Stay connected

Trending News

Advantech WebAccess Node
ICS, News, Vulnerabilities

Advantech WebAccess HMI Designer 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess HMI Designer Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Read, Out-of-bounds Write, Type Confusion, Stack-based Buffer Overflow, Double Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read/modify information,…

Geutebrück G-Cam and G-Code
ICS, News, Vulnerabilities

Geutebrück G-Cam and G-Code 

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Geutebrück Equipment: G-Cam and G-Code Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution as root. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Geutebruck reports…

Delta Industrial Automation TPEditor
ICS, News, Vulnerabilities

Delta Industrial Automation TPEditor 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: TPEditor Vulnerabilities: Out-of-bounds Read, Stack-based Buffer Overflow, Heap-based Buffer Overflow, Write-what-where Condition, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code,…

Delta Industrial Automation CNCSoft ScreenEditor
ICS, News, Vulnerabilities

Delta Industrial Automation CNCSoft ScreenEditor 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: Industrial Automation CNCSoft ScreenEditor Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, and/or…

Treck TCP/IP Stack
ICS, News, Vulnerabilities

Treck TCP/IP Stack (Update F) 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely Vendor: Treck Inc. Equipment: TCP/IP Vulnerabilities: Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or Wraparound, Improper Null Termination, Improper Access Control CISA is aware of a public report, known as “Ripple20” that…

Philips DreamMapper
ICS, News, Vulnerabilities

Philips DreamMapper 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Philips Equipment: DreamMapper Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to the log file information containing descriptive error messages. 3. TECHNICAL…

Mitsubishi Electric Factory Automation Products Path Traversal
ICS, News, Vulnerabilities

Mitsubishi Electric Factory Automation Products Path Traversal 

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Factory Automation products Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to obtain unauthorized information, tamper the information, and cause a denial-of-service condition….

Mitsubishi Electric Factory Automation Engineering Products
ICS, News, Vulnerabilities

Mitsubishi Electric Factory Automation Engineering Products 

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Low skill level to exploit Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Factory Automation Engineering products Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to obtain unauthorized information, modify information, and cause a…

Secomea GateManager
ICS, News, Vulnerabilities

Secomea GateManager 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Secomea Equipment: GateManager Vulnerabilities: Improper Neutralization of Null Byte or NUL Character, Off-by-one Error, Use of Hard-coded Credentials, Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of these vulnerabilities could…

Softing Industrial Automation OPC
ICS, News, Vulnerabilities

Softing Industrial Automation OPC 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Softing Industrial Automation, GmbH Equipment: OPC Vulnerabilities: Heap-based Buffer Overflow, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. A buffer-overflow condition may also allow remote code…