with OPC UA (Update D) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-03 Siemens Industrial Products with OPC…

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM
ICS, News, Vulnerabilities

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update E) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM Vulnerability: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-06 Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM…

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C
News, Vulnerabilities

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update C) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from the same local network segment (OSI Layer 2) Vendor: Siemens Equipment: SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C Vulnerability: Heap-based Buffer Overflow  2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-18-165-01…