esorics2020-merged_icsa_alert.csv

icsa_id,icsa_url,icsa_release,icsa_update,icsa_description,icsa_is_update,icsa_vendor,icsa_oneliner
ICSA-10-070-01A,https://www.us-cert.gov/ics/advisories/ICSA-10-070-01A,2010-05-03,2018-08-23,Rockwell Automation RSLinx Classic EDS Vulnerability (Update A),1,Rockwell Automation," A buffer overflow vulnerability exists in the Rockwell Automation RSLinx Classic EDS Hardware Installation Tool (RSHWare.exe). This vulnerability is likely exploitable; however, significant user interaction would be required."
ICSA-10-070-02,https://www.us-cert.gov/ics/advisories/ICSA-10-070-02,2010-03-10,2014-10-23,Rockwell PLC5/SLC5/0x/RSLogix Security Vulnerability,1,Rockwell Automation," Rockwell Automation has identified a security vulnerability in the programming and configuration client software authentication mechanism employed by certain versions of the PLC-5 and SLC 5/0x family of programmable controllers."
ICSA-10-090-01,https://www.us-cert.gov/ics/advisories/ICSA-10-090-01,2010-03-31,2014-01-20,Mariposa Botnet,0,Other," ICS-CERT has received reports and investigated infections of the Mariposaa botnet, which have affected the business networks of multiple control system owners in recent months. ICS-CERT has no information to indicate that these infections have specifically targeted United States Critical Infrastructure and Key Resources (CIKR), or any specific sector or organization."
ICSA-10-097-01,https://www.us-cert.gov/ics/advisories/ICSA-10-097-01,2010-04-27,2018-09-06,ABB NETCADOPS HELP SYSTEM VULNERABILITY,1,ABB," A cross-site scriptinga vulnerability exists in the system used by the ABB Electrical Distribution Management System (DMS) product netCADOPS to generate online Help."
ICSA-10-147-01,https://www.us-cert.gov/ics/advisories/ICSA-10-147-01,2010-05-27,2014-09-09,Cisco Network Building Mediator,1,Cisco," Cisco has identified multiple security vulnerabilitiesa in the Cisco Network Building Mediator (NBM) products. These vulnerabilities also affect the legacy Richards-Zeta Mediator products. The following vulnerabilities have been identified: default credentials, privilege escalation, unauthorized information interception, and unauthorized information access. Successful exploitation of any of these vulnerabilities could result in a malicious user taking complete control over an affected device."
ICSA-10-201-01C,https://www.us-cert.gov/ics/advisories/ICSA-10-201-01C,2010-08-02,2014-01-08,USB Malware Targeting Siemens Control Software (Update C),1,Siemens," VirusBlokAda, an antivirus vendor based in Belarus, announceda the discovery of malware that uses a zero-day vulnerability in Microsoft Windows processing of shortcut files. The malware utilizes this zero-day vulnerability and exploits systems after users open a USB drive with a file manager capable of displaying icons (like Windows Explorer). US-CERT has released a Vulnerability Noteb detailing the vulnerability and suggested workarounds. Microsoft has also released a Security Advisory (2286198)c detailing the previously unknown vulnerability. ICS-CERT has confirmed the malware installs a trojan that interacts with installed SIMATIC® WinCC or SIMATIC® Siemens STEP 7 software and then makes queries to any discovered SIMATIC® databases. The full capabilities of the malware and intent or results of the queries are not yet known. ICS-CERT is coordinating with Siemens CERT, CERT/CC, Microsoft, and other groups both domestically"
ICSA-10-214-01,https://www.us-cert.gov/ics/advisories/ICSA-10-214-01,2010-08-02,2018-09-06,Wind River VxWorks Vulnerabilities,1,Wind River," A security researcher has identified two vulnerabilities affecting the Wind River Systems’ VxWorks platform. The vulnerabilities are a debug service enabled by default (VU#362332) and a weak hashing algorithm used in authentication (VU#840249). ICS-CERT has been coordinating with CERT/CC in alerting control systems vendors of these vulnerabilities. ICS-CERT will continue to coordinate and publish updates as needed."
ICSA-10-228-01,https://www.us-cert.gov/ics/advisories/ICSA-10-228-01,2010-08-16,2013-05-08,Vendor Admin Accounts Warning,0,Other," An asset owner recently notified the ICS-CERT that a vendor support contractor had added an administrative-level account during installation of new control systems software. The support contractor intended the account to be the default used to train their people for all future work on those systems. The addition of an administrative account to an ICS network with the password known by a contract company increases the cybersecurity risk to the asset owner. This advisory highlights existing practices that may adversely impact the cybersecurity of industrial control systems (ICS) environments relative to malicious actors."
ICSA-10-238-01B,https://www.us-cert.gov/ics/advisories/ICSA-10-238-01B,2010-09-15,2014-01-08,Stuxnet Malware Mitigation (Update B),1,Siemens," In July, ICS-CERT published an advisory and a series of updates regarding the Stuxnet malware entitled “ICSA-10-201 USB Malware Targeting Siemens Control Software.” Since then, ICS-CERT has continued analysis of the Stuxnet malware in an effort to determine more about its capabilities and intent. As the analysis has progressed, understanding of the malware sophistication has continued to increase. Stuxnet makes use of a previously unpatched Windows vulnerability and a digitally signed kernel-mode rootkit. There have been two digital certificates used to sign this rootkit. The original certificate was revoked. Subsequently, a second variant was discovered in which the same rootkit was signed with a different key, which has also been revoked. With approximately 4,000 functions, Stuxnet contains as much code as some commercial software products. The complex code is object oriented and employs many programming techniques that demonstrate advanced knowledge in many areas, including the Windows operating system, Microsoft SQL Server, Siemens software, and Siemens PLCs. The malware also employs many advanced anti-analysis techniques that make reverse engineering difficult and time consuming. ICS-CERT has identified that while USB drives appear to be a primary infection mechanism, Stuxnet can also infect systems through network shares and SQL databases. The Stuxnet malware stores dropped files in many locations on a target system. The infection mechanism is complex, and the exact files that may be dropped will vary depending on the system it is infecting. After infecting a system, the malware gathers extensive data from MS SQL server, Windows registry, and application software. Once the malware has installed itself on a system, it employs many evasive techniques, including bypassing antivirus software, advanced process injection, hooking useful functions by kernel-mode rootkits, and the quick removal of temporary files. ICS-CERT is continuing to reverse engineer and analyze this malware. Because of the malware’s complexity, this work is expected to take some time."
ICSA-10-264-01,https://www.us-cert.gov/ics/advisories/ICSA-10-264-01,2010-09-21,2018-09-06,SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability,1,SCADA Engine," This advisory is a follow-up to ICS-ALERT-10-260-01 SCADA Engine BACnet OPC Client Buffer Overflow, which was published on the ICS-CERT Web site on September 17, 2010. A buffer overflow vulnerability has been reporteda in SCADA Engine’s BACnet OPC Client. Using a specially crafted malicious file, this vulnerability could allow an attacker to crash the application and execute arbitrary code. A software update is available that resolves this vulnerability. ICS-CERT is aware that exploit code for this vulnerability is publicly available.b  However, ICS-CERT has not received any reports of the vulnerability being exploited in the wild."
ICSA-10-272-01,https://www.us-cert.gov/ics/advisories/ICSA-10-272-01,2010-09-29,2018-09-06,Primary Stuxnet Advisory,1,Other," ICS-CERT has been actively investigating and reporting on the Stuxnet vulnerability. To date, ICS-CERT has released ICSA-10-201-01 - Malware Targeting Siemens Control Software (including Updates B & C) and ICSA-10-238-01 - Stuxnet Mitigations (including Update B). Stuxnet uses four zero-day exploits (two of which have been patched) and takes advantage of a vulnerability also exploited by Conficker, which has been documented in Microsoft Security Bulletin MS-08-067.a The known methods of propagation include infected USB devices, network shares, STEP 7 Project files, WinCC database files, and the print spooler vulnerability addressed by MS-10-061.b The malware can be updated through a command and control infrastructure as well as peer-to-peer communication using the Remote Procedure Call (RPC) protocol. The malware also interacts with Siemens SIMATIC WinCC or SIMATIC STEP 7 software. Exact software versions and configurations that may be affected are still being analyzed jointly by ICS-CERT and Siemens. We have listed the following indicators for use in detecting this malware."
ICSA-10-301-01A,https://www.us-cert.gov/ics/advisories/ICSA-10-301-01A,2010-11-10,2018-08-23,MOXA Device Manager Buffer Overflow (Update A),1,Moxa,
ICSA-10-313-01,https://www.us-cert.gov/ics/advisories/ICSA-10-313-01,2010-11-08,2018-09-06,RealFlex RealWin Buffer Overflow,1,RealFlex Technologies," This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows, which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationa  regarding vulnerabilities in RealFlex Technologies Ltd. RealWin SCADA software products. The security researcher’s analysis indicated that successful exploitation of these vulnerabilities can lead to arbitrary code execution and control of the system. RealFlex Technologies has validated the researcher’s findings and released an updateb to resolve these issues. ICS-CERT has verified that the software update resolves the vulnerabilities highlighted by the researcher."
ICSA-10-314-01A,https://www.us-cert.gov/ics/advisories/ICSA-10-314-01A,2011-02-15,2018-08-23,ClearScada Vulnerabilities (Update A),1,Schneider Electric," Researchers at Digital Bond have identified multiple vulnerabilities in the Control Microsystems ClearSCADA application. The following vulnerabilities have been identified: Heap Overflow VulnerabilityCross-site Scripting VulnerabilitiesInsecure Web Authentication."
ICSA-10-316-01A,https://www.us-cert.gov/ics/advisories/ICSA-10-316-01A,2010-12-15,2018-09-06,Intellicom NetBiter WebSCADA Vulnerabilities (Update A),1,Intellicom," This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities, published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data Acquisition (SCADA) applications. A directory traversal vulnerability is present in all affected devices that lead to local file disclosure. The ability to upload malicious web content using a custom logo page is also possible. All of the reported vulnerabilities require superadmin privileges. If the default password is not changed, the vulnerability can be leveraged to gain additional access to an affected device’s file system."
ICSA-10-322-01,https://www.us-cert.gov/ics/advisories/ICSA-10-322-01,2010-12-14,2013-04-29,Ecava IntegraXor Buffer Overflow,1,Ecava," The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow the execution of arbitrary code. Ecava has verified the claim and has released a patch to mitigate the vulnerability (igsetup-3.5.3900.10.msi or later)."
ICSA-10-322-02A,https://www.us-cert.gov/ics/advisories/ICSA-10-322-02A,2010-11-17,2013-08-28,Automated Solutions OPC Vulnerability (Update),1,Automated Solutions," The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a heap corruption vulnerability in the Automated Solutions Modbus/TCP Master OPC server. Automated Solutions has confirmed that their most recent patch mitigates the vulnerability for Version 3.0.0. ICS-CERT has verified that the software update resolves the vulnerability identified by the researcher. --------- Begin Update A-------- The vulnerability could be exploited by creating a Modbus/TCP Slave application that generates non-compliant Modbus/TCP reply packets. Successful exploitation would likely not allow arbitrary code execution; however, an exploit could possibly corrupt the OPC server memory. --------- End Update A--------"
ICSA-10-337-01,https://www.us-cert.gov/ics/advisories/ICSA-10-337-01,2011-01-02,2013-10-28,Advantech Studio Test Web Server Buffer Overflow,1,Advantech," The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the test web server bundled with Advantech Studio Version 6.1. This web server is intended to be used for testing purposes and should not be used in a production environment. Advantech has verified the problem and has developed a patch to mitigate the vulnerability."
ICSA-10-348-01A,https://www.us-cert.gov/ics/advisories/ICSA-10-348-01A,2011-03-02,2013-04-22,Wonderware InBatch Vulnerability (Update A),1,Invensys," An independent security researcher has published information to a vulnerability disclosure website regarding a buffer overflow vulnerability in the Wonderware InBatch and I/A Series Batch software products (all supported versions). According to the researcher’s report, the service listening on TCP Port 9001 is vulnerable to a buffer overflow that could cause denial of service (DOS) or the possible execution of arbitrary code. This vulnerability is remotely exploitable and exploit code is publicly available. --------- Begin Update A Part 1 of 2 ---------- Invensys has validated the researcher’s claim and has released a patch for this vulnerability. The patchcan be downloaded at Invensys Cyber Security Updates page.a ICS-CERT has validated the patch. ---------- End Update A Part 1 of 2 ---------- ICS-CERT is coordinating this vulnerability disclosure with Invensys and the CERT Coordination Center (CERT/CC)."
ICSA-10-362-01,https://www.us-cert.gov/ics/advisories/ICSA-10-362-01,2010-12-28,2018-09-06,Ecava IntegraXor Directory Traversal,1,Ecava," This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal, published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow data leakage. ICS-CERT is currently in contact with representatives of Ecava who have verified the vulnerability. Ecava has developed and released a patch to mitigate the vulnerability (igsetup-3.6.4000.1.msi or later) and has notified its customer base of the availability of the patch (http://www.integraxor.com/download/igsetup.msi). This patch has been verified by both the ICS-CERT and the independent security researcher."
ICSA-11-017-01,https://www.us-cert.gov/ics/advisories/ICSA-11-017-01,2011-01-17,2018-09-06,WellinTech Kingview 6.53 Remote Heap Overflow,1,WellinTech," This advisory is a follow-up to ICS-ALERT-11-011-01 WellinTech Kingview Buffer Overflow, published on the ICS-CERT Web site on January 11, 2011. Independent security researcher Dillon Beresford reported a heap overflow vulnerability in WellinTech KingView V6.53, which may allow a remote, unauthenticated attacker to execute arbitrary code. ICS-CERT has verified the vulnerability. WellinTech has developed and released a patch to mitigate this vulnerability, 6.53(2010-12-15). This patch has been validated by both ICS-CERT and the independent security researcher."
