Bulletins | CERT@VDE

1
2
3 (current)

Donnerstag, 09.11.2023

13:00

US CERT (ICS)

Hitachi Energy eSOMS

Titel

Hitachi Energy eSOMS

Veröffentlicht

9. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: eSOMS Vulnerabilities: Generation of Error Message Containing Sensitive Information, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose ...

13:00

US CERT (ICS)

Johnson Controls Quantum HD Unity

Titel

Johnson Controls Quantum HD Unity

Veröffentlicht

9. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-01

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable Remotely/Low attack complexity Vendor: Johnson Controls Inc. Equipment: Quantum HD Unity Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to access debug features that were accidentally exposed. 3. TECHNICAL DETAILS 3.1 ...

Dienstag, 07.11.2023

13:00

US CERT (ICS)

GE MiCOM S1 Agile

Titel

GE MiCOM S1 Agile

Veröffentlicht

7. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-311-23

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low attack complexity Vendor: General Electric Equipment: MiCOM S1 Agile Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload malicious files and achieve code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ...

Donnerstag, 02.11.2023

13:00

US CERT (ICS)

Franklin Fueling System TS-550

Titel

Franklin Fueling System TS-550

Veröffentlicht

2. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-04

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Fueling System Equipment: TS-550 Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access the device and gain unauthenticated ...

13:00

US CERT (ICS)

Schneider Electric SpaceLogic C-Bus Toolkit

Titel

Schneider Electric SpaceLogic C-Bus Toolkit

Veröffentlicht

2. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-06

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: SpaceLogic C-Bus Toolkit Vulnerabilities: Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform remote code execution, which could result in tampering of the ...

13:00

US CERT (ICS)

Mitsubishi Electric MELSEC Series

Titel

Mitsubishi Electric MELSEC Series

Veröffentlicht

2. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-03

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC Series Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to reset the memory of the products to factory default state ...

13:00

US CERT (ICS)

Weintek EasyBuilder Pro

Titel

Weintek EasyBuilder Pro

Veröffentlicht

2. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-05

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Weintek Equipment: EasyBuilder Pro Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain remote control of a victim's computer as a privileged user. 3. TECHNICAL DETAILS ...

13:00

US CERT (ICS)

Mitsubishi Electric MELSEC iQ-F Series CPU Module

Titel

Mitsubishi Electric MELSEC iQ-F Series CPU Module

Veröffentlicht

2. November 2023 13:00

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-02

Text

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Equipment: MELSEC iQ-F Series Vulnerability: Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to prevent legitimate users from logging into the web server function for a ...

1
2
3 (current)

Letzte Updates

BOSCH PSIRT

20.03.2024

CODESYS

28.06.2023

SIEMENS CERT

19.04.2024

US CERT

10.05.2024

US CERT (ICS)

09.05.2024

Nach Quelle

BOSCH PSIRT (76)
CODESYS (36)
SIEMENS CERT (1616)
US CERT (158)
US CERT (ICS) (1518)

Feeds

RSS / Atom

Letzte Updates

Nach Quelle

Archiv

2024

2023

2022

2021

2020

2019

2018

2017

Feeds