Stay connected

Trending News

Category: Vulnerabilities

News, Vulnerabilities

Siemens SIMATIC STEP 7 and SIMATIC WinCC (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable locally/low skill level to exploit Vendor: Siemens Equipment: SIMATIC STEP 7 (TIA Portal) and SIMATIC WinCC (TIA Portal) Vulnerabilities: Incorrect Default Permissions 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-226-01 Siemens SIMATIC STEP 7…

News, Vulnerabilities

Siemens Industrial Products (Update H) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01 Siemens Industrial Products (Update G) published September 11,…

News, Vulnerabilities

Carestream Vue RIS 

1. EXECUTIVE SUMMARY CVSS v3 3.7 ATTENTION: Exploitable remotely Vendor: Carestream Equipment: Carestream Vue RIS Vulnerability: Information Exposure Through an Error Message 2. RISK EVALUATION An attacker with access to the network of the affected system can passively read traffic. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

News, Vulnerabilities

Change Healthcare PeerVue Web Server 

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable on an adjacent network/low skill level to exploit Vendor: Change Healthcare Equipment: PeerVue Web Server Vulnerability: Information Exposure Through an Error Message 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain technical information about the PeerVue…