Stay connected

Trending News

Paradox IP150
ICS, News, Vulnerabilities

Paradox IP150 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Paradox Equipment: IP150 Vulnerabilities: Stack-based Buffer Overflow, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code, which may result in the termination of the…

Real Time Automation EtherNet/IP
ICS, News, Vulnerabilities

Real Time Automation EtherNet/IP 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Real Time Automation (RTA) Equipment: 499ES EtherNet/IP (ENIP) Adaptor Source Code Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition, and a buffer overflow may allow remote…

Schneider Electric Interactive Graphical SCADA System (IGSS)
ICS, News, Vulnerabilities

Schneider Electric Interactive Graphical SCADA System (IGSS) 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Interactive Graphical SCADA System (IGSS) Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may result in remote…

Mitsubishi Electric MELSEC iQ-F FX5-OPC
ICS, News, Vulnerabilities

Mitsubishi Electric MELSEC iQ-R Series 

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition for the affected products. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Mitsubishi Electric reports the vulnerability affects…

OSIsoft PI Interface for OPC XML-DA
ICS, News, Vulnerabilities

OSIsoft PI Interface for OPC XML-DA 

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Interface Vulnerability: Numeric Errors 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker-controlled OPC XML-DA Server to respond with a crafted XML message and exploit the PI Interface for…

OSIsoft PI Vision
ICS, News, Vulnerabilities

OSIsoft PI Vision 

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Vision 2020 Vulnerabilities: Cross-site Scripting, Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow a remote attacker with write access to the PI ProcessBook files to inject code that…

Schneider Electric PLC Simulator for EcoStruxure Control Expert
ICS, News, Vulnerabilities

Schneider Electric PLC Simulator for EcoStruxure Control Expert 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: PLC Simulator for EcoStruxure Control Expert Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition, which could result in a…

SIMATIC S7-300 CPUs and SINUMERIK Controller
ICS, News, Vulnerabilities

SIMATIC S7-300 CPUs and SINUMERIK Controller 

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-300 CPUs and SINUMERIK Controller Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the…

Siemens SCALANCE W 1750D
ICS, News, Vulnerabilities

Siemens SCALANCE W 1750D 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE W 1750D Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…