ICSA-11-017-02,https://www.us-cert.gov/ics/advisories/ICSA-11-017-02,2011-01-17,2018-09-06,Sielco Sistemi WinLog Stack Overflow,1,Sielco Sistemi," Independent researcher Luigi Auriemma reported a stack overflow vulnerability in Version 2.07.00 of the Sielco Sistemi WinLog Lite and Winlog Pro HMI software. Sielco Sistemi has developed an update (Version 2.07.01) to address this vulnerability. The researcher has verified that the update is effective in correcting this vulnerability."
ICSA-11-018-01,https://www.us-cert.gov/ics/advisories/ICSA-11-018-01,2011-01-18,2018-09-05,AGG SCADA Viewer OPC Buffer Overflow Vulnerability,1,AGG Software," The ICS-CERT has received a report from independent security researcher Steven James that a stack-based buffer overflow exists in the AGG Software OPC SCADA Viewer software. The vulnerability could allow arbitrary code execution. ICS-CERT has coordinated with AGG Software, which has developed a patch to address this vulnerability. The researcher has also verified that the patch resolves the issue."
ICSA-11-018-02,https://www.us-cert.gov/ics/advisories/ICSA-11-018-02,2011-02-08,2018-09-05,7-Technologies IGSS 8 ODBC Server Remote Heap Corruption,1,7-Technologies," ICS-CERT has received a report from independent security researcher Jeremy Brown that a remote heap corruption vulnerability exists in IGSS (Interactive Graphical SCADA System) Version 8 from 7-Technologies (7T). 7T has verified the vulnerability and has developed a patch."
ICSA-11-025-01,https://www.us-cert.gov/ics/advisories/ICSA-11-025-01,2011-01-25,2018-08-23,Federal Aviation Administration GPS Testing,1,Other," The US Federal Aviation Administration (FAA) has issued two flight advisories identifying planned Global Positioning System (GPS) temporary outages and the affected areas, due Department of Defense testing. During testing, the GPS signal may be unreliable or unavailable. ICS-CERT is issuing this advisory as a follow up to yesterday’s alert to notify industrial control systems (ICS) owners and operators whose control systems employ GPS for timing reference or positioning data of possible intermittent GPS service during the testing."
ICSA-11-041-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-041-01A,2011-02-11,2018-09-06,McAfee Night Dragon Report (Update A),1,Other," McAfee has published a white paper titled “Global Energy Cyberattacks: Night Dragon,”a  which describes advanced persistent threat activity designed to obtain sensitive data from targeted organizations in the global oil, energy, and petrochemical industries. According to the report, this activity began in 2009 or potentially as early as 2007."
ICSA-11-056-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-056-01A,2011-06-14,2018-09-05,Progea Movicon TCPUploadServer (Update A),1,Progea," ICS-CERT has received a report from independent security researcher Jeremy Brown of a data leakage and denial-of-service vulnerability in Progea’s Movicon 11 human machine interface (HMI) product. Progea has verified the vulnerability and has developed a patch to address the issue. ICS-CERT has verified that the patch resolves the vulnerability."
ICSA-11-069-01B,https://www.us-cert.gov/ics/advisories/ICSA-11-069-01B,2011-06-07,2018-09-05,Samsung Data Management Server (Update B),1,Samsung," This updated website posting provides new information regarding Samsung’s process for acquiring the updated software to mitigate the reported vulnerability. José A. Guasch,a reported a SQL injection vulnerability in the Samsung Data Management Server (DMS). Samsung has released an update and ICS-CERT has verified that the software update corrects the vulnerability."
ICSA-11-074-01,https://www.us-cert.gov/ics/advisories/ICSA-11-074-01,2011-03-15,2018-09-06,WellinTech KingView 6.53 KVWebSvr ActiveX,1,WellinTech," This advisory is a follow-up to ICS-ALERT-11-066-01 - WellinTech KingView 6.53 ActiveX Vulnerability, published on the ICS-CERT Web page on March 7, 2011. An independent security researcher reported a stack-based buffer overflow vulnerability in an ActiveX control in WellinTech KingView V6.53. The researcher has publicly released exploit code for this vulnerability. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. WellinTech has released an update for the vulnerable file. ICS-CERT has confirmed the update resolves the vulnerability."
ICSA-11-082-01,https://www.us-cert.gov/ics/advisories/ICSA-11-082-01,2011-03-23,2013-04-30,Ecava IntegraXor SQL,1,Ecava," ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research (VSR) of an unauthenticated Structured Query Language (SQL) vulnerability in the Ecava IntegraXor human machine interface (HMI) product that could allow data leakage, data manipulation, and remote code execution against the backend host running the database service. ICS-CERT has coordinated with Ecava, which has verified the vulnerability and developed a patched release of IntegraXor (Build 4050) to address this vulnerability. Both ICS-CERT and the independent security researcher have validated the patch."
ICSA-11-084-01,https://www.us-cert.gov/ics/advisories/ICSA-11-084-01,2011-03-26,2014-01-02,Solar Magnetic Storm Impact on Control Systems,0,Other," The sun generates solar flare and coronal mass ejection (CME) events in an approximate 11-year cycle. The plasma clouds generated from these events have the potential to cause geomagnetic storms that can interfere with terrestrial communications and other electronic systems, posing a risk to critical infrastructure.In a recent case, Earth-orbiting satellites detected the strongest magnetic storm in more than 4 years resulting from a solar flare and CME event.a Figure 1 illustrates the size of the CME shockwave edge in relation to the size of the sun at the point of the eruption.      Figure 1. X2-solar flare and coronal mass ejection at the time of the eruption.  At 0156 UT on February 15, 2011, Active Region 11158 unleashed an X2-class eruption.b X-flares are the largest type of X-ray flares, and this is the first such eruption of new Solar Cycle 24. The explosion that produced this flare also sent a solar tsunami rippling through the sun’s atmosphere and hurled a CME toward Earth. By the time the CME reached the Earth, the shockwave leading edge had expanded to approximately 40 million miles across. CME activity will continue to occur as this solar cycle progresses. The purpose of this Advisory is to inform the industrial control systems (ICS) community of the possible impacts of solar magnetic storms on critical infrastructure control systems. This Advisory provides a high-level overview of the potential problems and offers some general mitigation strategies for consideration by the ICS community."
ICSA-11-091-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-091-01A,2011-04-05,2018-09-06,Siemens Tecnomatix FactoryLink Vulnerabilities (Update A),1,Siemens," This ICS-CERT Advisory is a follow-up to ICS-ALERT-11-080-01. An independent researcher has identified six vulnerabilities in the Siemens Tecnomatix FactoryLink supervisory control and data acquisition (SCADA) product. The researcher has also publicly released exploit code. The researcher identified the following vulnerabilities types: Buffer overflow (2 vul)Absolute Path Traversal (3 vul)NULL Pointer Dereference (1 vul). Siemens has released a patch addressing the identified vulnerablities. ICS-CERT has not yet validated this patch."
ICSA-11-094-01,https://www.us-cert.gov/ics/advisories/ICSA-11-094-01,2011-04-13,2018-09-06,Wonderware InBatch Client ActiveX Buffer Overflow,1,Invensys," ICS-CERT has received a report from independent security researcher Jeremy Brown regarding a buffer overflow vulnerability in a Wonderware InBatch Client ActiveX control. According to the researcher’s report, the client ActiveX control is vulnerable to a buffer overflow that could cause denial of service (DoS) or the possible execution of arbitrary code in older versions. In order to successfully exploit this vulnerability, the attacker must direct the InBatch client user to a malicious host. This exploit requires the attacker to perform social engineering. Invensys has validated the researcher’s claim and has developed a patch to mitigate this vulnerability. ICS-CERT has verified that the provided security patch resolves the vulnerability."
ICSA-11-094-02B,https://www.us-cert.gov/ics/advisories/ICSA-11-094-02B,2014-01-07,2018-09-06,Advantech/Broadwin WebAccess RPC Vulnerability (Update B),1,Advantech," This updated advisory is a follow-up to the updated advisory titled ICSA-11-094-02A Advantech/Broadwin WebAccess RPC Vulnerability that was published November 4, 2011, on the NCCIC/ICS-CERT Web site."
ICSA-11-096-01,https://www.us-cert.gov/ics/advisories/ICSA-11-096-01,2011-04-06,2018-09-06,GLEG Agora SCADA+ Exploit Pack,1,Other," On March 15, 2011, GLEG Ltd. announced the Agora SCADA+ Exploit Pack for Immunity’s CANVAS system. CANVAS is a penetration testing framework that is extensible using CANVAS Exploit Packs. On March 25, 2011, GLEG announced it would be adding exploits for the 35 vulnerabilities released by Luigi Auriemma on March 21, 2011. The ICS-CERT has not received any reports of this tool being used for an unauthorized compromise of an actual control system installation. ICS-CERT has prepared this advisory to provide an initial summary of the possible vulnerabilities contained in this exploit pack. Please note that at this time, the information contained in this report is not conclusive, nor is it comprehensive. This report represents a cursory and credible snapshot of the vulnerabilities that are likely contained in the pack, based on the analysis conducted by ICS-CERT."
ICSA-11-103-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-103-01A,2011-08-15,2014-03-13,Honeywell ScanServer ActiveX Control (Update A),1,Honeywell,
ICSA-11-108-01,https://www.us-cert.gov/ics/advisories/ICSA-11-108-01,2011-04-18,2018-09-06,ICONICS GENESIS (32 & 64) Vulnerabilities,1,ICONICS," This advisory is a follow-up to ICS-ALERT-11-080-02 ICONICS GENESIS (32 & 64) Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent security researcher has published 13 vulnerabilities with proof of concept (PoC) code for the ICONICS GENESIS32 and GENESIS64 human-machine interface (HMI)/supervisory control and data acquisition (SCADA) products. The 13 remotely exploitable vulnerabilities exploit the GenBroker.exe service on Port 38080/TCP. The researcher states that the vulnerabilities fall within two classifications: twelve involve integer overflows;a one involves memory corruption.b After the aforementioned vulnerabilities were disclosed, a second, security researcher, Joel Langill of SCADAhacker,c is coordinating with the ICS-CERT on another vulnerability in the ICONICS GENESIS products. Mr. Langill reported a vulnerability in the SafeNet Sentinel License Monitor httpd 7.3 service on Port 6002/TCP, which is used by the ICONICS GENESIS32 and GENESIS64 application suites. That vulnerability is based on a previously reported vulnerability in the SafeNet Sentinel License Monitor service.d An attacker could exploit this vulnerability to allow directory traversal on the host machine. ICONICS has validated the reported vulnerabilities and released a software update that addresses all identified vulnerabilities. ICS-CERT has verified that the update released by ICONICS fully addresses all reported vulnerabilities."
ICSA-11-110-01,https://www.us-cert.gov/ics/advisories/ICSA-11-110-01,2011-04-20,2018-09-06,RealFlex RealWin Vulnerabilities,1,RealFlex Technologies," This ICS-CERT Advisory is a follow-up to the ICS-CERT Alert titled, “ICS-ALERT-11-080-04—Multiple Vulnerabilities in RealFlex RealWin.” An independent researcher has published exploit code for seven vulnerabilities identified in RealFlex Technologies’ RealWin 2.1.10 Demo Supervisory Control and Data Acquisition (SCADA) product. Multiple functions listening on Port 910/TCP are susceptible to heap and stacked-based buffer overflow vulnerabilities. The heap and stack buffer overflows may allow an attacker to remotely execute arbitrary code. RealFlex has released a new version (Version 2.1.12) of their free demo software that mitigates these vulnerabilities. ICS-CERT has verified that these vulnerabilities do not affect the RealFlex RealWin commercial version and that Version 2.1.12 resolves the vulnerabilities in the demo version."
ICSA-11-119-01,https://www.us-cert.gov/ics/advisories/ICSA-11-119-01,2011-04-29,2018-09-05,7-Technologies IGSS ODBC Remote Stack Overflow,1,7-Technologies," Security researcher James Burton of Insomnia Security has released details of a remote stack overflow vulnerability affecting 7-Technologies (7T) Interactive Graphical SCADA System (IGSS). This vulnerability exists in the IGSS Open Database Connectivity (ODBC) service running on Port 22202/TCP by default. ICS-CERT has confirmed that Insomnia Security and 7T coordinated this vulnerability prior to public release of this report. 7T has issued an update addressing this vulnerability. ICS-CERT has received confirmation that Insomnia Security has validated the effectiveness of 7T’s update in resolving the reported vulnerability."
ICSA-11-122-01,https://www.us-cert.gov/ics/advisories/ICSA-11-122-01,2011-06-24,2018-09-06,AzeoTech DAQFactory Networking Vulnerabilities,1,AzeoTech," ICS-CERT Advisory ICSA-11-122-01 was originally released to the US-CERT Portal on May 24, 2011. This web site release was delayed to allow users sufficient time to download and install the upgrade. ICS-CERT received a report from the nSense Vulnerability Coordination Team concerning several vulnerabilities in AzeoTech DAQFactory. ICS-CERT has worked with nSense and AzeoTech to validate the vulnerabilities and create a mitigation strategy, included below. Azeotech has created a new version (Version 5.85, Build 1842) to resolve these vulnerabilities. Users who do not require the networking capability can easily adjust the system settings in their existing versions to disable the vulnerable feature. The default settings for future releases (Versions 5.85 and newer) will be changed to mitigate the vulnerability. ICS-CERT has confirmed that both Version 5.85 and disabling the vulnerable feature in older versions successfully mitigates this vulnerability."
