You are here

Home » Cybersecurity

Cybersecurity

Schneider Electric SoMove Software and DTM Software (ICSA-18-065-02)

ICS-CERT has released an advisory on a Schneider Electric SoMove Software and DTM Software vulnerability. Numerous versions of this product are affected. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. Schneider Electric has provided updates for the affected software packages. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

 

Tags: 
ics-cert schneider electric

Hirschmann Automation and Control GmbH Classic Platform Switches (ICSA-18-065-01)

ICS-CERT has released an advisory on a Hirschmann Automation and Control GmbH Classic Platform Switches vulnerability. Numerous versions of this product are affected. Successful exploitation of these vulnerabilities could allow the attacker to hijack web sessions, impersonate a legitimate user, receive sensitive information, and gain access to the device. Hirschmann strongly recommends users restrict access to remote management access and apply a series of mitigation measures.

Tags: 
ics-cert hirschmann automation and control gmbh

Delta Electronics Delta Industrial Automation DOPSoft (ICSA-18-060-03)

ICS-CERT has released an advisory on a Delta Electronics Delta Industrial Automation DOPSoft vulnerability. Delta Industrial Automation DOPSoft version 4.00.01 and prior are affected. Successful exploitation of this vulnerability could cause the device the attacker is accessing to crash; a buffer overflow condition may allow remote code execution. Delta Electronics recommends affected users update to the latest version of DOPSoft Version 4.00.04. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.

Tags: 
ics-cert delta electronics

Moxa OnCell G3100-HSPA Series (ICSA-18-060-02)

ICS-CERT has released an advisory on a Moxa OnCell G3100-HSPA vulnerability. OnCell G3100-HSPA series version 1.4 build 16062919 and prior are affected. Successful exploitation of these vulnerabilities may allow an attacker to remotely execute code on the device. As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. Moxa has released new firmware for OnCell G3100-HSPA. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.

Tags: 
ics-cert moxa

Siemens SIMATIC, SIMOTION, and SINUMERIK (ICSA-18-060-01) – Product Used in the Water and Wastewater and Energy Sectors

ICS-CERT has released an advisory on a Siemens SIMATC, SIMOTION, and SINUMERIK vulnerability. Numerous versions of this product are affected. Successful exploitation of these vulnerabilities could result in execution of arbitrary code, extended privileges, and unauthenticated access to sensitive data. As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms.

Tags: 
ics-cert siemens

Emerson ControlWave Micro Process Automation Controller (ICSA-18-058-01) – Product Used in the Water and Wastewater and Energy Sectors

ICS-CERT has released an advisory on an Emerson ControlWave Micro Process Automation Controller vulnerability. Versions 05.78.00 and prior are affected. Exploitation may possibly cause a halt of Ethernet functionality, requiring a cold start to restore the system as well as communications related to ControlWave Designer access. This can possibly result in a loss of system availability and disruption in communications with other connected devices. Emerson has offered a list of recommendations to address this vulnerability.

Tags: 
ics-cert emerson

Siemens SIMATIC Industrial PCs (ICSA-18-058-01) – Product Used in the Water and Wastewater and Energy Sectors

ICS-CERT has released an advisory on a Siemens SIMATIC Industrial PCs vulnerability. Siemens reports the vulnerability affects a number of versions of SIMATIC Industrial PCs using a version of Infineon’s Trusted Platform Model (TPM). Successful exploitation of this vulnerability could make it easier for attackers to conduct cryptographic attacks against the key material. As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms.

Tags: 
ics-cert siemens simatic

ABB netCADOPS Web Application (ICSA-18-051-01) – Product Used in the Energy Sector

ICS-CERT has released an advisory on an ABB netCADOPS Web Application vulnerability. Multiple versions of this product are affected. Successful exploitation of this vulnerability could allow critical information about the database to be exposed. ABB has released product updates to mitigate the vulnerability. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

Tags: 
ics-cert abb

Pages

Subscribe to Cybersecurity