View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MSM Product Vulnerabilities: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’), Reachable Assertion 2. RISK EVALUATION…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Raise3D Equipment: Pro2 Series Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Low attack complexity Vendor: OpenPLC_V3 Equipment: OpenPLC_V3 Vulnerability: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo Equipment: CPX-CEC-C1 and CPX-CMXX Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated, remote…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo Equipment: Controller CECC-S,-LK,-D Family Firmware Vulnerabilities: Exposure of Resource to Wrong Sphere, Untrusted Pointer Dereference, NULL Pointer Dereference, Files or…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: LG Innotek Equipment: Camera Models LND7210 and LNV7210R Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Megasys Enterprises Equipment: Telenium Online Web Application Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo Equipment: SBRD-Q/SBOC-Q/SBOI-Q Vulnerabilities: Incorrect Conversion between Numeric Types, Out-of-bounds Read, Reachable Assertion 2. RISK EVALUATION Successful exploitation of these vulnerabilities…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) announced that it has transitioned to a new model to better equip state, local, tribal, and territorial (SLTT) governments to strengthen shared responsibility nationwide. CISA is…
WASHINGTON – Today, the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) announced the official beginning of Cybersecurity Awareness Month 2025. This national campaign, administered by CISA, will give partner…