ICSA-11-126-01,https://www.us-cert.gov/ics/advisories/ICSA-11-126-01,2011-05-06,2018-09-06,7-Technologies IGSS Vulnerabilities,1,7-Technologies," This advisory is a follow-up to ICS-ALERT-11-080-03 7-Technologies IGSS Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent researcher has identified eight vulnerabilities in 7-Technologies (7T) IGSS SCADA human-machine interface (HMI) application. Each of the identified vulnerabilities includes proof-ofconcept (PoC) exploit code. The researcher identified the following vulnerability types: Stack-based buffer overflowsPath traversalString formattingLocal arbitrary code execution (dc.exe). Seven of these vulnerabilities occur in IGSSdataServer service on Port 12401/TCP. The eighth vulnerability is identified in the Data Collection application (dc.exe) on Port 12397/TCP. Both vulnerable services run as part of the IGSS application suite. The IGSS Data Server is responsible for data transmission between the IGSS server and the operator stations. All vulnerabilities are remotely exploitable and can allow denial of service, path traversal, and arbitrary code execution. After these original eight vulnerabilities were identified, Joel Langill of SCADAhackera discovered and coordinated with ICS-CERT a ninth vulnerability. This new vulnerability is directly leveraged off one of the original vulnerabilities, specifically local arbitrary code execution affecting the Data Collection application (dc.exe) on Port 12397/TCP. An attacker could exploit this additional vulnerability to conduct simultaneous directory traversal and arbitrary programs execution on the host machine. 7T has developed a patch that resolves the reported vulnerabilities. ICS-CERT has validated the patch."
ICSA-11-131-01,https://www.us-cert.gov/ics/advisories/ICSA-11-131-01,2011-05-11,2013-08-28,ICONICS GENESIS32 and BizViz ActiveX Stack Overflow,1,ICONICS," Security researchers Scott Bell and Blair Strang of Security-Assessment.com have released a report detailing a stack overflow vulnerability affecting ICONICS GENESIS32 and BizViz products. The vulnerable ActiveX control, GenVersion.dll, is a component of WebHMI, which is incorporated in both GENESIS32 and BizViz products. Successful exploitation of this vulnerability allows remote arbitrary code execution. ICS-CERT has confirmed that ICONICS has issued a patch that addresses this vulnerability. ICONICS confirmed that Security-Assessment.com has validated that this patch fully resolves this vulnerability."
ICSA-11-132-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-132-01A,2011-06-06,2018-08-23,7-Technologies IGSS Denial of Service (Update A),1,7-Technologies," ICS-CERT has become aware of multiple denial-of-service (DoS) vulnerabilities in the 7-Technologies  (7T) Interactive Graphical SCADA System (IGSS) supervisory control and data acquisition (SCADA) human-machine interface (HMI) application. All vulnerabilities are remotely exploitable. 7T has developed patches that resolve the reported vulnerabilities in the affected versions."
ICSA-11-147-01B,https://www.us-cert.gov/ics/advisories/ICSA-11-147-01B,2011-06-02,2013-08-28,Ecava IntegraXor DLL Hijacking (Update B),1,Ecava," This advisory is a follow-up to ICS-ALERT-10-362-01—Ecava IntegraXor DLL Hijacking. ICS-CERT has become aware of a Uncontrolled Search Path Element vulnerability, commonly referred to as DLL Hijacking, in the Ecava IntegraXor supervisory control and data acquisition (SCADA) product. ICS-CERT has worked with Ecava to validate the vulnerability. Ecava has developed a patch release for IntegraXor to address this vulnerability. ICS-CERT has validated the patch."
ICSA-11-147-02,https://www.us-cert.gov/ics/advisories/ICSA-11-147-02,2011-05-27,2013-04-30,Ecava IntegraXor XSS,1,Ecava," ICS-CERT received a report from an anonymous security reseacher concerning several cross site scripting (XSS) vulnerabilities in the Ecava IntegraXor SCADA product. ICS-CERT has worked with the reseacher and Ecava to validate these vulnerabilities. Ecava has developed a patch release of IntegraXor to address these vulnerabilities. The independent security reseacher has validated this patch."
ICSA-11-161-01,https://www.us-cert.gov/ics/advisories/ICSA-11-161-01,2011-06-10,2013-08-29,Rockwell RSLinx EDS Vulnerability,1,Rockwell Automation," ICS-CERT has received a report from Michael Orlando of CERT Coordination Center (CERT/CC) identifying a vulnerability in Rockwell Automation Electronic Data Sheet (EDS) Hardware Installation Tool. This tool is bundled with RSLinx Classic for normal distribution. The install tool exhibits a buffer overflow vulnerability when parsing improperly formatted EDS files. This vulnerability is likely exploitable and could allow remote code execution, though that would require significant user interaction. Rockwell Automation has released a patch that has been verified by CERT/CC."
ICSA-11-167-01,https://www.us-cert.gov/ics/advisories/ICSA-11-167-01,2011-06-16,2019-01-02,Sunway Force Control,1,Sunway," ICS-CERT has received a report from Security researcher Dillon Beresford of NSS Labs concerning vulnerabililities affecting Sunway ForceControl and pNetPower SCADA/HMI applications. The reported vulnerabilities are heap-based buffer overflows that could result in a denial of service or the execution of arbitrary code. ICS-CERT has coordinated with the researcher, China National Vulnerability Database (CNVD), and Sunway to ensure full remediation of the reported vulnerabilities. Sunway has issued two patches that address both vulnerabilities. CNVD has confirmed the effectiveness of the patches issued by Sunway. Neither ICS-CERT nor the researcher has validated these patches. Sunway has issued a security bulletin describing their response."
ICSA-11-168-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-168-01A,2011-06-24,2013-10-28,InduSoft ISSymbol ActiveX Control Buffer Overflow (Update A),1,InduSoft," Security researcher Dmitriy Pletnevo of Secunia Research1 has released details of multiple overflow vulnerabilities affecting the InduSoft ISSymbol ActiveX control. The researcher identified both stack-based and heap-based buffer overflows. Successful exploitation of these vulnerabilities allows execution of arbitrary code."
ICSA-11-173-01,https://www.us-cert.gov/ics/advisories/ICSA-11-173-01,2011-08-25,2013-08-29,ClearSCADA Remote Authentication Bypass,1,Schneider Electric," ICS-CERT originally released Advisory ICSA-11-173-01P “ClearSCADA Remote Authentication Bypass”, on the US-CERT Portal on June 22, 2011. This web page release was delayed to allow users sufficient time to download and install this update. Independent security researcher Jeremy Brown has identified an authentication bypass vulnerability in the Control Microsystems ClearSCADA application. Control Microsystems has produced a new version that mitigates this vulnerability. ICS-CERT has tested the new version to validate that it is fixed."
ICSA-11-175-01,https://www.us-cert.gov/ics/advisories/ICSA-11-175-01,2011-06-24,2013-04-26,Rockwell FactoryTalk Diag Viewer Memory Corruption,1,Rockwell Automation," Independent security researchers Billy Rios and Terry McCorkle have coordinated with ICS-CERT on a memory corruption vulnerability that affects Rockwell’s Automation FactoryTalk Diagnostics Viewer product.By using a specially crafted FactoryTalk Diagnostics Viewer configuration file, an attacker could possibly cause a memory corruption that allows the execution of arbitrary code. According to Rockwell Automation, this issue has been resolved in later versions of the FactoryTalk Diagnostics Viewer, starting with V2.30.00 (CPR9 SR3). ICS-CERT has not validated this update."
ICSA-11-175-02,https://www.us-cert.gov/ics/advisories/ICSA-11-175-02,2011-07-01,2013-08-12,Siemens WinCC Exploitable Crashes,1,Siemens," ICS-CERT Advisory ICSA-11-175-02P was originally released to the US-CERT Portal on June 24, 2011. This web page release was delayed to allow users sufficient time to download and install the update. ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning exploitable crashes in the Siemens SIMATIC WinCC SCADA product. Specially crafted files can cause memory corruption or pointer issues, which can cause the system to crash. ICS-CERT has coordinated with the researchers and Siemens to assist with releasing an update that successfully mitigates these vulnerabilities. The researchers have validated that this update successfully mitigates these vulnerabilities."
ICSA-11-182-01,https://www.us-cert.gov/ics/advisories/ICSA-11-182-01,2011-07-01,2018-09-05,ICONICS GENESIS32 and BizViz ActiveX Trusted Zone Vulnerability,1,ICONICS," ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning ICONICS GENESIS32 and BizViz products. This vulnerability involves a design issue in a GENESIS32 ActiveX control that can set an arbitrary domain to the trusted zone. ICONICS has validated the researchers’ claims for multiple versions of GENESIS32 and BizViz. ICS-CERT has coordinated this vulnerability report with ICONICS and they have released a patch that addresses the vulnerability. The researchers have validated that the patch mitigates the reported vulnerabilities."
ICSA-11-182-02,https://www.us-cert.gov/ics/advisories/ICSA-11-182-02,2011-07-01,2013-08-28,ICONICS Login ActiveX Vulnerability,1,ICONICS," ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning a vulnerability that affects ICONICS GENESIS32 and BizViz products. This vulnerability includes a crash in the Security Login controls used by GENESIS32 due to a buffer overflow. ICONICS has validated the researchers’ claims for the multiple versions of GENESIS32 and BizViz. ICS-CERT has coordinated these vulnerability reports with ICONICS and they have released a patch that addresses the vulnerability. The researchers have validated that the patches mitigate the reported vulnerability."
ICSA-11-189-01,https://www.us-cert.gov/ics/advisories/ICSA-11-189-01,2011-07-08,2018-08-23,7-Technologies IGSS Remote Memory Corruption,1,7-Technologies," ICS-CERT has become aware of a memory corruption vulnerability that has been coordinated with 7-Technologies (7T) by the VUPEN Vulnerability Research Team. 7T has created a patch that fully resolves this vulnerability. VUPEN has confirmed that the patch resolves the vulnerability. 7T has created a patch that fully resolves this vulnerability. VUPEN has confirmed that the patch resolves the vulnerability."
ICSA-11-195-01,https://www.us-cert.gov/ics/advisories/ICSA-11-195-01,2011-07-26,2013-05-01,Wonderware Information Server,1,Invensys," ICS-CERT Advisory ICSA-11-195-01P was originally released to the US-CERT Portal on July 14, 2011. This web page release was delayed to allow users sufficient time to download and install the update.Independent security researchers Billy Rios and Terry McCorkle have identified a stack-based buffer overflow vulnerability that exists in two different ActiveX controls used by the Wonderware Information Server product. Successful exploitation of this vulnerability could allow remote code execution on a client running vulnerable versions of the software.ICS-CERT has coordinated with the researchers and Invensys. Invensys has issued a patch to address this vulnerability. The researchers have confirmed this patch fully resolves this reported vulnerability in both vulnerable ActiveX controls."
ICSA-11-216-01,https://www.us-cert.gov/ics/advisories/ICSA-11-216-01,2011-09-06,2018-09-06,Scadatec Limited Procyon Telnet Buffer Overflow,1,Scadatec Limited," ICS-CERT originally released Advisory ICSA-11-216-01P on the US-CERT Portal on August 04, 2011. This web page release was delayed to allow users sufficient time to download and install the update. ICS-CERT has received a report from Knud Højgaard of the nSense Vulnerability Coordination Team concerning a vulnerability in the Scadatec Limited Procyon human-machine interface/supervisory control and data acquisition (HMI/SCADA) product. This vulnerability could allow an attacker to establish a connection to the Telnet daemon, bypassing proper authentication, and exploit a buffer overflow that could lead to a denial of service (DoS) or remote code execution. ICS-CERT has been working with nSense and Scadatec Limited to validate this vulnerability. Scadatec Limited has created a new version (V1.14) of the Procyon product that fully resolves this issue. nSense has confirmed that Procyon Version V1.14 successfully resolves this vulnerability."
ICSA-11-223-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-223-01A,2011-08-22,2018-09-06,Siemens SIMATIC PLCs Reported Issues Summary (Update A),1,Siemens," ICS-CERT has been coordinating multiple reports of issues affecting various models within the Siemens SIMATIC Step 7 (S7) programmable logic controller (PLC) product line. ICS-CERT has coordinated the issues with both Siemens and the researcher and continues to work with both entities. A portion of the reported issues involve commands being transmitted using the International Organization for Standardization Transport Service Access Point (ISO-TSAP) protocol. According to ICS-CERT analysis, the ISO-TSAP protocol is functioning to specifications; however, authentication is not performed nor are payloads encrypted or obfuscated. Like ISO-TSAP, many protocols used in industrial control systems (ICSs) were designed with interoperability in mind and were intentionally designed without security features to be as open as possible. As a result, improving ICS security may require extensive architectural changes, including the addition of built-in or layered-on techniques to enhance protocol security. Changes necessary to improve protocol security could negatively impact interoperability and performance. Some of the reported issues were coordinated and resolved with ICS-CERT and Siemens, while others were publicly released by the researcher without coordination. ICS-CERT’s Vulnerability Disclosure Policy encourages researchers to work directly with ICS-CERT and/or the affected vendor to disclose previously unknown vulnerabilities, so that patches and mitigations can be prepared and asset owners have adequate time to test and deploy them. Unless extenuating circumstances arise (e.g., active exploitation, threats of an especially serious nature, or danger to public health and safety), coordinated vulnerabilities are not publicly announced until patches/mitigations are available. The intent of this advisory is to provide a summary of the various alerts and notices as well as other public information available to date. Some ICS-CERT products related to these reports are only available on the US-CERT Portal. Asset owners and operators can request access to the US-CERT Portal by sending an e-mail message to ICS-CERT@DHS.GOV. Table 1 outlines the public ICS-CERT Alerts that are currently available on the ICS-CERT website. Additional ICS-CERT products are available on the US-CERT Portal. Table 1. ICS-CERT Siemens S7 Alert summary."
