You are here

Home » Cybersecurity

Cybersecurity

Nortek Linear eMerge E3 Series (ICSA-18-046-01)

ICS-CERT had released an advisory on a Nortek Linear eMerge E3 Series vulnerability. Linear eMerge E3 series Versions V0.32-07e and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to execute malicious code on the system with elevated privileges, allowing for full control of the server. Nortek recommends that affected users upgrade by following the process outlined on Page 47 of the E3 User Programming Guide. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.

Tags: 
ics-cert nortek

Schneider Electric IGSS SCADA Software (ICSA-18-044-02) – Product Used in the Energy Sector

ICS-CERT has released an advisory on a Schneider Electric IGSS SCADA Software vulnerability. IGSS SCADA Software V12 and all previous versions are affected. Successful exploitation of this vulnerability could cause the device the attacker is accessing to crash or execute arbitrary code. Schneider Electric has provided IGSS SCADA Software V13 to address this vulnerability.  ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.

Tags: 
ics-cert schneider electric

WAGO PFC200 Series (ICSA-18-044-01) – Product Used in the Energy Sector

ICS-CERT has released an advisory on a WAGO PFC200 Series vulnerability. Numerous versions of this product are affected. Successful exploitation of this vulnerability could allow a remote attacker unauthorized access to the PLC to perform operations on the file system without authentication. WAGO released a security patch with FW11. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

Tags: 
ics-cert wago

3S-Smart Software Solutions GmbH CODESYS Web Server (ICSA-18-032-02) – Product Used in the Energy Sector

ICS-CERT has released an advisory on a 3S-Smart Software Solutions GmbH CODESYS Web Server vulnerability. All Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19, are affected. Successful exploitation of this vulnerability could cause the device the attacker is accessing to crash, resulting in a buffer overflow condition that may allow remote code execution.

Tags: 
ics-cert 3s-smart software solutions

Fuji Electric V-Server VPR (ICSA-18-032-01)

ICS-CERT has released an advisory on a Fuji Electric V-Server VPR vulnerability. Versions 4.0.1.0 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to view sensitive information and disrupt the availability of the device. Fuji Electric has produced firmware 4.0.3.0. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

Tags: 
ics-cert fuji electric

Gemalto Sentinel License Manager (ICSA-18-032-03)

ICS-CERT has released an advisory on a Gemalto Sentinel License Manager vulnerability. All HASP SRM, Sentinel HASP, and Sentinel LDK products prior to Sentinel LDK RTE 7.55 are affected. Successful exploitation of these vulnerabilities could lead to remote code execution or cause a denial-of-service condition, rendering the Sentinel LDK License Manager service unavailable.

Tags: 
ics-cert gemalto

Siemens TeleControl Server Basic (ICSA-18-030-02)

ICS-CERT has released an advisory on a Siemens TeleControl Server Basic vulnerability. Versions prior to V3.1 are affected. Successful exploitation of these vulnerabilities could allow for escalation of privileges to perform administrative actions. Siemens recommends that users install the latest version of TeleControl Server Basic. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

Tags: 
ics-cert siemens

Pages

Subscribe to Cybersecurity