Rockwell Automation Lifecycle Services with VMware
View CSAF1. EXECUTIVE SUMMARYCVSS v4 9.4ATTENTION: Low attack complexity/public exploits are available/known public exploitationVendor: Rockwell AutomationEquipment: Industrial Data Center (IDC) with...
View ArticleSchneider Electric EcoStruxure Power Automation System User Interface (EPAS-UI)
View CSAF1. EXECUTIVE SUMMARYCVSS v4 7.0ATTENTION: Low Attack ComplexityVendor: Schneider ElectricEquipment: EcoStruxure Power Automation System User Interface (EPAS-UI)Vulnerability: Improper...
View ArticleSchneider Electric ASCO 5310/5350 Remote Annunciator
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.7ATTENTION: Exploitable remotely/low attack complexityVendor: Schneider ElectricEquipment: ASCO 5310 / 5350Vulnerabilities: Download of Code Without Integrity...
View ArticleSchneider Electric EcoStruxure™
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.5ATTENTION: Low attack complexityVendor: Schneider ElectricEquipment: EcoStruxure™Vulnerability: Improper Privilege Management2. RISK EVALUATIONSuccessful...
View ArticleSchneider Electric Enerlin’X IFE and eIFE
View CSAF1. EXECUTIVE SUMMARYCVSS v4 7.1ATTENTION: Exploitable remotely/low attack complexityVendor: Schneider ElectricEquipment: Enerlin'X IFE interface and Enerlin'X eIFEVulnerabilities: Improper...
View ArticleSiemens Simcenter Femap
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSMA Sunny Portal
View CSAF1. EXECUTIVE SUMMARYCVSS v4 6.9ATTENTION: Exploitable remotely/low attack complexityVendor: SMAEquipment: Sunny PortalVulnerability: Unrestricted Upload of File with Dangerous Type2. RISK...
View ArticleABB RMC-100
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.7ATTENTION: Exploitable remotely/low attack complexityVendor: ABBEquipment: RMC-100Vulnerability: Improperly Controlled Modification of Object Prototype...
View ArticleRockwell Automation Verve Asset Manager
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.9ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: Verve Asset ManagerVulnerability: Improper Validation of Specified...
View ArticleRockwell Automation 440G TLS-Z
View CSAF1. EXECUTIVE SUMMARYCVSS v4 7.3ATTENTION: High attack complexityVendor: Rockwell AutomationEquipment: 440G TLS-ZVulnerability: Improper Neutralization of Special Elements in Output Used by a...
View ArticleInaba Denki Sangyo CHOCO TEI WATCHER mini
View CSAF1. EXECUTIVE SUMMARYCVSS v4 9.3ATTENTION: Exploitable remotely/low attack complexityVendor: Inaba Denki Sangyo Co., Ltd.Equipment: CHOCO TEI WATCHER miniVulnerabilities: Use of Client-Side...
View ArticleRockwell Automation Lifecycle Services with Veeam Backup and Replication
View CSAF1. EXECUTIVE SUMMARYCVSS v4 9.4ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: Lifecycle Services with Veeam Backup and ReplicationVulnerability:...
View ArticleHitachi Energy RTU500 Series
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.7ATTENTION: Exploitable remotely/low attack complexityVendor: Hitachi EnergyEquipment: RTU500 seriesVulnerabilities: Null Pointer Dereference, Insufficient...
View ArticleHitachi Energy TRMTracker
View CSAF1. EXECUTIVE SUMMARYCVSS v4 6.9ATTENTION: Exploitable remotely/low attack complexityVendor: Hitachi EnergyEquipment: TRMTrackerVulnerabilities: Improper Neutralization of Special Elements used...
View ArticleABB ACS880 Drives Containing CODESYS RTS
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.8ATTENTION: Exploitable remotely/low attack complexityVendor: ABBEquipment: ACS880 Drives with IEC 61131-3 licenseVulnerabilities: Improper Input Validation,...
View ArticleABB Low Voltage DC Drives and Power Controllers CODESYS RTS
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.8ATTENTION: Exploitable remotely/low attack complexityVendor: ABBEquipment: DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCT880...
View ArticleB&R APROL
View CSAF1. EXECUTIVE SUMMARYCVSS v4 9.2ATTENTION: Exploitable remotely/low attack complexityVendor: B&REquipment: APROLVulnerabilities: Inclusion of Functionality from Untrusted Control Sphere,...
View ArticleSiemens License Server
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SIDIS Prime
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens Solid Edge
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View Article