PTC KEPServerEx
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.1ATTENTION: Exploitable remotely/low attack complexityVendor: PTCEquipment: KEPServerEX, ThingWorx, OPC-AggregatorVulnerabilities: Heap-based Buffer Overflow,...
View ArticleYokogawa STARDOM
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.3ATTENTION: Exploitable remotely/low attack complexityVendor: YokogawaEquipment: STARDOM FCN/FCJVulnerability: Uncontrolled Resource Consumption2. RISK...
View ArticleMitsubishi Electric FA Engineering Software Products
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.8ATTENTION: Low attack complexityVendor: Mitsubishi ElectricEquipment: FA Engineering Software ProductsVulnerability: External Control of File Name or Path2. RISK...
View ArticleDelta Electronics DOPSoft
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.8ATTENTION: Exploitable remotely/low attack complexityVendor: Delta ElectronicsEquipment: DOPSoftVulnerability: Stack-Based Buffer Overflow2. RISK...
View ArticleZebra ZTC Industrial ZT400 and ZTC Desktop GK420d
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.4ATTENTION: Exploitable with adjacent access/low attack complexityVendor: Zebra TechnologiesEquipment: ZTC Industrial ZT410, ZTC Desktop GK420dVulnerability:...
View ArticleControlbyWeb Relay
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low attack complexityVendor: ControlByWebEquipment: X-332 and X-301Vulnerability: Cross-Site Scripting2. RISK...
View ArticleMitsubishi Electric FA Engineering Software Products
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.3Vendor: Mitsubishi ElectricEquipment: MELIPC , MELSEC iQ-R, and MELSEC Q SeriesVulnerabilities: Processor Optimization Removal or Modification of...
View ArticleJohnson Controls Metasys and Facility Explorer
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low attack complexityVendor: Johnson ControlsEquipment: Metasys and Facility ExplorerVulnerability: Uncontrolled Resource...
View ArticleSierra Wireless AirLink with ALEOS firmware
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.1ATTENTION: Exploitable remotely/low attack complexityVendor: Sierra WirelessEquipment: AirLinkVulnerabilities: Infinite Loop, NULL Pointer Dereference,...
View ArticleSchweitzer Engineering Laboratories SEL-411L
View CSAF1. EXECUTIVE SUMMARYCVSS v3 4.3ATTENTION: Exploitable remotely/low attack complexityVendor: Schweitzer Engineering LaboratoriesEquipment: SEL-411LVulnerability: Improper Restriction of...
View ArticleSchneider Electric Easy UPS Online Monitoring Software
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.3ATTENTION:Vendor: Schneider ElectricEquipment: Easy UPS Online Monitoring SoftwareVulnerability: Path Traversal2. RISK EVALUATIONSuccessful exploitation of this...
View ArticleSiemens OPC UA Implementation in SINUMERIK ONE and SINUMERIK MC
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens User Management Component (UMC)
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens RUGGEDCOM and SCALANCE M-800/S615 Family
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SINUMERIK
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens Web Server of Industrial Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SIMATIC and SIPLUS Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleJohnson Controls Kantech Gen1 ioSmart
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable from adjacent networkVendor: Sensormatic Electronics, LLC, an affiliate of Johnson Controls Inc.Equipment: Kantech Gen1 ioSmart card...
View ArticleSiemens SINEC INS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SCALANCE and RUGGEDCOM M-800/S615 Family
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View Article