Bulletins | CERT@VDE

1
2
3 (current)

Thursday, 09.11.2023

13:00

US CERT (ICS)

Hitachi Energy eSOMS

Title

Hitachi Energy eSOMS

Published

Nov. 9, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: eSOMS Vulnerabilities: Generation of Error Message Containing Sensitive Information, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose ...

13:00

US CERT (ICS)

Johnson Controls Quantum HD Unity

Title

Johnson Controls Quantum HD Unity

Published

Nov. 9, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-01

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable Remotely/Low attack complexity Vendor: Johnson Controls Inc. Equipment: Quantum HD Unity Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to access debug features that were accidentally exposed. 3. TECHNICAL DETAILS 3.1 ...

Tuesday, 07.11.2023

13:00

US CERT (ICS)

GE MiCOM S1 Agile

Title

GE MiCOM S1 Agile

Published

Nov. 7, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-311-23

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low attack complexity Vendor: General Electric Equipment: MiCOM S1 Agile Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload malicious files and achieve code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ...

Thursday, 02.11.2023

13:00

US CERT (ICS)

Franklin Fueling System TS-550

Title

Franklin Fueling System TS-550

Published

Nov. 2, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-04

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Fueling System Equipment: TS-550 Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access the device and gain unauthenticated ...

13:00

US CERT (ICS)

Schneider Electric SpaceLogic C-Bus Toolkit

Title

Schneider Electric SpaceLogic C-Bus Toolkit

Published

Nov. 2, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-06

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: SpaceLogic C-Bus Toolkit Vulnerabilities: Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform remote code execution, which could result in tampering of the ...

13:00

US CERT (ICS)

Mitsubishi Electric MELSEC Series

Title

Mitsubishi Electric MELSEC Series

Published

Nov. 2, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-03

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC Series Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to reset the memory of the products to factory default state ...

13:00

US CERT (ICS)

Weintek EasyBuilder Pro

Title

Weintek EasyBuilder Pro

Published

Nov. 2, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-05

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Weintek Equipment: EasyBuilder Pro Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain remote control of a victim's computer as a privileged user. 3. TECHNICAL DETAILS ...

13:00

US CERT (ICS)

Mitsubishi Electric MELSEC iQ-F Series CPU Module

Title

Mitsubishi Electric MELSEC iQ-F Series CPU Module

Published

Nov. 2, 2023, 1 p.m.

URL

https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-02

Summary

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Equipment: MELSEC iQ-F Series Vulnerability: Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to prevent legitimate users from logging into the web server function for a ...

1
2
3 (current)

Last Updates

BOSCH PSIRT

20.03.2024

CODESYS

28.06.2023

SIEMENS CERT

19.04.2024

US CERT

17.04.2024

US CERT (ICS)

07.05.2024

By Source

BOSCH PSIRT (76)
CODESYS (36)
SIEMENS CERT (1616)
US CERT (157)
US CERT (ICS) (1516)

Feeds

RSS / Atom

Last Updates

By Source

Archive

2024

2023

2022

2021

2020

2019

2018

2017

Feeds