Stay connected

Trending News

News, Vulnerabilities

Delta Industrial Automation CNCSoft 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics (Delta) Equipment: Delta Industrial Automation CNCSoft Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote…

News, Vulnerabilities

WAGO Series 750-88x and 750-87x 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: Series 750-88x and 750-87x Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION This vulnerability allows a remote attacker to change the settings or alter the programming of the device. 3. TECHNICAL DETAILS 3.1…

News, Vulnerabilities

PLC Cycle Time Influences 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO Equipment: Programmable Logic Controllers Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION High network load can consume CPU power in such a way that the normal…

News, Vulnerabilities

Siemens SIMOCODE pro V EIP 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMOCODE pro V EIP Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SIMOCODE…

News, Vulnerabilities

Siemens Spectrum Power 4.7 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power 4.7 Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability in versions of Spectrum Power 4 using the user-specific project enhancement (PE) Web Office Portal (WOP) are affected by…

News, Vulnerabilities

Siemens Industrial Products with OPC UA 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition on the affected service or device. 3….

News, Vulnerabilities

Siemens SINEMA Remote Connect 

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Remote Connect (Client and Server) Vulnerabilities: Incorrect Calculation of Buffer Size, Out-of-bounds Read, Stack-based Buffer Overflow, Improper Handling of Insufficient Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an…