Stay connected

Trending News

News, Vulnerabilities

Tridium Niagara 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Tridium Equipment: Niagara Vulnerabilities: Information Exposure, Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local user to escalate their privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Tridium products are…

News, Vulnerabilities

WECON LeviStudioU (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: WECON Technology Co., Ltd (WECON) Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Memory Corruption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-036-03 WECON LeviStudioU that was published February…

News, Vulnerabilities

Advantech WebAccess 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerabilities: Code Injection, Command Injection, Stack-based Buffer Overflow, Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, access files…

News, Vulnerabilities

Siemens SINEMA Remote Connect Server 

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Information Exposure, Cross-Site Request Forgery, Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker unauthorized…

News, Vulnerabilities

Honeywell Performance IP Cameras and Performance NVRs 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Honeywell Equipment: Performance IP Cameras and Performance NVRs Vulnerability: Information Exposure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to view device configuration information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…

News, Vulnerabilities

Philips IntelliVue WLAN 

1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Philips Equipment: IntelliVue M3002A X2 MMS Transport Monitor/Module and IntelliVue MP monitors (MP2/X2, MP5, MP20-MP90, MX600, MX700 and MX800) Vulnerabilities: Use of Hard-coded Password, Download of Code Without Integrity Check 2. RISK EVALUATION Successful exploitation of these vulnerabilities may cause corruption…

Hacks, Vulnerabilities

3S-Smart Software Solutions GmbH CODESYS V3 Web Server 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 web server Vulnerabilities: Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to create a denial-of-service condition, to perform remote…

News, Vulnerabilities

3S-Smart Software Solutions GmbH CODESYS V3 Products Containing a CODESYS Communication Server 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 products containing a CODESYS communication server Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED…