CISA (ICS)
01/17/2011
Overview Independent researcher Luigi Auriemma reported a stack overflow vulnerability in Version 2.07.00 of the Sielco Sistemi WinLog Lite and Winlog Pro HMI software. Sielco Sistemi has developed an update (Version 2.07.01) to address this vulnerability. The researcher has verified that the update is effective in correcting this vulnerability. Affected …
CISA (ICS)
01/02/2011
Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the test web server bundled with Advantech Studio Version 6.1. This web server is intended to be used for testing purposes and should not be used in a production …
CISA (ICS)
12/28/2010
Overview This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal , published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow data leakage. ICS-CERT is currently in …
CISA (ICS)
12/15/2010
OVERVIEW This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities , published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data Acquisition (SCADA) applications. A directory traversal vulnerability is present in …
CISA (ICS)
12/14/2010
Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow the execution of arbitrary code. Ecava has verified the claim and has released a patch to mitigate the vulnerability …
CISA (ICS)
11/17/2010
Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a heap corruption vulnerability in the Automated Solutions Modbus/TCP Master OPC server. Automated Solutions has confirmed that their most recent patch mitigates the vulnerability for Version 3.0.0. ICS-CERT has verified that the software update resolves …
CISA (ICS)
11/10/2010
Overview --------- Begin Update A Part 1 of 2 ---------- On October 20, 2010, an independent security researcher postedRubén Santamarta, http://www.reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=1, website last visited October 28, 2010. information regarding a vulnerability in MOXA Device Manager (MDM) Version 2.1. MOXA has confirmed this vulnerability and released Version 2.3 on November 11, …
CISA (ICS)
11/08/2010
Overview This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows , which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationResearcher, http://aluigi.altervista.org/adv/realwin1-adv.txt, website last visited November 4, 2010. regarding vulnerabilities in RealFlex Technologies Ltd. RealWin SCADA …