ICSA-11-231-01,https://www.us-cert.gov/ics/advisories/ICSA-11-231-01,2011-08-19,2013-04-22,Inductive Automation Ignition Information Disclosure Vulnerability,1,Inductive Automation," ICS-CERT has received a report from Rubén Santamarta concerning a vulnerability in Inductive Automation’s Ignition software. Ignition is an updated version of FactoryPMI (Plant Management Interface), offered by Inductive Automation. This vulnerability allows unauthorized users to download files containing important information about the system and project. ICS-CERT has worked with Inductive Automation and Rubén Santamarta to confirm this vulnerability, and Inductive Automation has issued a patch to address it. ICS-CERT has validated that this patch fully resolves this vulnerability."
ICSA-11-243-01,https://www.us-cert.gov/ics/advisories/ICSA-11-243-01,2011-11-01,2013-04-20,GE Intelligent Platforms Proficy Plant Applications Buffer Overflow,1,GE," ICS CERT originally released Advisory ICSA-11-243-01P on the US-CERT secure Portal on August 31, 2011. This web page release was delayed to allow users time to download and install the update. ICS-CERT has received a report from GE concerning a stack-based buffer overflow vulnerability in the GE Intelligent Platform Proficy Plant Applications software suite. ICS-CERT has coordinated with GE Intelligent Platforms to validate this vulnerability, and GE has created a patch to address the issue. ICS-CERT has validated that the patch fully resolves this issue."
ICSA-11-243-02,https://www.us-cert.gov/ics/advisories/ICSA-11-243-02,2011-10-31,2013-04-20,GE Proficy Historian Web Administrator XSS,1,GE," ICS-CERT originally released Advisory ICSA-11-243-02P on the US-CERT secure Portal on August 31, 2011. ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning multiple cross-site scripting (XSS) vulnerabilities in the GE Intelligent Platforms Proficy Historian Web Administrator software. ICS-CERT has coordinated this vulnerability with GE and the researchers, and GE has made recommendations to reduce the potential attack surface. The affected product, Historian Web Administrator with Proficy Historian, is considered by GE to be a legacy component; as a result, GE is not issuing a patch for this vulnerability."
ICSA-11-243-03A,https://www.us-cert.gov/ics/advisories/ICSA-11-243-03A,2011-11-28,2018-09-06,GE Intelligent Platforms Proficy Historian Data Archiver Buffer Overflow Vulnerability (Update A),1,GE," ICS-CERT originally released Advisory ICSA-11-243-03P on the US-CERT secure Portal on August 31, 2011. This web page release was delayed to allow users time to download and install the update. ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative concerning a stack-based buffer overflow vulnerability in the GE Intelligent Platforms Proficy Historian Data Archiver."
ICSA-11-244-01,https://www.us-cert.gov/ics/advisories/ICSA-11-244-01,2011-09-06,2018-08-23,Siemens WinCC Flexible Runtime Heap Overflow,1,Siemens," ICS-CERT originally released Advisory ICSA-11-244-01P on the US-CERT secure Portal on September 01, 2011. This web page release was delayed to allow users sufficient time to download and install the update. Independent security researchers Billy Rios and Terry McCorkle have reported a memory corruption vulnerability in the WinCC Runtime Advanced Loader, which is a component of both Siemens SIMATIC WinCC flexible and TIA Portal. ICS-CERT has coordinated with Siemens and the researchers. Siemens has not issued a patch to address this vulnerability. However, Siemens has provided recommended mitigations to assist asset owners with protecting their systems."
ICSA-11-263-01,https://www.us-cert.gov/ics/advisories/ICSA-11-263-01,2011-09-20,2018-09-06,Measuresoft ScadaPro Vulnerabilities,1,Measuresoft," This Advisory is a follow-up to the Alert titled “ICS-ALERT-11-256-04 Measuresoft ScadaPro” that was published September 13, 2011, on the ICS-CERT website. ICS-CERT is aware of a public report of three vulnerabilities with proof-of-concept (PoC) exploit code affecting Measuresoft ScadaPro. According to the report, the vulnerabilities include a stack buffer overflow, an insecure method call, and a path traversal, which are all remotely exploitable through Port 11234/UDP. This report was released publicly without coordination with either the vendor or ICS-CERT. Attribution for the discovery of these vulnerabilities is not provided in this advisory because no prior coordination occurred with the vendor, ICS-CERT, or other coordinating body. ICS-CERT encourages researchers to coordinate vulnerability details before public release. The public release of vulnerability details prior to the development of proper mitigations may put industrial control systems (ICSs) and the public at avoidable risk. ICS-CERT has coordinated with Measuresoft, which has produced a fix that resolves these vulnerabilities. The fix has been tested to validate that it resolves the vulnerabilities."
ICSA-11-264-01,https://www.us-cert.gov/ics/advisories/ICSA-11-264-01,2011-09-21,2018-09-06,AzeoTech DAQFactory Stack Overflow,1,AzeoTech," This advisory is a follow-up to the alert titled “ICS-ALERT-11-256-02—AzeoTech DAQFactory Stack Overflow” that was published September 13, 2011, on the ICS-CERT web page. ICS-CERT is aware of a public report of one stack overflow vulnerability with proof-of-concept (POC) exploit code affecting AzeoTech DAQFactory, a SCADA/HMI Product. According to the report, the vulnerability is exploitable via a service running on Port 20034/UDP. The report was released without coordinating with either the vendor or ICS-CERT. ICS-CERT has coordinated with AzeoTech, which has produced an upgrade that resolves the vulnerability. ICS-CERT has not validated the upgrade. Attribution for the vulnerability discovery is not provided in this advisory because no prior coordination occurred with the vendor, ICS-CERT, or other coordinating body. ICS-CERT encourages researchers to coordinate vulnerability details before public release. The public release of vulnerability details prior to the development of proper mitigations may put industrial control systems (ICSs) and the public at avoidable risk."
ICSA-11-273-01,https://www.us-cert.gov/ics/advisories/ICSA-11-273-01,2011-09-30,2013-08-28,ICONICS GENESIS32 Multiple Memory Corruption,1,ICONICS," Independent security researchers Billy Rios and Terry McCorkle have identified eight memory corruption vulnerabilities affecting the ICONICS GENESIS32 product. GENESIS32 is a web-deployable human-machine interface (HMI) supervisory control and data acquisition (SCADA) product. These vulnerabilities affect ScriptWorX32, GraphWorX32, and the AlarmWorX32 and TrendWorX32 containers that run as part of the GENESIS32 application. ICONICS has validated the reported vulnerabilities and has produced patches that address them. ICS-CERT has validated each of the patches and has confirmed that they resolve these vulnerabilities."
ICSA-11-273-02,https://www.us-cert.gov/ics/advisories/ICSA-11-273-02,2011-09-30,2013-10-28,InduSoft ISSymbol ActiveX Control Buffer Overflow,1,InduSoft," ICS-CERT has received a report from independent security researcher Dmitriy Pletnev of Secunia Research about ActiveX control buffer overflow vulnerabilities with proof-of-concept exploit code affecting the InduSoft ISSymbol product. Secunia has coordinated with InduSoft, who has produced a patch that mitigates these vulnerabilities. ICS-CERT has not validated the patch."
ICSA-11-273-03A,https://www.us-cert.gov/ics/advisories/ICSA-11-273-03A,2011-10-06,2018-09-06,Rockwell RSLogix Overflow Vulnerability (Update A),1,Rockwell Automation," This updated advisory is a follow-up to the Alert titled “ICS-ALERT-11-256-05A—Rockwell RSLogix Overflow Vulnerability” that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) web page. ICS-CERT is aware of a public report of an overflow vulnerability in Rockwell Automation’s RSLogix application that could lead to a denial-of-service condition."
ICSA-11-277-01,https://www.us-cert.gov/ics/advisories/ICSA-11-277-01,2011-10-20,2013-05-07,Schneider Electric UnitelWay Buffer Overflow,1,Schneider Electric," ICS-CERT originally released Advisory ICSA-11-277-01P on the US-CERT secure Portal on October 04, 2011. This web page release was delayed to allow users sufficient time to download and install the update. Researcher Kuang-Chun Hung of Security Research and Service Institute—Information and Communication Security Technology Center (ICST) has identified a buffer overflow vulnerability in UnitelWay Windows Device Driver. This device driver is deployed as part of several different Schneider Electric products. ICS-CERT has coordinated this vulnerability report with Schneider Electric. The vendor has produced a fix that resolves this vulnerability. ICST has successfully tested and validated that this fix fully resolves this vulnerability."
ICSA-11-279-01,https://www.us-cert.gov/ics/advisories/ICSA-11-279-01,2011-11-04,2013-10-28,Advantech OPC Server Buffer Overflow,1,Advantech," ICS-CERT originally released Advisory ICSA-11-279-01P on the US-CERT secure Portal on October 06, 2011. This web page release was delayed to allow users time to download and install the update. Security research and service institute Information and Communication Security Technology Center (ICST) has identified a buffer overflow vulnerability that affects multiple Advantech OPC (OLE for Process Control) Server products. This vulnerability may allow remote code execution and elevated user privileges. Advantech has produced a new software version that mitigates this vulnerability. ICST has tested the new version and confirmed that it fully resolves this vulnerability."
ICSA-11-279-02,https://www.us-cert.gov/ics/advisories/ICSA-11-279-02,2011-11-07,2014-03-12,CitectSCADA and Mitsubishi MX4 SCADA Batch Server Buffer Overflow,1,"Mitsubishi Electric Automation, Schneider Electric"," ICS-CERT originally released Advisory ICSA-11-279-02P on the US-CERT secure Portal on October 06, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Taiwan’s Information and Communication Security Technology Center (ICST) has reported a buffer overflow affecting Mitsubishi MX4 Supervisory Control and Data Acquisition (SCADA). Upon further investigation, MX4 SCADA was found to be a version of CitectSCADA, a product offered by Schneider Electric. This Advisory includes a full list of known affected products. A buffer overflow vulnerability resides in a third-party component used by the CitectSCADA and MX4 SCADA Batch products. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. ICS-CERT has coordinated the researcher’s vulnerability report with Schneider Electric. Schneider Electric has issued a patch to address the reported vulnerability. The researcher has confirmed the patch is effective in addressing the vulnerability. Schneider Electric has provided the patch to Mitsubishi for distribution to MX4 SCADA customers."
ICSA-11-279-03A,https://www.us-cert.gov/ics/advisories/ICSA-11-279-03A,2011-10-12,2013-05-08,Unitronics UNIOPC Server Input Handling Vulnerability (Update A),1,Unitronics," Independent security researchers Billy Rios and Terry McCorkle have identified a vulnerability in Unitronics’ UniOPC Server product. --------- Begin Update A Part 1 of 3 -------- This vulnerability is a result of improper handling of input by a third-party component, https50.ocx, which is part of “IP*Works! SSL.”1 --------- Begin End A Part 1 of 3 -------- IP*Works! is used in the UniOPC product. Successful exploitation of this vulnerability results in a crash and could result in the execution of arbitrary code. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has coordinated with Unitronics and the security researchers. Unitronics has released a new version that does not contain the vulnerable component. The researchers have confirmed that the vulnerable component is not present in the new version. However, customers installing the new version on a system that had previously contained an affected version of UniOPC are still vulnerable as the update does not remove the vulnerable component."
ICSA-11-279-04,https://www.us-cert.gov/ics/advisories/ICSA-11-279-04,2011-10-06,2018-09-06,Beckhoff TwinCAT Read Access Violation,1,Beckhoff," This Advisory is a follow-up to the Alert, ICS-ALERT-11-256-06—BECKHOFF TWINCAT READ ACCESS VIOLATION, that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) web page. ICS-CERT is aware of a public report of a read access violation vulnerability in Beckhoff’s TwinCAT Software that could lead to a denial-of-service condition. Beckhoff has produced a patch to address this vulnerability in TwinCAT Software."
ICSA-11-280-01,https://www.us-cert.gov/ics/advisories/ICSA-11-280-01,2011-10-07,2018-09-06,Cogent DataHub Vulnerabilities,1,Cogent Real-Time Systems Inc," This Advisory is a follow-up to the Alert, “ICS-ALERT-11-256-03—COGENT DATAHUB VULNERABILITIES,” that was published September 13, 2011, on the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) web page. ICS-CERT is aware of a public report of multiple vulnerabilities in Cogent’s DataHub application. These vulnerabilities include denial-of-service, information leakage, and remote code execution. Cogent has produced a patch that resolves these vulnerabilities in DataHub."
ICSA-11-285-01,https://www.us-cert.gov/ics/advisories/ICSA-11-285-01,2011-10-12,2013-04-30,Honeywell TEMA Remote Installer ActiveX Vulnerability,1,Honeywell," Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received a report from independent security researchers Billy Rios and Terry McCorkle concerning a vulnerability affecting Honeywell Enterprise Buildings Integrator (EBI) software systems that have Temaline physical access control products installed. Temaline client products use the Tema Remote Installer to download and install required Tema components for client workstation access. Tema Remote Installer uses DownloadURL() ActiveX function configured to ignore file authentication. This misuse of an ActiveX function allows download and installation of any MSI file without checking source authenticity or user notification. ICS-CERT has coordinated this vulnerability report with Honeywell and the researchers. Honeywell has released two patches resolving this vulnerability. ICS-CERT has validated that these patches resolve the reported vulnerability."
