Stay connected

Trending News

News, Vulnerabilities

Schneider Electric GUIcon Eurotherm 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Eurotherm by Schneider Electric GUIcon Vulnerabilities: Type Confusion, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to execute code with privileges within…

News, Vulnerabilities

Siemens Industrial Products (Update J) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01 Siemens Industrial Products (Update I) published November 13,…

News, Vulnerabilities

Philips Alice 6 Vulnerabilities (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: Philips Alice 6 System product Vulnerabilities: Improper Authentication, Missing Encryption of Sensitive Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSMA-18-086-01 Philips Alice…

News, Vulnerabilities

Siemens SINUMERIK Controllers 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINUMERIK Controllers Vulnerabilities: Heap-based Buffer Overflow, Integer Overflow or Wraparound, Protection Mechanism Failure, Permissions, Privileges, and Access Controls, Stack-based Buffer Overflow, Uncaught Exception 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause denial-of-service…

News, Vulnerabilities

McAfee SINAMICS PERFECT HARMONY GH180 

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: McAfee Equipment: SINAMICS PERFECT HARMONY GH180 Vulnerability: Improper Access Control 2. RISK EVALUATION These files can be executed to compromise the HMI, and by extension, the drive system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens has…

News, Vulnerabilities

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules 

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules Vulnerability: Missing Authentication for Critical Function 2. REPOSTED INFORMATION This advisory was originally posted to the HSIN ICS-CERT library on November 6, 2018, and…