SIEMENS CERT
07/21/2025
A vulnerability exists in affected products that could allow remote attackers to affect the availability of the devices under certain conditions. The integrated ICMP services in the underlying TCP/IP stack is vulnerable to a denial of service attack through specially crafted ICMP packets. A successful attack will impact the availability …
SIEMENS CERT
07/18/2025
During establishment of a https connection to the TLS server of a managed device, SICAM TOOLBOX II improperly validates that device’s certificate. This could allow an attacker to execute an on-path network (MitM) attack. Siemens has released a new version for SICAM TOOLBOX II and recommends to update to the …
CISA (ICS)
07/17/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Leviton Equipment : AcquiSuite, Energy Monitoring Hub Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to craft a malicious payload in URL parameters that would execute in a …
CISA (ICS)
07/15/2025
1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : ABB Equipment : RMC-100 Vulnerabilities : Use of Hard-coded Cryptographic Key, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain unauthenticated access to the MQTT configuration data, cause …
CISA (ICS)
07/15/2025
1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : Energy Asset Suite Vulnerabilities : Incomplete List of Disallowed Inputs, Plaintext Storage of a Password, Out-of-bounds Write, Release of Invalid Pointer or Reference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could …
CISA (ICS)
07/15/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : LITEON Equipment : IC48A and IC80A Vulnerability : Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information when accessing the Liteon EV chargers. 3. …
CISA (ICS)
07/10/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Advantech Equipment : iView Vulnerabilities : Cross-site Scripting, SQL Injection, Path Traversal, Argument Injection. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, achieve remote code execution, or cause …
CISA (ICS)
07/10/2025
1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : KUNBUS Equipment : RevPi Webstatus Vulnerability : Incorrect Implementation of Authentication Algorithm 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to bypass authentication and gain unauthorized access to the application. 3. TECHNICAL DETAILS …