Siemens Polarion ALM
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Serv…
Siemens SCALANCE X-200IRT Devices
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable with adjacent access Vendor: Siemens Equipment: SCALANCE X-200IRT Devices Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attacker in a machine-in…
Siemens in OPC Foundation Local Discovery Server
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: OPC Foundation Local Discovery Server Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to create a malicious file loa…
Siemens Path Traversal TIA Portal
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity Vendor: Siemens Equipment: TIA Portal Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution. 3. TECHNICAL DETAILS …
Siemens JT Open and JT Utilities
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT Open and JT Utilities Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code in the context of the current proce…
Siemens Adaptec maxView Application
1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Adaptec maxView Application Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to de…
FANUC ROBOGUIDE-HandlingPRO
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: ROBOGUIDE-HandlingPRO Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and/or overwrite files on the system running the affec…
mySCADA myPRO
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: mySCADA Technologies Equipment: mySCADA myPRO Vulnerabilities: OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an …
JTEKT ELECTRONICS Kostac PLC Programming Software
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: JTEKT ELECTRONICS CORPORATION Equipment: Kostac PLC Programming Software Vulnerabilities: Out-of-bounds Read, Use After Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker …
JTEKT ELECTRONICS Screen Creator Advance 2
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: JTEKT ELECTRONICS CORPORATION Equipment: Screen Creator Advance 2 Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Use After Free 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allo…