AutomationDirect Productivity PLCs
View CSAF1. EXECUTIVE SUMMARYCVSS v4 9.3ATTENTION: Exploitable remotely/low attack complexityVendor: AutomationDirectEquipment: Productivity PLCsVulnerabilities: Buffer Access with Incorrect Length...
View ArticleCampbell Scientific CSI Web Server
View CSAF1. EXECUTIVE SUMMARYCVSS v4 6.9ATTENTION: Exploitable remotely/low attack complexityVendor: Campbell ScientificEquipment: CSI Web ServerVulnerabilities: Path Traversal, Weak Encoding for...
View ArticleFuji Electric Monitouch V-SFT
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.5ATTENTION: Low attack complexityVendor: Fuji ElectricEquipment: Monitouch V-SFTVulnerabilities: Out-of-Bounds Write, Stack-Based Buffer Overflow2. RISK...
View ArticleWestermo EDW-100
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low attack complexityVendor: WestermoEquipment: EDW-100Vulnerabilities: Use of Hard-coded Password, Insufficiently Protected...
View ArticleLenelS2 NetBox
View CSAF1. EXECUTIVE SUMMARYCVSS v4 9.3ATTENTION: Exploitable remotely/low attack complexityVendor: LenelS2Equipment: NetBoxVulnerabilities: Use of Hard-coded Password, OS Command Injection, Argument...
View ArticleInosoft VisiWin
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.5ATTENTION: Low attack complexity/public exploits are availableVendor: InosoftEquipment: VisiWinVulnerability: Incorrect Default Permissions2. RISK...
View ArticleUniview NVR301-04S2-P4
View CSAF1. EXECUTIVE SUMMARYCVSS v4 4.8ATTENTION: Exploitable remotely/low attack complexity/public exploits availableVendor: UniviewEquipment: NVR301-04S2-P4Vulnerability: Cross-site Scripting2. RISK...
View ArticleMitsubishi Electric CC-Link IE TSN Industrial Managed Switch
View CSAF1. EXECUTIVE SUMMARYCVSS v4 5.1ATTENTION: Exploitable remotely/low attack complexityVendor: Mitsubishi ElectricEquipment: CC-Link IE TSN Industrial Managed SwitchVulnerability: Allocation of...
View ArticleEmerson Ovation
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low attack complexityVendor: EmersonEquipment: OvationVulnerabilities: Missing Authentication for Critical Function, Insufficient...
View ArticleJohnson Controls Software House iStar Pro Door Controller
View CSAF1. EXECUTIVE SUMMARYCVSS v3 9.1ATTENTION: Exploitable remotely/low attack complexityVendor: Johnson Controls Inc.Equipment: Software House iStar Pro Door Controller, ICUVulnerability: Missing...
View ArticleEmerson PACSystem and Fanuc
View CSAF1. EXECUTIVE SUMMARYCVSS v4 5.6ATTENTION: Low attack complexityVendor: EmersonEquipment: PACSystem, FanucVulnerabilities: Cleartext Transmission of Sensitive Information, Insufficient...
View ArticleFuji Electric Tellus Lite V-Simulator
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.5ATTENTION: Low attack complexityVendor: Fuji ElectricEquipment: Tellus Lite V-SimulatorVulnerabilities: Out-of-Bound Write, Stack-based Buffer Overflow2. RISK...
View ArticleSiemens SCALANCE XM-400, XR-500
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens Teamcenter Visualization and JT2Go
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SITOP UPS1600
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SIMATIC S7-200 SMART Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleRockwell Automation FactoryTalk View SE
View CSAF1. EXECUTIVE SUMMARYCVSS v4 8.5ATTENTION: Low attack complexityVendor: Rockwell AutomationEquipment: FactoryTalk View SEVulnerability: Incorrect Permission Assignment for Critical Resource2....
View ArticleSiemens SINEC Traffic Analyzer
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens SIMATIC and SIPLUS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View ArticleSiemens PowerSys
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities...
View Article