View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: EcoStruxure Foxboro DCS Core Control Services Vulnerabilities: Out-of-bounds Write, Improper Validation of Array Index, Improper Input Validation 2. RISK…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: MOBATIME Equipment: Network Master Clock – DTS 4801 Vulnerability: Use of Default Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Vulnerabilities: Use After Free, Out-of-bounds Write, Improper Initialization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: AutomationDirect Equipment: C-More EA9 Programming Software Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in memory…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Planet Technology Equipment: Planet WGS-804HPT Vulnerabilities: Stack-based Buffer Overflow, Improper Neutralization of Special Elements used in an OS Command (‘OS Command…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64 Product Suite and Mitsubishi Electric MC Works64 Vulnerabilities: Uncontrolled Search Path Element, Dead Code 2. RISK…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Open Automation Software Equipment: Open Automation Software Vulnerability: Incorrect Execution-Assigned Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could result in…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ruijie Equipment: Reyee OS Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Exposure of Private Personal Information to an Unauthorized Actor,…
Actions enhance visibility and reduce potential entry points for PRC-affiliated cyber threats WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI) and international partners published today…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Improper Neutralization of Special Elements in Data Query Logic, Improper Limitation of a Pathname…