You are here

Home

ics-cert

Ctek, Inc. SkyRouter (ICSA-17-264-02) – Product Used in the Water and Wastewater Sector

ICS-CERT has released an advisory on a Ctek, Inc. SkyRouter vulnerability. SkyRouter Series 4200 and 4400 all versions prior to V6.00.11 are affected. Successful exploitation of this vulnerability may allow an unauthorized user to view and edit settings without authenticating. Ctek, Inc., reports it has addressed this issue and addressed additional security requirements in its latest security release V6.00.11, which is now available on all models currently in production. ICS-CERT.

Tags: 
ics-cert ctek

Schneider Electric InduSoft Web Studio, InTouch Machine Edition (ICSA-17-264-01) – Product Used in the Water and Wastewater and Energy Sectors

ICS-CERT has released an advisory on a vulnerability in Schneider Electric InduSoft Web Studio, InTouch Machine Edition. InduSoft Web Studio v8.0 SP2 or prior and InTouch Machine Edition v8.0 SP2 or prior are affected. Successful exploitation of this vulnerability could allow an attacker to remotely execute arbitrary commands with high privileges. Schneider Electric recommends users using InduSoft Web Studio v8.0 SP2 or prior should upgrade and apply InduSoft Web Studio v8.0 SP2 Patch 1 as soon as possible.

Tags: 
ics-cert schneider electric indusoft

PHOENIX CONTACT mGuard Device Manager (ICSA-17-262-01)

ICS-CERT has released an advisory on a PHOENIX CONTACT mGuard Device Manager. Versions 1.8.0 and older are affected. Successful exploitation of these vulnerabilities could allow unauthorized remote access, modification of data, and may allow remote and local users to gain elevated privileges. PHOENIX CONTACT recommends that all users of the affected product on Windows should update to at least Version 1.8.0.1. ICS-CERT.

Tags: 
ics-cert phoenix contact

mySCADA myPRO (ICSA-17-255-01) – Product Used in the Water and Wastewater Sector

ICS-CERT has released an advisory on a vulnerability in mySCADA myPRO, an HMI/SCADA management platform. myPRO Versions 7.0.26 and prior are affected. Successful exploitation of this vulnerability may allow an authenticated, but non-privileged, local user to execute arbitrary code with elevated privileges. mySCADA has released new versions that address the identified vulnerability. ICS-CERT.

 

Tags: 
ics-cert mySCADA myPRO

PHOENIX CONTACT, Innominate Security Technologies mGuard Firmware (ICSA-17-250-02)

ICS-CERT has released an advisory on a PHOENIX CONTACT, Innominate Security Technologies mGuard firmware vulnerability. Versions 8.0.0 to 8.5.1 of the firmware running on a variety of mGuard Network Security Appliances are affected. Successful exploitation of this vulnerability could allow attackers to cause a remote denial of service and force a restart of all IPSec connections. PHOENIX CONTACT and Innominate Security Technologies recommend users update to firmware Version 8.5.2 or higher, which fixes this vulnerability.

Tags: 
ics-cert phoenix contact innominate security technologies

Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B) (ICSA-16-308-02B) – Updated July 27, 2017

July 27, 2017

ICS-CERT has updated its advisory titled “Schneider Electric Magelis HMI Resource Consumption Vulnerabilities.” Schneider Electric has released a new version of Vijeo XD, Version 2.4.2, which does not integrate the web server feature containing the identified vulnerabilities. ICS-CERT.

November 22, 2016

Tags: 
ics-cert schneider electric magelis hmi

Pages

Subscribe to ics-cert