Siemens Remote Connect Server
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleRockwell Automation ThinManager ThinServer
View CSAF1. EXECUTIVE SUMMARYCVSS v4 9.3ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: ThinManager ThinServerVulnerabilities: Improper Input Validation2....
View ArticleSiemens SINEMA Remote Connect Server
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens TIA Portal and SIMATIC STEP 7
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SINEMA Remote Connect Server
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens RUGGEDCOM
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens Teamcenter Visualization and JT2Go
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleRockwell Automation Pavilion 8
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.7ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: Pavilion 8Vulnerability: Incorrect Permission Assignment for Critical...
View ArticleSubnet Solutions PowerSYSTEM Center
View CSAF1. EXECUTIVE SUMMARYCVSS v4 6.9ATTENTION: Exploitable remotely/low attack complexityVendor: Subnet Solutions Inc.Equipment: Subnet PowerSYSTEM CenterVulnerability: Prototype Pollution2. RISK...
View ArticleMitsubishi Electric MELSOFT MaiLab
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.2ATTENTION: Exploitable remotelyVendor: Mitsubishi Electric CorporationEquipment: MELSOFT MaiLabVulnerability: Improper Verification of Cryptographic Signature2....
View ArticleNational Instruments LabVIEW
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.4ATTENTION: Low attack complexityVendor: National InstrumentsEquipment: LabVIEWVulnerabilities: Out-of-Bounds Read, Improper Restriction of Operations within the...
View ArticleHitachi Energy AFS/AFR Series Products
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low attack complexityVendor: Hitachi EnergyEquipment: AFS650, AFS660, AFS665, AFS670, AFS675, AFS677, AFR677Vulnerabilities: Type...
View ArticleNational Instruments IO Trace
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.4ATTENTION: Low attack complexityVendor: National InstrumentsEquipment: IO TraceVulnerability: Stack-Based Buffer Overflow2. RISK EVALUATIONSuccessful...
View ArticleSiemens SICAM Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticlePositron Broadcast Signal Processor
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.7ATTENTION: Exploitable remotely/low attack complexity/public exploits are availableVendor: Positron S.R.LEquipment: Broadcast Signal Processor...
View ArticleRockwell Automation Logix Controllers
View CSAF1. EXECUTIVE SUMMARYCVSS v4 7.3ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: ControlLogix, GuardLogix, and 1756 ControlLogix I/O...
View ArticleJohnson Controls exacqVision Web Service
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.7ATTENTION: Exploitable remotely/low attack complexityVendor: Johnson Controls, Inc.Equipment: Web ServiceVulnerability: Use of GET Request Method With Sensitive...
View ArticleJohnson Controls exacqVision Web Service
View CSAF1. EXECUTIVE SUMMARYCVSS v3 6.8ATTENTION: Exploitable remotelyVendor: Johnson Controls, Inc.Equipment: exacqVision Web ServiceVulnerability: Cross-Site Request Forgery (CSRF)2. RISK...
View ArticleVonets WiFi Bridges
View CSAF1. EXECUTIVE SUMMARYCVSS v4 10.0ATTENTION: Exploitable remotely/low attack complexityVendor: VonetsEquipment: VAR1200-H, VAR1200-L, VAR600-H, VAP11AC, VAP11G-500S, VBG1200, VAP11S-5G, VAP11S,...
View ArticleJohnson Controls exacqVision Server
View CSAF1. EXECUTIVE SUMMARYCVSS v3 6.4ATTENTION: Exploitable remotelyVendor: Johnson Controls, Inc.Equipment: exacqVision ServerVulnerability: Improper Certificate Validation2. RISK...
View Article