Dienstag, 04.02.2025
13:00
US CERT (ICS)
Western Telematic Inc NPS Series, DSM Series, CPM Series
Titel
Western Telematic Inc NPS Series, DSM Series, CPM Series
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-01
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Western Telematic Inc Equipment: NPS Series, DSM Series, CPM Series Vulnerability: External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to gain privileged access to ...
13:00
US CERT (ICS)
Rockwell Automation 1756-L8zS3 and 1756-L3zS3
Titel
Rockwell Automation 1756-L8zS3 and 1756-L3zS3
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-02
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 1756-L8zS3, 1756-L3zS3 Vulnerability: Improper Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote, non-privileged user to send malicious requests resulting in a major nonrecoverable fault causing ...
13:00
US CERT (ICS)
Schneider Electric Pro-face GP-Pro EX and Remote HMI
Titel
Schneider Electric Pro-face GP-Pro EX and Remote HMI
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-07
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: Pro-face GP-Pro EX and Remote HMI Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow man-in-the-middle attacks, resulting in information disclosure, integrity ...
13:00
US CERT (ICS)
Schneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
Titel
Schneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-04
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC Vulnerability: Incorrect Calculation of Buffer Size 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service of the product when an unauthenticated user ...
13:00
US CERT (ICS)
AutomationDirect C-more EA9 HMI
Titel
AutomationDirect C-more EA9 HMI
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-08
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: C-more EA9 HMI Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition or achieve remote ...
13:00
US CERT (ICS)
Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H
Titel
Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-06
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon M340 and BMXNOE0100/0110, BMXNOR0200H Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could cause information disclosure of a restricted web page, modification of ...
13:00
US CERT (ICS)
Schneider Electric Web Designer for Modicon
Titel
Schneider Electric Web Designer for Modicon
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-05
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Web Designer for Modicon Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information disclosure, workstation integrity and potential remote code execution on the ...
13:00
US CERT (ICS)
Elber Communications Equipment
Titel
Elber Communications Equipment
Veröffentlicht
4. Februar 2025 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Elber Equipment: Communications Equipment Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Hidden Functionality 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker unauthorized administrative access to the affected ...

Letzte Updates

BOSCH PSIRT
15.01.2025
SIEMENS CERT
15.01.2025
US CERT
15.01.2025
US CERT (ICS)
04.02.2025

Nach Quelle

Archiv

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds