View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: CloudEdge Equipment: CloudEdge App, CloudEdge Online Cameras Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View Machine Edition and PanelView Plus 7 Vulnerabilities: Improper Limitation of a Pathname to a Restricted Directory…
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ArmorStart AOP Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Linx Vulnerabilities: Privilege Chaining 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow full access to all…
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MACH GWS Vulnerabilities: Incorrect Default Permissions, Improper Validation of Integrity Check Value, Improper Certificate Validation 2. RISK EVALUATION…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) has identified a significant cyber threat targeting federal networks utilizing certain F5 devices and software. A nation-state cyber threat actor poses an imminent risk, with the…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 1715 EtherNet/IP Vulnerabilities: Allocation of Resources Without Limits or Throttling, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: Industrial Data Center (IDC) with Cisco Switching, IDC-Managed Support contract with Cisco Switching, Network-Managed Support contract with Cisco…