June 2021
29.06.2021
US CERT (ICS)
Exacq Technologies exacqVision Web Service
Title
Exacq Technologies exacqVision Web Service
Published
June 29, 2021, 4:25 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01
Summary
This advisory contains mitigations for a Cross-site Scripting vulnerability in Exacq Technologies exacqVision Web Service software.
29.06.2021
US CERT (ICS)
Exacq Technologies exacqVision Enterprise Manager
Title
Exacq Technologies exacqVision Enterprise Manager
Published
June 29, 2021, 4:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-02
Summary
This advisory contains mitigations for a Cross-site Scripting vulnerability in Exacq Technologies exacqVision Enterprise Manager software.
29.06.2021
US CERT (ICS)
Panasonic FPWIN Pro
Title
Panasonic FPWIN Pro
Published
June 29, 2021, 4:15 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03
Summary
This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Panasonic FPWIN Pro programming control software.
29.06.2021
US CERT (ICS)
JTEKT TOYOPUC PLC
Title
JTEKT TOYOPUC PLC
Published
June 29, 2021, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-04
Summary
This advisory contains mitigations for an Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the JTEKT TOYOPUC programmable logic controller (PLC).
22.06.2021
US CERT (ICS)
CODESYS V2 web server
Title
CODESYS V2 web server
Published
June 22, 2021, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-173-02
Summary
This advisory contains mitigations for Stack-based Buffer Overflow, Improper Access Control, Buffer Copy without Checking Size of Input, Improperly Implemented Security Check, Out-of-bounds Write, and Out-of-bounds Read vulnerabilities in CODESYS V2 web servers.
22.06.2021
US CERT (ICS)
CODESYS Control V2 communication
Title
CODESYS Control V2 communication
Published
June 22, 2021, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-173-03
Summary
This advisory contains mitigations for Stack-based Buffer Overflow, Heap-based Buffer Overflow, and Improper Input Validation vulnerabilities in CODESYS V2 runtime systems software
22.06.2021
US CERT (ICS)
CODESYS Control V2 Linux SysFile library
Title
CODESYS Control V2 Linux SysFile library
Published
June 22, 2021, 4 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-173-04
Summary
This advisory contains mitigations for an OS Command Injection vulnerability in CODESYS V2 Runtime Toolkit software.
17.06.2021
US CERT (ICS)
Schneider Electric Enerlin'X Com’X 510
Title
Schneider Electric Enerlin'X Com’X 510
Published
June 17, 2021, 4:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-168-01
Summary
This advisory contains mitigations for a Improper Privilege Management vulnerability in Schneider Electric Enerlin'X Com’X 510 energy servers.
17.06.2021
US CERT (ICS)
Softing OPC-UA C++ SDK
Title
Softing OPC-UA C++ SDK
Published
June 17, 2021, 4:15 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-168-02
Summary
This advisory contains mitigations for an Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Softing OPC-UA C++ Software Development Kit (SDK).
17.06.2021
US CERT (ICS)
WAGO M&M Software fdtCONTAINER (Update C)
Title
WAGO M&M Software fdtCONTAINER (Update C)
Published
June 17, 2021, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-021-05
Summary
This updated advisory is a follow-up to the advisory update titled ICSA-21-021-05 WAGO M&M Software fdtCONTAINER (Update B) that was published February 16, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for a Deserialization of Untrusted Data vulnerability in the M&M (a WAGO subsidiary) fdtCONTAINER application.
17.06.2021
US CERT (ICS)
Rockwell Automation ISaGRAF5 Runtime (Update A)
Title
Rockwell Automation ISaGRAF5 Runtime (Update A)
Published
June 17, 2021, 4 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-20-280-01
Summary
This updated advisory is a follow-up to the portal-to-web advisory titled ICSA-20-280-01P Rockwell Automation ISaGRAF5 Runtime. This advisory was originally posted to the HSIN ICS library on October 6, 2020, and was then published as ICSA-20-280-01 Rockwell Automation ISaGRAF5 Runtime to the ICS webpage on us-cert.cisa.gov on June 8, 2021. ...
15.06.2021
US CERT (ICS)
ThroughTek P2P SDK
Title
ThroughTek P2P SDK
Published
June 15, 2021, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-166-01
Summary
This advisory contains mitigations for a Cleartext Transmission of Sensitive Information vulnerability in ThroughTek P2P Software Development Kit (SDK).
March 2021
16.03.2021
US CERT (ICS)
GE UR family
Title
GE UR family
Published
March 16, 2021, 3:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-075-02
Summary
This advisory contains mitigations for multiple vulnerabilities in GE UR family of protection and control relays.
16.03.2021
