Stay connected

Trending News

Siemens SIMATIC S7-200 SMART CPU Family
ICS, News, Vulnerabilities

Siemens SIMATIC S7-200 SMART CPU Family 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-200 SMART CPU family Vulnerability: Uncontrolled Resource Consumption  2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…

Siemens Opcenter Execution Core
ICS, News, Vulnerabilities

Siemens Opcenter Execution Core 

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Opcenter Execution Core Vulnerabilities: Cross-site Scripting, SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to obtain session cookies, read and modify application data, read…

Siemens LOGO! Web Server
ICS, News, Vulnerabilities

Siemens LOGO! Web Server 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: LOGO! Web Server Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of LOGO! Web Server…

Baxter PrismaFlex and PrisMax
ICS, News, Vulnerabilities

Baxter PrismaFlex and PrisMax (Update B) 

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Baxter Equipment: PrismaFlex and PrisMax Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Authentication, Use of Hard-Coded Password 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-20-170-02 Baxter PrismaFlex and…

Treck TCP/IP Stack
ICS, News, Vulnerabilities

Treck TCP/IP Stack (Update E) 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely Vendor: Treck Inc. Equipment: TCP/IP Vulnerabilities: Improper Handling of Length Parameter Inconsistency, Improper Input Validation, Double Free, Out-of-bounds Read, Integer Overflow or Wraparound, Improper Null Termination, Improper Access Control CISA is aware of a public report, known as “Ripple20” that…

Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller over Profinet
ICS, News, Vulnerabilities

Siemens SIMATIC S7-300 CPUs and SINUMERIK Controller over Profinet (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-300 CPUs and SINUMERIK Controller over Profinet Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-070-02 Siemens SIMATIC S7-300 CPUs and SINUMERIK…

Siemens Industrial Products SNMP Vulnerabilities
ICS, News, Vulnerabilities

Siemens Industrial Products SNMP Vulnerabilities (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Various SCALANCE, SIMATIC, SIPLUS products Vulnerabilities: Data Processing Errors, NULL Pointer Dereference 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-042-02 Siemens Industrial Products SNMP Vulnerabilities that…