ICSA-11-294-01,https://www.us-cert.gov/ics/advisories/ICSA-11-294-01,2011-10-21,2014-01-24,Progea Movicon Power HMI Vulnerabilities,1,Progea," This advisory is a follow-up to the Alert titled “ICS-ALERT-11-256-01 – Progea Movicon PowerHMI Vulnerabilities” that was published September 13, 2011, on the ICS-CERT web page. Two buffer overflow and one memory corruption vulnerability were disclosed affecting the Progea Movicon’s PowerHMI product. ICS-CERT has coordinated these vulnerabilities with Progea and they have produced a hotfix that mitigates these vulnerabilities."
ICSA-11-298-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-298-01A,2011-12-26,2013-04-23,Sielco Sistemi Winlog Buffer Overflow (Update A),1,Sielco Sistemi," ICS-CERT originally released Advisory ICSA-11-298-01P on the US-CERT secure portal on October 25, 2011. This web page release was delayed to allow users time to download and install the update. Independent researcher Paul Davis has identified a buffer overflow vulnerability in Sielco Sistemi Winlog application. Sielco Sistemi has produced a new release that mitigates this vulnerability. Mr. Davis has indicated to ICS-CERT that he has tested the new release and validated that it resolves the vulnerability."
ICSA-11-307-01,https://www.us-cert.gov/ics/advisories/ICSA-11-307-01,2011-11-27,2013-05-07,Schneider Electric Vijeo Historian Web Server Multiple Vulnerabilities,1,Schneider Electric," ICS-CERT originally released Advisory ICSA-11-307-01P on the US-CERT secure Portal on November 03, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Security Research and Service Institute--Information and Communication Security Technology Center (ICST) has identified four vulnerabilities in the Schneider Electric Vijeo Historian product line. These vulnerabilities include a denial of service (DoS), buffer overflow, a cross-site scripting (XSS), and a directory traversal. ICS-CERT has coordinated this report with Schneider Electric and ICST. Schneider has produced a fix that resolves these vulnerabilities. ICST has tested this fix and validated that it fully resolves these vulnerabilities."
ICSA-11-314-01,https://www.us-cert.gov/ics/advisories/ICSA-11-314-01,2012-12-11,2013-08-29,Safenet Sentinel and 7-T Input Sanitization Vulnerability,1,SafeNet," ICS-CERT originally released advisory ICSA-11-314-01P on the US-CERT secure portal on November 14, 2011. This web page release was delayed to allow users time to download and install the update. Security researcher Carlos Mario Penagos Hollman of Synapse-labs has identified an input sanitization vulnerability in SafeNet Sentinel HASP Software Rights Management (HASP-SRM) license management application. ICS-CERT has coordinated the researcher’s vulnerability report with SafeNet, and SafeNet has produced an updated version that mitigates this vulnerability. Mr. Penagos has tested the updated version and validates that it resolves the vulnerability."
ICSA-11-319-01,https://www.us-cert.gov/ics/advisories/ICSA-11-319-01,2011-11-14,2014-03-12,InduSoft Web Studio Vulnerabilities,1,InduSoft," ICS-CERT has become aware of a report from the Zero Day Initiative concerning two vulnerabilities in the InduSoft Web Studio software. This information was reported to Zero Day Initiative by independent security researcher Luigi Auriemma. These vulnerabilities exploit unauthenticated remote code execution within the CEServer Operation and the CEServer.exe directories. Zero Day Initiative has coordinated with InduSoft, who has produced a patch that mitigates these vulnerabilities."
ICSA-11-332-01A,https://www.us-cert.gov/ics/advisories/ICSA-11-332-01A,2012-01-01,2018-09-06,Wonderware InBatch ActiveX Vulnerabilities (Update A),1,Invensys," ICS-CERT originally released advisory “ICSA-11-332-01P—Invensys Wonderware InBatch ActiveX Vulnerabilities” in the US-CERT secure portal on November 28, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of the Security Research and Service Institute-Information and Communication Security Technology Center (ICST) has identified three vulnerabilities in Invensys Wonderware InBatch. These vulnerabilities exist in the GUIControls, BatchObjSrv, and BatchSecCtrl ActiveX controls. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or cause a denial of service (DoS) on systems with affected versions of Wonderware InBatch Runtime Client components. ICS-CERT has coordinated the report with the ICST and Invensys. Invensys has issued software updates that resolve these vulnerabilities. The ICST has confirmed the software updates fully resolve the reported vulnerabilities."
ICSA-11-335-01,https://www.us-cert.gov/ics/advisories/ICSA-11-335-01,2011-12-19,2013-08-12,7-Technologies Data Server Denial of Service,1,7-Technologies," ICS-CERT originally released advisory “ICSA-11-335-01P - 7-Technologies Data Server Denial of Service” in the US-CERT secure portal on December 01, 2011. This web page release was delayed to allow users time to download and install the update. Security researcher UCQ from the Cyber Defense Institute, Inc. has identified a buffer overflow vulnerability in the 7-Technologies (7T) IGSS Data Server application. ICS-CERT has coordinated with 7T, which has produced a patch to resolve this vulnerability. The Cyber Defense Institute, Inc. has tested the patch and confirmed that it resolves the reported vulnerability."
ICSA-11-340-01,https://www.us-cert.gov/ics/advisories/ICSA-11-340-01,2011-12-06,2018-09-06,ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities,0,ARC Informatique," This Advisory is a follow-up to the Alert, “ICS-ALERT-11-271-01 - ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities.”ICS-CERT is aware of publicly and privately disclosed reports of four vulnerabilities in ARC Informatique’s PcVue application. These vulnerabilities include: potential to write memorypossible file corruptionremote code executiondenial of service. Independent researcher Kuang-Chun Hung of Security Research and Service Institute Information and Communication Security Technology Center (ICST) privately identified a buffer overflow vulnerability in ARC Informatique’s PcVue application.Independent researcher Luigi Auriemma publicly disclosed four vulnerabilities along with proof-of-concept (PoC) exploit code, including the vulnerability privately disclosed by ICST, without coordination with ARC Informatique, ICS-CERT, or any other coordinating entity known to ICS-CERT.ARC Informatique has confirmed these vulnerabilities and has released a patch to address the issue. Researcher Kuang-Chun Hung has tested the patch and validated that it resolves these vulnerabilities."
ICSA-11-343-01,https://www.us-cert.gov/ics/advisories/ICSA-11-343-01,2012-01-03,2013-05-08,Siemens FactoryLink Multiple ActiveX Vulnerabilities,1,Siemens," ICS-CERT originally released Advisory ICSA-11-343-01P on the US-CERT secure portal on December 09, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Taiwan’s Information and Communication Security Technology Center (ICST) has identified two vulnerabilities affecting ActiveX components in the Siemens Tecnomatix FactoryLink application. The report included buffer overflow and data corruption vulnerabilities.1 ICS-CERT has coordinated with Siemens; Siemens has released a patch that addresses the identified vulnerabilities. ICS-CERT has confirmed that the Siemens patch resolves the reported vulnerabilities."
ICSA-11-353-01,https://www.us-cert.gov/ics/advisories/ICSA-11-353-01,2012-01-15,2013-04-18,7-Technologies Interactive Graphical SCADA,1,7-Technologies," ICS-CERT originally released Advisory ICSA-11-353-01P on the US-CERT secure portal on December 19, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Security Research and Service Institute--Information and Communication Security Technology Center (ICST) has identified an unsafe search path vulnerability in the 7-Technologies (7T) IGSS Interactive Graphical SCADA System. 7T produced a patch that fixes this vulnerability. ICST tested this patch and verified that it fully resolves this vulnerability."
ICSA-11-355-01,https://www.us-cert.gov/ics/advisories/ICSA-11-355-01,2011-12-20,2013-04-30,7-Technologies IGSS Buffer Overflow,1,7-Technologies," Security researcher Celil Unuver (SignalSEC LLC1) has identified a buffer overflow vulnerability in the 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) product. Successful exploitation of this vulnerability could result in a denial of service (DoS) or the execution of arbitrary code. ICS-CERT has coordinated this vulnerability report with 7T and they have produced a patch that resolves this vulnerability. The researcher has confirmed that the patch fully resolves the reported vulnerability."
ICSA-11-355-02,https://www.us-cert.gov/ics/advisories/ICSA-11-355-02,2011-12-10,2013-04-26,WellinTech KingView History Server Buffer Overflow,1,WellinTech," ICS-CERT has received a report from the Zero Day Initiative (ZDI) concerning a heap-based buffer overflow vulnerability in WellinTech’s Kingview HistoryServer.exe, which may allow a remote, unauthenticated attacker to execute arbitrary code. This vulnerability was reported to ZDI by independent security researcher Luigi Auriemma. WellinTech has produced a patch that is available for download from its website."
ICSA-11-356-01,https://www.us-cert.gov/ics/advisories/ICSA-11-356-01,2011-12-22,2013-04-22,Siemens Simatic HMI Authentication Vulnerabilities,1,Siemens," ICS-CERT is aware of a public report by independent security researchers Billy Rios and Terry McCorkle concerning authentication bypass vulnerabilities affecting Siemens SIMATIC HMI products which are supervisory control and data acquisition/human-machine interface (SCADA/HMI) products. According to this report, systems running affected versions of this product are accessible using a default username and password. These systems also generate an insecure authentication token for browser sessions. Prior to public disclosure, the researchers notified ICS-CERT of the vulnerabilities. ICS-CERT is continuing to coordinate mitigations with the researchers and Siemens. Siemens was previously aware of these vulnerabilities and intends to address them in Service Packs to be released in January 2012. Please see mitigation section of this document for additional information regarding the release of the Service Packs. Siemens has also updated its product documentation with instructions for configuring a strong password and removing default passwords during initial setup."
ICSA-11-361-01,https://www.us-cert.gov/ics/advisories/ICSA-11-361-01,2011-12-27,2018-09-06,Siemens Automation License Manager Vulnerabilities,1,Siemens," This Advisory is a follow-up to the original Alert titled “ICS-ALERT-11-332-01A—Siemens Automation License Manager Vulnerabilities” that was published December 02, 2011, on the ICS-CERT web page. ICS-CERT is aware of publicly disclosed reports of four vulnerabilities in Siemens Automation License Manager (ALM) application. These vulnerabilities include: Buffer overflowExceptionNull pointerImproper input validation. Independent researcher Luigi Auriemma publicly disclosed four vulnerabilities along with proof-of-concept (PoC) exploit code without coordination from Siemens, ICS-CERT, or any other coordinating entity known to ICS-CERT. Siemens has confirmed these vulnerabilities and has released a patch to address the issue. ICS-CERT has not validated the patch."
ICSA-11-362-01,https://www.us-cert.gov/ics/advisories/ICSA-11-362-01,2011-12-28,2018-09-06,ScadaTEC ScadaPhone & Modbus TagServer Buffer Overflow Vulnerability,1,ScadaTEC," This advisory is a follow-up to the ICS-CERT alert titled ICS-ALERT-11-255-01—ScadaTEC ScadaPhone/ModbusTagServer Buffer Overflow, which was published September 12, 2011, on the ICS-CERT Web page. On September 12, 2011, independent security researcher Steven Seeley publicly released a report that included proof-of-concept exploit code targeting a buffer overflow vulnerability in the ScadaTEC ScadaPhone and ModbusTagServer products. Currently, the exploit code allows an attacker to bind a shell for remote access. According to the report, exploitation of this vulnerability requires a specially crafted ZIP file to be opened using the affected application. ScadaTEC has produced a patch that resolves this vulnerability for all affected products and versions. ICS-CERT has validated that these patches fully resolve the vulnerability."
ICSA-12-006-01,https://www.us-cert.gov/ics/advisories/ICSA-12-006-01,2012-01-05,2018-09-06,3S CoDeSys Vulnerabilities,1,3S-Smart Software Solutions," This advisory is a follow-up to the alert update, ICS-ALERT-11-336-01A 3S CoDeSys Vulnerabilities, which was released on the ICS-CERT Web page on December 02, 2011. Security researcher Celil Unuver (SignalSec LLC) and independent researcher Luigi Auriemma have identified vulnerabilities in the 3S Smart Software Solutions CoDeSys product, summarized in the following table. Mr. Auriemma publicly disclosed the five vulnerabilities along with proof-of-concept (PoC) exploit code, including the vulnerability previously coordinated with ICS-CERT by Celil Unuver, without coordination with 3S Smart Software Solutions, ICS-CERT, or any other coordinating entity known to ICS-CERT. ICS-CERT has coordinated these vulnerabilities with 3S Smart Software Solutions, and they have produced new versions for both CoDeSys V3 and V2.3 that mitigate these vulnerabilities. Mr. Auriemma has confirmed that the new versions fully resolve the reported vulnerabilities."
ICSA-12-012-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-012-01A,2012-01-25,2018-09-06,Open Automation Software OPC Systems.NET Vulnerability (Update A),1,Open Automation Software," This Advisory is a follow-up to “ICS-ALERT-11-285-01—Open Automation Software OPC Systems.NET Vulnerability” that was posted on the ICS-CERT website on October 12, 2011.Independent researcher Luigi Auriemma publicly reported a malformed packet vulnerability in Open Automation Software’s OPC Systems.NET along with proof-of-concept (PoC) exploit code. This public report was released without coordination with Open Automation Software, ICS-CERT, or any other coordinating entity known to ICS-CERT.ICS-CERT has coordinated this vulnerability with Open Automation Software, and they have produced an update that resolves this vulnerability. Luigi Auriemma has tested the update and has confirmed that it resolves the vulnerability."
ICSA-12-013-01,https://www.us-cert.gov/ics/advisories/ICSA-12-013-01,2012-02-06,2014-06-02,ING. Punzenberger COPA-DATA GMBH DoS Vulnerabilities,1,COPA-DATA," ICS-CERT originally released Advisory ICSA-12-013-01P on the US-CERT secure portal on January 13, 2012. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of the Security Research and Service Institute--Information and Communication Security Technology Center (ICST) has identified multiple denial-of-service (DoS) vulnerabilities in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system. ICS-CERT has coordinated with Ing. Punzenberger COPA-DATA GmbH, which has produced an updated software release that resolves these vulnerabilities. ICST has tested the new release and verified that it fully resolves these vulnerabilities."