US CERT (ICS)
Hitachi ABB Power Grids AFS Series
Title
Hitachi ABB Power Grids AFS Series
Published
March 16, 2021, 3:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-075-03
Summary
This advisory contains mitigations for an Infinite Loop vulnerability in Hitachi ABB Power Grids AFS Series products.
16.03.2021
US CERT (ICS)
BD Alaris 8015 PC Unit (Update B)
Title
BD Alaris 8015 PC Unit (Update B)
Published
March 16, 2021, 3 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsma-17-017-02
Summary
This updated advisory is a follow-up to the advisory update titled ICSMA-17-017-02 BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities (Update A) that was published October 19, 2017, to the ICS webpage on us-cert.cisa.gov. This advisory contains compensating controls to reduce the risk of exploitation of insufficiently protected credentials and security ...
09.03.2021
US CERT (ICS)
Siemens SIMATIC S7-PLCSIM
Title
Siemens SIMATIC S7-PLCSIM
Published
March 9, 2021, 5:40 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-01
Summary
This advisory contains mitigations for Infinite Loop, NULL Pointer Dereference, and Divide by Zero vulnerabilities in Siemens SIMATIC S7-PLCSIM software.
09.03.2021
US CERT (ICS)
Siemens SCALANCE and RUGGEDCOM Devices SSH
Title
Siemens SCALANCE and RUGGEDCOM Devices SSH
Published
March 9, 2021, 5:35 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02
Summary
This advisory contains mitigations for a n Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens SCALANCE and RUGGEDCOM industrial communication devices.
09.03.2021
US CERT (ICS)
Siemens SCALANCE and RUGGEDCOM Devices
Title
Siemens SCALANCE and RUGGEDCOM Devices
Published
March 9, 2021, 5:30 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-03
Summary
This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in Siemens SCALANCE and RUGGEDCOM industrial communication devices.
09.03.2021
US CERT (ICS)
Siemens LOGO! 8 BM
Title
Siemens LOGO! 8 BM
Published
March 9, 2021, 5:20 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-05
Summary
This advisory contains mitigations for an Improper Handling of Exceptional Conditions vulnerability in Siemens LOGO! BM programmable logic controllers.
09.03.2021
US CERT (ICS)
TCP/IP Stack Vulnerabilities–AMNESIA:33 in SENTRON PAC / 3VA Devices
Title
TCP/IP Stack Vulnerabilities–AMNESIA:33 in SENTRON PAC / 3VA Devices
Published
March 9, 2021, 5:15 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-06
Summary
This advisory contains mitigations for Out-of-bounds Read, and Out-of-bounds Write vulnerabilities in Siemens SENTRON PAC / 3VA Devices power monitoring devices.
09.03.2021
US CERT (ICS)
Siemens TCP Stack of SIMATIC MV400
Title
Siemens TCP Stack of SIMATIC MV400
Published
March 9, 2021, 5:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-07
Summary
This advisory contains mitigations for Improper Validation of Specified Index, Position, or Offset in Input; and Use of Insufficiently Random Values vulnerabilities in Siemens SIMATIC MV400 optical code reader software.
09.03.2021
US CERT (ICS)
Siemens Energy PLUSCONTROL 1st Gen
Title
Siemens Energy PLUSCONTROL 1st Gen
Published
March 9, 2021, 5:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-08
Summary
This advisory contains mitigations for a Predictable Exact Value from Previous Values vulnerability in Siemens Energy PLUSCONTROL 1st Gen energy management systems.
09.03.2021
US CERT (ICS)
Siemens Solid Edge File Parsing
Title
Siemens Solid Edge File Parsing
Published
March 9, 2021, 5 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-068-09
Summary
This advisory contains mitigations for a Out-of-bounds Write, Improper Restriction of XML External Entity Reference, and Out-of-bounds Read vulnerabilities in Siemens Solid Edge portfolio software tools.
02.03.2021
US CERT (ICS)
Hitachi ABB Power Grids Ellipse EAM
Title
Hitachi ABB Power Grids Ellipse EAM
Published
March 2, 2021, 4:10 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-061-01
Summary
This advisory contains mitigations for Cross-site Scripting, and User Interface Misrepresentation of Critical Information vulnerabilities in Hitachi ABB Power Grids Ellipse EAM software products.
02.03.2021
US CERT (ICS)
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers
Title
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers
Published
March 2, 2021, 4:05 p.m.
URL
https://us-cert.cisa.gov/ics/advisories/icsa-21-061-02
Summary
This advisory contains mitigations for an Improper Input Validation vulnerability in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 controllers.

Last Updates

BOSCH PSIRT
15.01.2025
SIEMENS CERT
17.04.2025
US CERT
01.04.2025
US CERT (ICS)
17.04.2025

By Source

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Feeds