Stay connected

Trending News

Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK
ICS, News, Vulnerabilities

Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK 

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow authorized local users with administrative privileges to execute custom code with SYSTEM level…

Siemens SINUMERIK
ICS, News, Vulnerabilities

Siemens SINUMERIK 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINUMERIK Vulnerabilities: Buffer Underflow, Heap-based Buffer Overflow, Improper Initialization, Out-of-bounds Read, Stack-based Buffer Overflow, Access of Memory Location After End of Buffer, Off-by-one Error, Improper Null Termination, Improper Initialization 2. RISK EVALUATION Successful…

OSIsoft PI System
ICS, News, Vulnerabilities

OSIsoft PI System (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI System Vulnerabilities: Uncontrolled Search Path Element, Improper Verification of Cryptographic Signature, Incorrect Default Permissions, Uncaught Exception, Null Pointer Dereference, Improper Input Validation, Cross-site Scripting, Insertion of Sensitive Information into Log File 2….

Siemens Industrial Products
ICS, News, Vulnerabilities

Siemens Industrial Products (Update G) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Products ——— Begin Update G Part 1 of 4 ——— Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption ——— End Update G…

Medtronic Conexus Radio Frequency Telemetry Protocol
Uncategorized

Medtronic Conexus Radio Frequency Telemetry Protocol (Update B) 

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink Monitor, CareLink Monitor, CareLink 2090 Programmer, specific Medtronic implanted cardiac devices listed below Vulnerabilities: Improper Access Control, Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a…

ABB System 800xA Base
ICS, News, Vulnerabilities

ABB System 800xA Base 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: System 800xA Base Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges and cause system functions to stop or malfunction. 3….

ABB Multiple System 800xA Products
ICS, News, Vulnerabilities

ABB Multiple System 800xA Products 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: ABB Equipment: System 800xA Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to make the system node inaccessible or tamper with runtime data in the system. 3. TECHNICAL…

ABB Central Licensing System
ICS, News, Vulnerabilities

ABB Central Licensing System 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Central Licensing System (CLS) Vulnerabilities: Information Exposure; Improper Restriction of XML External Entity Reference; Uncontrolled Resource Consumption; Permissions, Privilege, and Access Controls; Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities…

GE Grid Solutions Reason RT Clocks
ICS, News, Vulnerabilities

GE Grid Solutions Reason RT Clocks 

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Low skill level to exploit/exploitable remotely Vendor: GE Equipment: Grid Solutions Reason RT Clocks Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to sensitive information, execution of arbitrary code, and cause the device…