SEW-EURODRIVE MOVITOOLS MotionStudio
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.5ATTENTION: Low attack complexityVendor: SEW-EURODRIVEEquipment: MOVITOOLS MotionStudioVulnerability: Improper Restriction of XML EXTERNAL Entity Reference2. RISK...
View ArticleAVEVA PI Server
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low attack complexityVendor: AVEVAEquipment: PI ServerVulnerabilities: Improper Check or Handling of Exceptional Conditions,...
View ArticleCrestron AM-300
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.4ATTENTION: Low attack complexityVendor: CrestronEquipment: AM-300Vulnerability: OS Command Injection2. RISK EVALUATIONSuccessful exploitation of this...
View ArticleWestermo Lynx 206-F2G
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.0ATTENTION: Exploitable remotely/low attack complexityVendor: WestermoEquipment: Lynx 206-F2GVulnerabilities: Cross-site Scripting, Code Injection, Cross-Origin...
View ArticleAPsystems Energy Communication Unit (ECU-C) Power Control Software
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.8ATTENTION: Exploitable via adjacent network / low attack complexityVendor: APsystemsEquipment: Energy communication Unit (ECU-C) Power Control...
View ArticleVoltronic Power ViewPower Pro
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/Low attack complexityVendor: Voltronic PowerEquipment: ViewPower ProVulnerabilities: Deserialization of Untrusted Data, Missing...
View ArticleLantronix XPort
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.7ATTENTION: Low attack complexityVendor: LantronixEquipment: XPortVulnerability: Weak Encoding for Password2. RISK EVALUATIONSuccessful exploitation of this...
View ArticleSystemK NVR 504/508/516
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low attack complexity/public exploits are availableVendor: SystemKEquipment: NVR 504/508/516Vulnerability: Command Injection2....
View ArticleMachineSense FeverWarn
View CSAF1. EXECUTIVE SUMMARYCVSS v3 10.0ATTENTION: Exploitable remotely/low attack complexityVendor: MachineSense LLC.Equipment: MachineSense FeverWarnVulnerabilities: Missing Authentication for...
View ArticleRockwell Automation FactoryTalk Service Platform
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: FactoryTalk Service PlatformVulnerability: Improper Verification of...
View ArticleMitsubishi Electric MELSEC WS Series Ethernet Interface Module
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.9ATTENTION: Exploitable remotelyVendor: Mitsubishi ElectricEquipment: MELSEC WS SeriesVulnerability: Authentication Bypass by Capture-replay2. RISK...
View ArticleRockwell Automation ControlLogix and GuardLogix
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.6ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: ControlLogix, GuardLogixVulnerability: Improper Restriction of...
View ArticleMitsubishi Electric FA Engineering Software Products
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low attack complexityVendor: Mitsubishi ElectricEquipment: EZSocket, FR Configurator2, GT Designer3 Version1(GOT1000), GT...
View ArticleRockwell Automation LP30/40/50 and BM40 Operator Interface
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.8ATTENTION: Exploitable remotely/low attack complexityVendor: Rockwell AutomationEquipment: LP30, LP40, LP50, and BM40 Operator PanelsVulnerability: Improper...
View ArticleHitron Systems Security Camera DVR
View CSAF1. EXECUTIVE SUMMARYCVSS v3 8.1ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitationVendor: Hitron SystemsEquipment: DVRVulnerability:...
View ArticleEmerson Rosemount GC370XA, GC700XA, GC1500XA
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotelyVendor: EmersonEquipment: Rosemount GC370XA, GC700XA, GC1500XAVulnerabilities: Command Injection, Improper Authentication,...
View ArticleAVEVA Edge products (formerly known as InduSoft Web Studio)
View CSAF1. EXECUTIVE SUMMARYCVSS v3 7.3ATTENTION: Low attack complexityVendor: AVEVAEquipment: AVEVA Edge products (formerly known as InduSoft Web Studio)Vulnerability: Uncontrolled Search Path...
View ArticleGessler GmbH WEB-MASTER
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable Remotely/Low attack complexityVendor: Gessler GmbHEquipment: WEB-MASTERVulnerabilities: Use of Weak Credentials, Use of Weak Hash2. RISK...
View ArticleHID Global Reader Configuration Cards
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.3ATTENTION: Low attack complexityVendor: HID GlobalEquipment: Reader Configuration CardsVulnerability: Improper Authorization2. RISK EVALUATIONSuccessful...
View ArticleHID Global Encoders
View CSAF1. EXECUTIVE SUMMARYCVSS v3 5.9ATTENTION: Exploitable locallyVendor: HID GlobalEquipment: iCLASS SE, OMNIKEYVulnerability: Improper Authorization2. RISK EVALUATIONSuccessful exploitation of...
View Article