ICSA-12-016-01,https://www.us-cert.gov/ics/advisories/ICSA-12-016-01,2012-01-15,2013-04-17,Cogent DataHub XSS and CRLF,1,Cogent Real-Time Systems Inc," ICS-CERT is aware of a public report of multiple vulnerabilities in Cogent’s DataHub application. These vulnerabilities include cross-site scripting and an HTTP header injection vulnerability, also known as a carriage return line feed. According to the report, Cogent Real-Times Systems Inc. has produced a patch that resolves these vulnerabilities. Kuang-Chun Hung of Security Research and Service Institute - Information and Communication Security Technology Center (ICST), Taiwan R.O.C. reported these vulnerabilities to JPCERT/CC."
ICSA-12-018-01B,https://www.us-cert.gov/ics/advisories/ICSA-12-018-01B,2013-09-23,2018-09-06,Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (Update B),1,Schneider Electric," --------- Begin Update B Part 1 of 3 -------- This updated advisory is a follow-up to the updated advisory titled ICSA-12-018-01A Schneider Electric Quantum Ethernet Module Hard-Coded Credentials that was published on June 04, 2013, on the ICS-CERT Web site. It is also a follow-up to the original alert titled ICS-ALERT-11-346-01 Schneider Electric Quantum Ethernet Module Credentials that was published December 12, 2011, on the ICS-CERT Web page. This advisory corrects and expands on the details in the specified alert and subsequent advisory updates."
ICSA-12-018-02,https://www.us-cert.gov/ics/advisories/ICSA-12-018-02,2012-01-17,2018-08-22,Certec Atvise Server Remote DOS,1,Certec EDV GmbH," Independent researcher Luigi Auriemma has identified a denial of service (DoS) vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability."
ICSA-12-024-01,https://www.us-cert.gov/ics/advisories/ICSA-12-024-01,2012-01-24,2013-04-23,Ocean Data Systems Dream Reports XSS and Write Access Violation Vulnerabilities,1,Ocean Data," Independent researchers Billy Rios and Terry McCorkle identified cross-site scripting (XSS) and write access violation vulnerabilities in Ocean Data Systems Dream Report application.ICS-CERT has coordinated these vulnerabilities with Ocean Data Systems, which has produced a new version that resolves the reported vulnerabilities. The researchers have tested the new version to confirm that it resolves the vulnerability."
ICSA-12-024-02,https://www.us-cert.gov/ics/advisories/ICSA-12-024-02,2012-01-23,2018-09-06,MICROSYS PROMOTIC Vulnerabilities,1,MICROSYS,NULL
ICSA-12-025-02A,https://www.us-cert.gov/ics/advisories/ICSA-12-025-02A,2012-02-19,2013-05-08,7-Technologies Termis DLL Hijacking (Update A),1,7-Technologies," ICS-CERT originally released Advisory ICSA-12-025-02P on the US-CERT secure portal on January 25, 2012. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of the Security Research and Service Institute-Information and Communication Security Technology Center (ICST) identified an uncontrolled search path element vulnerability (often called DLL hijacking), commonly referred to as DLL Hijacking, in the 7-Technologies (7T) TERMIS software. ICS-CERT has coordinated this report with 7T, and 7T has created a patch that resolves this vulnerability. ICST has confirmed this patch fully resolves the reported vulnerability."
ICSA-12-030-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-030-01A,2012-04-18,2018-09-06,Siemens SIMATIC WinCC Vulnerabilities (UPDATE A),1,Siemens," This advisory is a follow-up to a previous advisory titled “ICSA-11-356-01 – Siemens HMI Authentication Vulnerabilities” that was published December 22, 2011, and an alert titled ""ICS-ALERT-11-332-02A – Siemens SIMATIC WinCC Flexible Vulnerabilities"" that was published December 2, 2011. ICS-CERT has received reports from independent security researchers Billy Rios, Terry McCorkle, Shawn Merdinger, and Luigi Auriemma detailing several vulnerabilities in Siemens SIMATIC WinCC Human-Machine Interface (HMI) application. ICS-CERT has coordinated with these researchers and Siemens to validate these vulnerabilities and include mitigation strategies in the latest Siemens service packs.a"
ICSA-12-032-01,https://www.us-cert.gov/ics/advisories/ICSA-12-032-01,2012-03-13,2013-04-30,GE Proficy Historian ihDataArchiver,1,GE," ICS-CERT originally released Advisory ICSA-12-032-01P on the US-CERT secure portal on March 02, 2012. This web page release was delayed to allow users time to download and install the update. ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative (ZDI) concerning a memory corruption vulnerability in the GE Intelligent Platforms Proficy Historian Data Archiver. If exploited, this vulnerability could allow an attacker to cause the Historian Data Archiver service to crash, which may lead to arbitrary code execution. This vulnerability was reported to ZDI by independent security researcher Luigi Auriemma. GE Intelligent Platforms has created a patch to address the issue."
ICSA-12-032-02,https://www.us-cert.gov/ics/advisories/ICSA-12-032-02,2012-03-13,2013-08-28,GE Intelligent Platforms Proficy Plant Applications Memory Corruption Vulnerabilities,1,GE," ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative (ZDI) concerning multiple memory corruption vulnerabilities in the GE Intelligent Platforms Proficy Plant Applications. These vulnerabilities were reported to ZDI by independent security researcher Luigi Auriemma. If exploited, these vulnerabilities could allow an attacker to cause multiple Proficy services to crash, which may lead to arbitrary code execution. concerning multiple memory corruption vulnerabilities in the GE Intelligent Platforms Proficy Plant Applications. These vulnerabilities were reported to ZDI by independent security researcher Luigi Auriemma.GE Intelligent Platforms has created patches to address these issues."
ICSA-12-032-03,https://www.us-cert.gov/ics/advisories/ICSA-12-032-03,2012-03-13,2013-04-22,GE Intelligent Platforms Proficy Real-Time Information Portal Directory Traversal,1,GE," ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative (ZDI). If exploited, this vulnerability could allow an attacker to create or overwrite a file on the system running Real-Time Information Portal. concerning a directory traversal vulnerability in the GE Intelligent Platforms Proficy Real-Time Information Portal. This vulnerability was reported to ZDI by independent security researcher Luigi Auriemma. GE Intelligent Platforms has created patches to address this issue."
ICSA-12-039-01,https://www.us-cert.gov/ics/advisories/ICSA-12-039-01,2012-02-08,2013-05-01,Invensys Wonderware HMI Reports XSS and Write Access Violation Vulnerabilities,1,Invensys," Independent security researchers Billy Rios and Terry McCorkle have identified cross-site scripting (XSS) and write access violation vulnerabilities in the Invensys Wonderware HMI reports product.ICS-CERT has coordinated these two vulnerabilities with Invensys, which has produced a new product version that resolves these reported vulnerabilities. The researchers have confirmed that the new version resolves these vulnerabilities."
ICSA-12-047-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-047-01A,2012-02-17,2018-08-27,Advantech WebAccess Vulnerabilities (UPDATE A),1,Advantech," This advisory follows up on two previous ICS-CERT Alerts: “ICS-ALERT-11-245-01—Multiple ActiveX Vulnerabilities in Advantech BroadWin WebAccess,” published September 2, 2011.a“ICS-ALERT-11-306-01—Advantech BroadWin WebAccess ActiveX Vulnerability,” published November 2, 2011.b ICS-CERT received both coordinated and uncoordinated reports of eighteen vulnerabilities in BroadWin WebAccess. These vulnerabilities include: Cross-site scripting (XSS)SQL injectionCross-site report forgery (CSRF)Authentication issues."
ICSA-12-059-01,https://www.us-cert.gov/ics/advisories/ICSA-12-059-01,2012-02-27,2013-05-08,ABB Robot Communications Runtime Buffer Overflow,1,ABB," ICS-CERT received a report from ABB and the Zero Day Initiative (ZDI) concerning a buffer overflow vulnerability in the Robot Communication Runtime software used to communicate with IRC5, IRC5C, and IRCP robot controllers. This vulnerability was reported to ZDI by independent security researcher Luigi Auriemma. If exploited, this vulnerability could allow an attacker to cause a denial of service to the robot scanning and discovery service on the computer and potentially execute remote code with administrator privileges. ABB has developed a patch to address this issue."
ICSA-12-062-01,https://www.us-cert.gov/ics/advisories/ICSA-12-062-01,2012-04-02,2013-05-01,Wonderware Information Server Multiple Vulnerabilities,1,Invensys," ICS-CERT originally released Advisory “ICSA-12-062-01P?Invensys Wonderware Information Server Multiple Vulnerabilities” on the US-CERT secure portal on March 02, 2012. This web page release was delayed to allow users time to download and install the update. Independent security researchers Terry McCorkle and Billy Rios have identified multiple vulnerabilities in the Invensys Wonderware Information Server. Invensys has developed a security update to address these affected products. Invensys has expressed appreciation to Billy Rios and Terry McCorkle as independent security researchers for the discovery and collaboration with Invensys on resolving these vulnerabilities."
ICSA-12-079-01,https://www.us-cert.gov/ics/advisories/ICSA-12-079-01,2012-03-19,2013-05-01,Microsoft Remote Desktop Protocol Memory Corruption Vulnerability,1,Microsoft," ICS-CERT is aware of a public report of a Remote Desktop Protocol (RDP) vulnerability with proof-of-concept (PoC) exploit code affecting multiple Microsoft Windows operating systems. RDP is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to another computer. In a control system environment, this protocol is typically used for remote access.Security researcher Luigi Auriemma coordinated the release of this information through the Zero Day Initiative (ZDI).1 Microsoft has issued a patch for this vulnerability that is available on their update website or automatically if automatic updates are turned on in a system. Though this report is not industrial control system (ICS)-specific, the results of successfully exploiting this vulnerability are far reaching into the ICS environment."
ICSA-12-081-01,https://www.us-cert.gov/ics/advisories/ICSA-12-081-01,2012-03-30,2013-05-01,Wonderware System Platform Buffer Overflows,1,Invensys," ICS-CERT originally released Advisory ICSA-12-081-01P on the US-CERT secure portal on March 21, 2012. This web page release was delayed to allow users time to download and install the update. Independent researcher Celil Unuver from SignalSec Corporation has identified two buffer overflow vulnerabilities in the WWCabFile component of the Wonderware System Platform, which is used by multiple applications that run on the platform. Invensys has produced a patch that resolves these vulnerabilities. Mr. Unuver has tested the patch and verified that it resolves the vulnerabilities."
ICSA-12-083-01,https://www.us-cert.gov/ics/advisories/ICSA-12-083-01,2012-03-23,2018-09-06,Ecava IntegraXor ActiveX Directory Traversal,1,Ecava," Independent researchers Billy Rios and Terry McCorkle have identified a Path Traversal vulnerability in the Ecava IntegraXor application. Ecava has produced an update that mitigates this vulnerability. The researchers have validated that the patch fixes this vulnerability."
ICSA-12-088-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-088-01A,2012-04-06,2018-09-06,Rockwell Automation FactoryTalk RNADiagReceiver (UPDATE A),1,Rockwell Automation," This Updated Advisory is a follow-up to the original Advisory titled “ICSA-12-088-01 – Rockwell Automation FactoryTalk RNADiagReceiver DOS Vulnerabilities” that was published March 28, 2012 on the ICS-CERT web page. This advisory is a follow-up to ICS-CERT Alert “ICS-ALERT-12-017-01—ROCKWELL AUTOMATION FACTORYTALK RNADIAGRECEIVER” that was published January 17, 2012, on the ICS-CERT web page. Independent researcher Luigi Auriemma identified two vulnerabilities that may result in a denial-of-service (DoS) condition in the Rockwell Automation FactoryTalk (FT) application. These vulnerabilities were reported, along with proof-of-concept code, without coordination with ICS-CERT, the vendor, or other coordinating entity. The two vulnerabilities include an unexpected return value and a read access violation. ICS-CERT has coordinated these vulnerabilities with Rockwell Automation who developed a patch that resolves these vulnerabilities."
ICSA-12-095-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-095-01A,2012-04-12,2013-04-16,ABB Multiple Components Buffer Overflow (UPDATE),1,ABB," Independent researchers Terry McCorkle and Billy Rios identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application. These components have been found to contain vulnerabilities in the COM and scripting interfaces. Follow-up investigation by ABB showed that these components are used in multiple ABB legacy products. Because these are legacy products nearing the end of their life cycle, ABB does not intend to patch these vulnerable components."
ICSA-12-102-01,https://www.us-cert.gov/ics/advisories/ICSA-12-102-01,2012-04-11,2018-08-23,Certec atvise webMI2ADS Vulnerabilities,1,Certec EDV GmbH," This advisory is a follow-up to the ICS-CERT alert titled ICS-ALERT-11-283-02 – Certec atvise webMI Vulnerabilities, released to the ICS-CERT web page on October 10, 2011. Independent researcher Luigi Auriemma has identified vulnerabilities in Certec’s webMI2ADS application. These vulnerabilities and proof of concept code were disclosed without coordination with ICS-CERT, the vendor, or any other coordinating entity. Certec has produced an update that resolves these vulnerabilities. Mr. Auriemma has verified that the update resolves the identified vulnerabilities."
