Stay connected

Trending News

Siemens Industrial Products
News, Vulnerabilities

Siemens Industrial Products (Update D) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-253-03 Siemens Industrial Products (Update B) that was published…

Siemens Industrial Products with OPC UA
News, Vulnerabilities

Siemens Industrial Products with OPC UA (Update E) 

1. EXECUTIVE SUMMARY CVSS v3.1  7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-19-099-03 Siemens Industrial Products with OPC…

AutomationDirect C-More Touch Panels
News, Vulnerabilities

AutomationDirect C-More Touch Panels 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AutomationDirect Equipment: C-More Touch Panels EA9 Series Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to get account information such as usernames and passwords, obscure or manipulate…

Detecting Citrix CVE-2019-19781
News, Vulnerabilities

Detecting Citrix CVE-2019-19781 

Summary Unknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.[1] Though mitigations were released on the same day Citrix announced CVE-2019-19781, organizations that did not appropriately apply the mitigations were likely…

Medtronic Conexus Radio Frequency Telemetry Protocol
News, Vulnerabilities

Medtronic Conexus Radio Frequency Telemetry Protocol (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink Monitor, CareLink Monitor, CareLink 2090 Programmer, specific Medtronic implanted cardiac devices listed below Vulnerabilities: Improper Access Control, Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a…

GE CARESCAPE, ApexPro, and Clinical Information Center systems
News, Vulnerabilities

GE CARESCAPE, ApexPro, and Clinical Information Center systems 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station (CSCS) and Clinical Information Center (CIC) systems, CARESCAPE B450, B650, B850 Monitors Vulnerabilities: Unprotected Storage of Credentials, Improper Input Validation, Use of Hard-coded Credentials,…

GE PACSystems RX3i
News, Vulnerabilities

GE PACSystems RX3i 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE/Emerson Equipment: PACSystems RX3i Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the system to change to halt-mode, resulting in a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS…