ICS-CERT Archives | InfoSec Industry

Advantech WebAccess/SCADA

ICS-CERT May 30, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Insufficient Type Distinction 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker full control over the supervisory control and data acquisition (SCADA) server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Advantech reports this vulnerability affect the...

Moxa MXsecurity Series

ICS-CERT May 25, 2023

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXsecurity Series Vulnerabilities: Command Injection and Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthorized user to bypass authentication or to execute arbitrary commands on the device. 3. TECHNICAL DETAILS 3.1...

Horner Automation Cscape

ICS-CERT May 23, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Horner Automation Equipment: Cscape, Cscape EnvisionRV Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read, Use After Free, Access of Uninitialized Pointer, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Hitachi Energy’s AFS65x, AFS67x, AFR67x and AFF66x Products

ICS-CERT May 23, 2023

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: AFS65x, AFS67x, AFR67x and AFF66x series products Vulnerabilities: Use After Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or lead to a Denial-of-Service (DoS). 3. TECHNICAL DETAILS 3.1...

Mitsubishi Electric MELSEC Series CPU module

ICS-CERT May 23, 2023

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC Series CPU module Vulnerabilities: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition or execute malicious code on a target product...

Hitachi Energy’s RTU500 Series Product

ICS-CERT May 23, 2023

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerabilities: Type Confusion, Observable Timing Discrepancy, Out-of-bounds Read, Infinite Loop, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash the device being accessed or cause...

Hitachi Energy’s MicroSCADA Pro/X SYS600 Products

ICS-CERT May 18, 2023

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Public exploits are available Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Products Vulnerabilities: Permissions, Privileges, and Access Controls 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following...

Rockwell Automation FactoryTalk Diagnostics (Update B)

ICS-CERT May 18, 2023

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk Diagnostics Vulnerabilities: Deserialization of Untrusted Data 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-051-02-Rockwell Automation FactoryTalk Diagnostics (Update A) that was published February...

Mitsubishi Electric MELSEC WS Series

ICS-CERT May 18, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: WS0-GETH00200 Vulnerabilities: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass authentication and log in by connecting to the module via telnet to reset the module or,...

Johnson Controls OpenBlue Enterprise Manager Data Collector

ICS-CERT May 18, 2023

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: OpenBlue Enterprise Manager Data Collector Vulnerabilities: Improper Authentication, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker, under certain circumstances, to make application...

Carlo Gavazzi Powersoft

ICS-CERT May 18, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Carlo Gavazzi Equipment: Powersoft Vulnerabilities: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access and retrieve any file from the server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of...

Rockwell Automation FactoryTalk Vantagepoint

ICS-CERT May 16, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Vantagepoint Vulnerabilities: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to impersonate an existing user or execute a cross site request forgery (CSRF) attack. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Snap One OvrC Cloud

ICS-CERT May 16, 2023

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Snap One Equipment: OvrC Cloud, OvrC Pro Devices Vulnerabilities: Improper Input Validation, Observable Response Discrepancy, Improper Access Control, Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, Open Redirect, Use of Hard-coded Credentials, Hidden Functionality 2....

Rockwell ArmorStart

ICS-CERT May 16, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Equipment: ArmorStart Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a malicious user to view and modify sensitive data or make the web page unavailable. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions...

Siemens Solid Edge

ICS-CERT May 11, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: NULL Pointer Dereference, Out-of-bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or crash...

Siemens SIMATIC Cloud Connect 7

ICS-CERT May 11, 2023

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Cloud Connect 7 Vulnerabilities: Improper Neutralization of Special Elements used in a Command ('Command Injection'), Use of Hard-coded Password, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Missing Standardized Error...

Sierra Wireless AirVantage

ICS-CERT May 11, 2023

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sierra Wireless Equipment: AirVantage Vulnerabilities: Improper Authentication, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to configure devices and to receive sensitive device information. 3. TECHNICAL DETAILS 3.1...

Siemens SCALANCE LPE9403

ICS-CERT May 11, 2023

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE LPE9403 Vulnerabilities: Command Injection, Creation of Temporary File with Insecure Permissions, Path Traversal, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation these vulnerabilities could allow an attacker to gain access to the device as root or...

Siemens Siveillance Video Event and Management Servers

ICS-CERT May 11, 2023

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Siveillance Video Vulnerabilities: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute code on the affected system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports these vulnerabilities affect...

Siemens SINEC NMS Third-Party

ICS-CERT May 11, 2023

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Third-party components libexpat and libcurl in SINEC NMS Vulnerabilities: Expected Behavior Violation, Improper Validation of Syntactic Correctness of Input, Stack-based Buffer Overflow, Use After Free, Double Free, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful...

LATEST NEWS

Amazon Ring, Alexa accused of every nightmare IoT security fail you can imagine

The Register June 1, 2023

Staff able to watch customers in the bathroom? Tick! Obviously shabby infosec? Tick! Training AI as an excuse for data retention? Tick! America's Federal Trade Commission has made Amazon a case study for every cautionary tale about how sloppily...

Ukraine war blurs lines between cyber-crims and state-sponsored attackers

The Register June 1, 2023

This RomCom is no laughing matter A change in the deployment of the RomCom malware strain has illustrated the blurring distinction between cyberattacks motivated by money and those fueled by geopolitics, in this case Russia's illegal invasion of Ukraine,...

We need to refine and secure AI, not turn our backs on the technology

SC Magazine June 1, 2023

While the potential poisoning of ChatGPT raises some concerns, we need to take this threat as an opportunity to better refine and secure emerging AI models.

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

The Hacker News June 1, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting...

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites

The Hacker News June 1, 2023

WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites. The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0,...