ICSA-12-102-02,https://www.us-cert.gov/ics/advisories/ICSA-12-102-02,2012-04-12,2018-09-06,Koyo Ecom Modules Vulnerabilities,1,Koyo," This Advisory is a follow-up to the ICS-CERT Alert titled “ICS-ALERT-12-020-05A—Koyo Ecom100 Vulnerabilities” that was originally published January 20, 2012, on the ICS-CERT web page and updated on February 14, 2012.ICS-CERT is aware of a public report of vulnerabilities with proof-of-concept (PoC) exploit code affecting the Koyo ECOM100 Ethernet Module. This report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium (S4) on January19, 2012. Vulnerability details were released without coordination with either the vendor or ICS-CERT.A brute force password cracking tool has also been released that targets the weak authentication vulnerability in the ECOM series modules. This tool may greatly reduce the time and skill level required to attack a vulnerable system.ICS-CERT has coordinated these vulnerabilities with Koyo, which has produced an updated firmware that resolves these vulnerabilities."
ICSA-12-102-03,https://www.us-cert.gov/ics/advisories/ICSA-12-102-03,2012-04-11,2018-09-06,MICROSYS PROMOTIC Use After Free Vulnerability,1,MICROSYS," This advisory is a follow-up to ICS-ALERT-11-333-01 - MICROSYS PROMOTIC Use-After-Free Vulnerability, released on the ICS-CERT Web site on November 28, 2011. Independent researcher Luigi Auriemma has identified and released proof of concept code (POC) for a use after free vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application without coordination with ICS-CERT, the vendor, or any other known coordinating entity.ICS-CERT has coordinated this vulnerability with MICROSYS, which has produced an update that Mr. Auriemma confirms resolves this vulnerability."
ICSA-12-102-04,https://www.us-cert.gov/ics/advisories/ICSA-12-102-04,2012-04-11,2013-05-08,Siemens Scalance X Buffer Overflow Vulnerability,1,Siemens," ICS-CERT has received a report from Siemens regarding a buffer overflow vulnerability in the web interface of the Scalance X Industrial Ethernet switch. This vulnerability was reported to Siemens by Jürgen Bilberger from Daimler TSS GmbH. This vulnerability leaves the affected devices susceptible to a remote denial of service attack. Siemens has published a firmware update that addresses this vulnerability."
ICSA-12-102-05,https://www.us-cert.gov/ics/advisories/ICSA-12-102-05,2012-04-11,2013-05-08,Siemens Scalance S Multiple Security Vulnerabilities,1,Siemens," ICS-CERT has received a report from Siemens regarding two security vulnerabilities in the Scalance S Security Module firewall. This vulnerability was reported to Siemens by Adam Hahn and Manimaran Govindarasu for coordinated disclosure. The first issue is a brute-force credential guessing vulnerability in the web configuration interface of the firewall. The second issue is a stack-based buffer overflow vulnerability in the Profinet DCP protocol stack. Siemens has published a patch that resolves both of the identified vulnerabilities."
ICSA-12-122-01,https://www.us-cert.gov/ics/advisories/ICSA-12-122-01,2012-05-01,2013-04-18,WellinTech KingView DLL Hijack Vulnerability,1,WellinTech," Independent researcher Carlos Mario Peñagos Hollman identified a DLL Hijack vulnerability in WellinTech’s KingView application. WellinTech has created a patch that resolves the vulnerability. Mr. Hollman has tested the patch and verified that it resolves the vulnerability."
ICSA-12-129-01,https://www.us-cert.gov/ics/advisories/ICSA-12-129-01,2012-05-08,2018-09-06,WellinTech KingSCADA Insecure Password Encryption,1,WellinTech," This advisory is a follow-up to the alert titled “ICS-ALERT-12-020-06 - WellinTech KingSCADA Insecure Password Encryption Vulnerability” that was published January 20, 2012, on the ICS-CERT web page. Independent researchers Alexandr Polyakov and Alexey Sintsov from DSecRG identified an unsecure password encryption vulnerability in WellinTech KingSCADA application. When KingSCADA OPCServer and OPCClient are not on the same node, a remote attacker may obtain passwords to the system. DSecRG disclosed this vulnerability on its website without coordination with ICS-CERT, the vendor, or any other coordinating entity. An exploit is known to be publicly available. ICS-CERT has coordinated the mitigation of this vulnerability with WellinTech, which has produced a new version of KingSCADA that resolves the problem. ICS-CERT has not tested this version to verify that the vulnerability is resolved."
ICSA-12-131-01,https://www.us-cert.gov/ics/advisories/ICSA-12-131-01,2012-05-10,2013-05-01,Progea Movicon Memory Corruption Vulnerability,1,Progea," Security researcher Dillon Beresford of IXIA1 has identified a memory corruption vulnerability in the Progea Movicon application. This vulnerability can be exploited by a remote attacker; however, no public exploits are currently known to exist. ICS-CERT has coordinated these vulnerabilities with Progea, which has produced a new version (V11.3) that resolves the reported vulnerability. Mr. Beresford has tested the new version and confirms that it resolves the vulnerability."
ICSA-12-131-02,https://www.us-cert.gov/ics/advisories/ICSA-12-131-02,2012-06-27,2018-08-21,GE Intelligent Platforms Proficy HTML Help Vulnerabilities (Update A),1,GE,NULL
ICSA-12-137-02,https://www.us-cert.gov/ics/advisories/ICSA-12-137-02,2012-05-16,2018-09-06,Advantech Studio ISSymbol ActiveX Buffer Overflow,1,Advantech," This advisory is a follow-up to the original alert titled ICS-ALERT-11-131-01 - Advantech Studio ISSymbol ActiveX Buffer Overflow Vulnerabilities that was published May 11, 2011, on the ICS-CERT web page. A remote attacker could exploit these vulnerabilities; publicly available exploit code is known to exist that targets these vulnerabilities. Independent researcher Dmitriy Pletnev of Secunia has identified multiple buffer overflow vulnerabilities in the Advantech Studio product. Advantech has produced a new version that mitigates these vulnerabilities. Mr. Pletnev has tested the new version to validate that it resolves the vulnerabilities."
ICSA-12-138-01,https://www.us-cert.gov/ics/advisories/ICSA-12-138-01,2012-05-30,2013-04-30,Emerson DeltaV Multiple Vulnerabilities,1,Emerson," ICS-CERT originally released Advisory ICSA-12-138-01P to the US-CERT secure portal on May 17, 2012, and released Update A on May 21, 2012. This web page release (including Update A) was delayed to allow users time to download and install the update.Researcher Kuang-Chun Hung of the Security Research and Service Institute?Information and Communication Security Technology Center (ICST) has identified multiple vulnerabilities in the Emerson DeltaV application.These vulnerabilities can be exploited by a remote attacker; however, no publicly available exploits are currently known to exist. Emerson has produced a hotfix that mitigates these vulnerabilities. ICST has tested this hotfix and confirms that it fully resolves the vulnerabilities."
ICSA-12-145-01,https://www.us-cert.gov/ics/advisories/ICSA-12-145-01,2012-05-24,2013-05-01,Measuresoft ScadaPro DLL Hijack,1,Measuresoft," Independent researcher Carlos Mario Penagos Hollmann identified a remotely exploitable, uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in Measuresoft’s ScadaPro application. Measuresoft has produced an upgrade to address this vulnerability. Mr. Hollmann has verified that the new version resolves the vulnerability."
ICSA-12-145-02,https://www.us-cert.gov/ics/advisories/ICSA-12-145-02,2012-05-24,2018-09-06,xArrow Multiple Vulnerabilities,1,xArrow," This advisory is a follow-up to ICS-ALERT-12-065-01 xArrow Vulnerabilities that was published March 05, 2012. Independent security researcher Luigi Auriemma identified and released four security vulnerabilities, along with proof-of-concept code, in the xArrow software application without coordination with ICS-CERT, the vendor, or any other coordinating entity. The following remotely exploitable vulnerabilities were identified: NULL Pointer Dereference,Heap-Based Buffer Overflow,Out-of-Bounds read, andImproper Restriction of Operations within the Bounds of a Memory Buffer. xArrow has produced a new version that resolves the reported vulnerabilities. Luigi Auriemma has tested the new version and confirmed that the vulnerabilities have been resolved."
ICSA-12-146-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-146-01A,2012-06-18,2018-09-06,RuggedCom Weak Cryptography for Password Vulnerability (Update A),1,RuggedCom,
ICSA-12-150-01,https://www.us-cert.gov/ics/advisories/ICSA-12-150-01,2012-09-07,2018-09-06,Honeywell HMIWeb Browser Buffer Overflow Vulnerability,1,Honeywell," This advisory was originally posted on the the US-CERT secure portal library (titled ICSA-12-150-01P Honeywell HMIWeb Browser Buffer Overflow Vulnerability) to allow customers time to download the vendor patch prior to full public disclosure. ICS-CERT received a report from Honeywell and the Zero Day Initiative (ZDI),a concerning a buffer overflow vulnerability in all products using the Honeywell HMIWeb browser. This vulnerability was reported to ZDI by an anonymous researcher. Honeywell has created specific patches, based on the product version, that address this issue. These patches have not been independently validated. This vulnerability could be exploited remotely."
ICSA-12-158-01,https://www.us-cert.gov/ics/advisories/ICSA-12-158-01,2012-06-06,2014-01-30,Siemens WinCC Multiple Vulnerabilities,1,Siemens," Independent researchers Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov from Positive Technologies have identified multiple vulnerabilities in the Siemens WinCC application. In evaluating these reported vulnerabilities, Siemens identified an additional vulnerability that is included in this advisory. Siemens has produced an update that resolves all vulnerabilities except the buffer overflow in DiagAgent. DiagAgent is no longer supported, and this vulnerability can be mitigated by disabling the service. ICS-CERT has not tested this update. These vulnerabilities may be remotely exploited."
ICSA-12-167-01,https://www.us-cert.gov/ics/advisories/ICSA-12-167-01,2012-06-15,2018-09-06,Innominate MGuard Weak HTTPS and SSH Keys,1,Innominate," An independent research group comprised of Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman identified an insufficient entropy vulnerability in Innominate’s mGuard network appliance product line. By impersonating the device, an attacker can obtain the credentials of administrative users and potentially perform a Man-in-the-Middle (MitM) attack. Innominate has validated the vulnerability and produced an update that resolves the reported vulnerability. This vulnerability can be remotely exploited.ICS-CERT has coordinated this vulnerability with Innominate, which has produced an update that resolves this vulnerability."
ICSA-12-171-01,https://www.us-cert.gov/ics/advisories/ICSA-12-171-01,2012-06-19,2018-09-06,Wonderware SuiteLink Unallocated Unicode String Vulnerability,1,Invensys," This Advisory is a follow-up to the original ICS-CERT Alert titled ICS-ALERT-12-136-01 Wonderware SuiteLink Unallocated Unicode String that was published May 15, 2012 on the ICS-CERT web page.Independent researcher Luigi Auriemma identified a maliciously crafted Unicode string vulnerability causing a stack-based buffer overflow with proof-of-concept (PoC) exploit code that affects the Invensys Wonderware SuiteLink service (slssvc.exe). This vulnerability was released without coordinating with ICS-CERT or the vendor. This vulnerability can be exploited remotely, and public exploits are known to target this vulnerability. Wonderware SuiteLink is part of the System Platform software suite.ICS-CERT has coordinated this vulnerability with Invensys. Invensys has confirmed the vulnerability exists for Wonderware products built prior to 2011. Invensys has produced a patch that resolves this vulnerability. This patch validation was confirmed by Luigi Auriemma."
ICSA-12-177-02,https://www.us-cert.gov/ics/advisories/ICSA-12-177-02,2012-07-13,2013-05-01,Invensys Wonderware InTouch 10 DLL Hijack,1,Invensys," ICS-CERT originally released Advisory ICSA-12-177-01P on the US-CERT Portal on July 05, 2012. This web page release was delayed to provide the vendor time to contact customers concerning this information.Independent researcher Carlos Mario Penagos Hollmann has identified an uncontrolled search path element vulnerability, commonly referred to as a dll hijack, in Invensys’s Wonderware InTouch application. Successfully exploiting this vulnerability could lead to arbitrary code execution.ICS-CERT has coordinated the report with Invensys, which has produced an upgrade to address this vulnerability. Mr. Hollmann has validated that the upgrade resolves the reported vulnerability."
ICSA-12-179-01,https://www.us-cert.gov/ics/advisories/ICSA-12-179-01,2012-06-27,2018-09-06,Pro-Face Pro-Server EX Vulnerabilities,1,Digital Electronics," This advisory is a follow-up to the alert titled “ICS-ALERT-12-137-01 Pro-face Pro-Server EX Vulnerabilities,” that was published May 16, 2012, on the ICS-CERT Web page.Independent researcher Luigi Auriemma identified multiple vulnerabilities in the Pro-face Pro-Server EX application and publicly released this information without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT.The four confirmed vulnerabilities are invalid memory access, integer overflow, unhandled exception, and memory corruptions. Each of these vulnerabilities can be exploited remotely, and public exploits are known to target these vulnerabilities.ICS-CERT has coordinated these vulnerabilities with the development and manufacturing company of Pro-face branded products, Digital Electronics, which has produced an update that resolves these vulnerabilities."
ICSA-12-185-01,https://www.us-cert.gov/ics/advisories/ICSA-12-185-01,2012-07-03,2014-09-02,WellinTech KingView Multiple Vulnerabilities,1,WellinTech," Independent researchers Carlos Mario Penagos Hollman and Dillon Beresford identified multiple vulnerabilities in WellinTech’s KingView and a single vulnerability in WellinTech’s KingHistorian application. These vulnerabilities are exploitable remotely. WellinTech has created a patch and the researchers have validated that the patch resolves these vulnerabilities in the KingView and KingHistorian applications."
ICSA-12-201-01,https://www.us-cert.gov/ics/advisories/ICSA-12-201-01,2012-07-19,2015-05-06,OSIsoft PI OPC DA Interface Buffer Overflow,1,OSIsoft," ICS-CERT has received a report from OSIsoft concerning a stack-based buffer overflow in the PI OPC DA Interface software that could cause the software to crash or allow a remote attacker to execute arbitrary code. This vulnerability was discovered during a software assessment requested by OSIsoft and funded by the US Department of Homeland Security.OSIsoft has published a customer notification, and has released a product update that resolves this vulnerability."
ICSA-12-205-01,https://www.us-cert.gov/ics/advisories/ICSA-12-205-01,2012-07-23,2013-05-08,Siemens WinCC Insecure SQL Server Authentication,1,Siemens," Siemens has released a software update for an insecure SQL server authentication vulnerability in Siemens’ SIMATIC WinCC and SIMATIC PCS 7 software. Previous versions of SIMATIC WinCC use default SQL server credentials that allowed administrative access to the database. The default credentials cannot be changed or disabled. This vulnerability can be remotely exploited, as was the case with Stuxnet malware which was known to target this vulnerability. Siemens has produced an updated version that resolves the reported vulnerability. Note: This advisory, together with advisory “ICSA-12-205-02—Siemens SIMATIC STEP 7 DLL Vulnerability,” addresses vulnerabilities first discovered in 2010 in conjunction with the discovery of Stuxnet. This vulnerability was fixed in 2010 by Siemens through a security update."
ICSA-12-205-02,https://www.us-cert.gov/ics/advisories/ICSA-12-205-02,2012-07-23,2013-05-08,Siemens SIMATIC STEP 7 DLL Vulnerability,1,Siemens," Siemens has released a software update for a DLL hijacking vulnerability in SIMATIC STEP 7 and SIMATIC PCS 7 software. Previous versions of SIMATIC STEP 7 and PCS 7 allowed the loading of malicious DLL files into the STEP 7 project folder that can be used to attack the system on which STEP 7 is installed. This vulnerability can be remotely exploited, as was the case with Stuxnet malware which was known to target this vulnerability. Siemens has produced a patch that resolves this vulnerability. Note: This advisory, together with advisory “ICSA-12-205-01--Siemens WinCC Insecure SQL Authentication,” addresses vulnerabilities first discovered in 2010 in conjunction with the discovery of Stuxnet. This vulnerability was fixed in 2011 by Siemens through a security update."
ICSA-12-212-01,https://www.us-cert.gov/ics/advisories/ICSA-12-212-01,2012-07-30,2013-08-28,ICONICS GENESIS32/BizViz Security Configurator Authentication Bypass Vulnerability,1,ICONICS," Dr. Wesley McGrew of Mississippi State University has identified an authentication bypass vulnerability leading to privilege escalation in the ICONICS GENESIS32 and BizViz applications, specifically in the Security Configurator component. This vulnerability allows an attacker to bypass normal authentication methods, granting full administrative control over the system. Exploits that target this vulnerability are known to be publicly available. ICONICS has produced a hot fix that mitigates this vulnerability."
ICSA-12-212-02,https://www.us-cert.gov/ics/advisories/ICSA-12-212-02,2012-07-30,2013-05-08,Siemens SIMATIC S7-400 PN CPU DoS,1,Siemens," Siemens has reported to ICS-CERT that denial-of-service (DoS) vulnerabilities exist in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. Siemens has produced a firmware update that mitigates the vulnerability affecting the S7-400 V6. Siemens will not fix the vulnerability that affects the S7-400 V5 because that product version has reached end-of-life and has been discontinued. Both vulnerabilities could be exploited remotely."
ICSA-12-213-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-213-01A,2014-03-18,2018-09-06,Sielco Sistemi Winlog Multiple Vulnerabilities (Update A),1,Sielco Sistemi," This updated advisory is a follow-up to the original advisory titled ICSA-12-213-01 - Sielco Sistemi Winlog Multiple Vulnerabilities that was published July 31, 2012, on the NCCIC/ICS-CERT web site. The updated advisory matches new CVE identifiers up with other publicly available vulnerability disclosuresa and databases.b Researchers Carlos Mario Penagos Hollmann of IOActive, Michael Messner, and Luigi Auriemma have separately identified multiple vulnerabilities in Sielco Sistemi’s Winlog application. Sielco Sistemi has produced a new release that corrects all identified vulnerabilities. Mr. Hollmann and Mr. Auriemma have tested the release to validate that it resolves the vulnerabilities. These vulnerabilities can be remotely exploited. Exploit code is publicly available for these vulnerabilities."
ICSA-12-214-01,https://www.us-cert.gov/ics/advisories/ICSA-12-214-01,2012-08-01,2013-05-08,Siemens Synco OZW Default Password,1,Siemens," Siemens has reported to ICS-CERT that a default password vulnerability exists in the Siemens Synco OZW Web Server device used for building automation systems. Siemens urges their customers to set a secure password on their device’s web interface. This vulnerability could be exploited remotely."
ICSA-12-227-01,https://www.us-cert.gov/ics/advisories/ICSA-12-227-01,2012-08-14,2013-05-07,Siemens COMOS Database Privilege Escalation Vulnerability,1,Siemens," Siemens has reported a privilege escalation vulnerability in the Siemens COMOS database application. Siemens has produced an update that fixes this vulnerability. This vulnerability could be exploited remotely."
ICSA-12-228-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-228-01A,2013-08-12,2014-03-06,Tridium Niagara Vulnerabilities (Update A),1,Tridium,
ICSA-12-234-01,https://www.us-cert.gov/ics/advisories/ICSA-12-234-01,2012-10-15,2018-08-23,GE Intelligent Platforms Proficy Real-Time Information Portal Vulnerabilities,0,GE," This advisory is a follow-up to the previously updated portal advisory titled ICSA-12-234-01AP—GE Intelligent Platforms Proficy Real-Time Information Portal Multiple Vulnerabilities, which was published September 17, 2012, in the US-CERT secure Portal library. This advisory provides mitigation details for multiple vulnerabilities that affect the GE Intelligent Platforms Proficy Real-Time Information Portal. Researcher Kuang-Chun Hung of Information and Communication Security Technology Center (ICST) identified multiple vulnerabilities in GE’s Intelligent Platforms Proficy Real-Time Information Portal. Three improper input validation vulnerabilities could lead to a possible denial of service (DoS). GE has released patches that fix the vulnerabilities in Versions 3.5 SP1, 3.5, and 3.0 SP1. Successful exploitation of these vulnerabilities could affect multiple sectors worldwide. These vulnerabilities can be exploited remotely."
ICSA-12-243-01,https://www.us-cert.gov/ics/advisories/ICSA-12-243-01,2012-08-30,2013-04-30,GarrettCom - Use of Hard-Coded Password,1,GarrettCom," Independent security researcher Justin W. Clarke of Cylance Inc. has identified a privilege-escalation vulnerability in the GarrettCom Magnum MNS-6K Management Software application via the use of a hard-coded password. This vulnerability could allow a remote attacker with any level of access to the system to escalate the attacker’s privilege to the administrative level. The attacker must have access to a logon account on the device to exploit this vulnerability. GarrettCom has produced a patch that mitigates this vulnerability."
ICSA-12-249-01,https://www.us-cert.gov/ics/advisories/ICSA-12-249-01,2012-09-05,2013-04-30,Arbiter Systems Power Sentinel Denial-of-Service Vulnerability,1,Arbiter Systems," Arbiter Systems reported to ICS-CERT that a vulnerability that causes a denial of service (DoS) has been identified in Arbiter Systems Power Sentinel Phasor Measurement Unit. The vulnerability can be exploited remotely. Arbiter Systems has produced a patch that mitigates this vulnerability. OSIsoft tested the patch to validate that it resolves the vulnerability."
ICSA-12-249-02,https://www.us-cert.gov/ics/advisories/ICSA-12-249-02,2012-09-05,2018-09-06,WAGO IO 758 Default Linux Credentials,1,WAGO," This advisory updates the ICS-CERT Alert titled “ICS-ALERT-12-097-01 - WAGO IPC Vulnerabilities” that was posted on the ICS-CERT Web site on April 06, 2012. This alert detailed a vulnerability report of “hard-coded” credentials and improper access controls in the WAGO I/O System 758 product line. Researcher Reid Wightman of Digital Bond released these vulnerabilities without coordination with ICS-CERT or WAGO. After coordination with the researcher and the vendor, ICS-CERT determined that the improper authentication vulnerability is found in a third-party component used in multiple WAGO products. ICS-CERT is also coordinating this vulnerability with 3-S Smart Software Solutions, the third-party supplier. ICS-CERT will update an advisory with additional information from 3S as it becomes available. WAGO has confirmed that its I/O System 758 products are configured with default operating system credentials. These credentials are disclosed, but WAGO provided no information on how to change the default passwords. WAGO has released a procedure with additional documentation on how to change the default operating system passwords in Models 758-874, 758-875, and 758-876. WAGO has also released a best security practices document that makes recommendations to its customers on how to best secure its industrial control system (ICS) products. These vulnerabilities are exploitable remotely and proof-of-concept (PoC) exploits are known to exist."
ICSA-12-249-03,https://www.us-cert.gov/ics/advisories/ICSA-12-249-03,2012-09-05,2013-10-28,InduSoft ISSymbol ActiveX Control Buffer Overflow,1,InduSoft," ICS-CERT received a report from Indusoft and the Zero Day Initiative (ZDI) concerning a heap-based buffer overflow vulnerability affecting the InduSoft ISSymbol ActiveX control. This vulnerability was reported to ZDI by security researcher Alexander Gavrun. Successful exploitation of this vulnerability could allow remote execution of arbitrary code."
ICSA-12-251-01,https://www.us-cert.gov/ics/advisories/ICSA-12-251-01,2012-09-07,2014-01-02,RealFlex RealWinDemo DLL Hijack,1,RealFlex Technologies," Independent researcher Carlos Mario Penagos Hollmann has identified an uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in the RealFlex RealWinDemo application. RealFlex Technologies has produced an upgrade to address this vulnerability, which Mr. Hollmann has validated, and it resolves the reported vulnerability."
ICSA-12-256-01,https://www.us-cert.gov/ics/advisories/ICSA-12-256-01,2012-09-12,2014-08-29,Siemens WinCC WebNavigator Multiple Vulnerabilities,1,Siemens," Siemens has reported multiple vulnerabilities in the Siemens WinCC WebNavigator application. These vulnerabilities were originally reported directly to Siemens by Positive Technologies. Siemens has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-12-258-01,https://www.us-cert.gov/ics/advisories/ICSA-12-258-01,2012-09-14,2013-05-01,IOServer OPC Server Multiple Vulnerabilities,1,IOServer," Independent researcher Hinge of foofus.net has identified multiple vulnerabilities1 in IOServer’s OPC Server application. IOServer has released a new version of the product that partially mitigates these vulnerabilities. Hinge has tested the new version and found that it partially resolves these vulnerabilities. These vulnerabilities can be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-12-262-01,https://www.us-cert.gov/ics/advisories/ICSA-12-262-01,2012-09-12,2018-09-05,Fultek WinTr Directory Traversal,1,Fultek," Researcher Daiki Fukumori of Cyber Defense Institute has identified a directory traversal vulnerability in Fultek’s WinTr SCADA application. Fultek was unable to validate this vulnerability and has not offered any mitigation plans. ICS-CERT has validated the vulnerability. This vulnerability could be exploited remotely."
ICSA-12-263-01,https://www.us-cert.gov/ics/advisories/ICSA-12-263-01,2012-09-19,2013-05-06,Siemens S7-1200 Insecure Storage of HTTPS CA Certificate,1,Siemens," Siemens has reported1 an insecure HTTPS certificate storage vulnerability in Siemens’ S7-1200 v2.x. Siemens has provided guidance to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-12-263-02,https://www.us-cert.gov/ics/advisories/ICSA-12-263-02,2012-09-19,2013-04-22,ORing Industrial Networking IDS-5042/5042+ Hard-Coded Credential Vulnerability,1,ORing," Independent researcher Reid Wightman of Digital Bond1 identified hard-coded credentials in the operating system of the ORing Industrial DIN-Rail Device Server 5042/5042+ systems and publicly released this information without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. This vulnerability grants attackers administrative access to the device. ICS-CERT has been unable to successfully coordinate this vulnerability with ORing Industrial Networking because of the vendor’s unresponsiveness. ICS-CERT is unaware of any fix by ORing Industrial Networking that mitigates this vulnerability. This vulnerability can be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-12-265-01,https://www.us-cert.gov/ics/advisories/ICSA-12-265-01,2012-09-28,2013-04-30,Emerson DeltaV Buffer Overflow,1,Emerson," ICS-CERT originally released Advisory ICSA-12-265-01P on the US-CERT Portal on September 21, 2012. This web page release was delayed to provide the vendor time to contact customers concerning this information. Researcher Kuang-Chun Hung of the Security Research and Service Institute-Information and Communication Security Technology Center (ICST) has identified a buffer-overflow vulnerability in the Emerson DeltaV application. This vulnerability can be exploited by a remote attacker; however, no publicly available exploits are currently known to exist. Emerson has produced a hotfix that mitigates this vulnerability. ICST has tested this hotfix and confirms that it fully resolves the vulnerability."
ICSA-12-271-01,https://www.us-cert.gov/ics/advisories/ICSA-12-271-01,2012-11-01,2013-04-30,C3-ilex EOScada Multiple Vulnerabilities,1,C3-ilex," This Advisory is a follow-up release to the original Advisory which was posted to the US-CERT secure Portal library October 08, 2012. Dale Peterson of Digital Bond has identified multiple vulnerabilities in the C3-ilex’s EOScada application that can result in data leakage and a denial-of-service (DoS) condition. C3-ilex’s has produced a patch that resolves these vulnerabilities."
ICSA-12-271-02,https://www.us-cert.gov/ics/advisories/ICSA-12-271-02,2012-09-27,2013-04-22,Optimalog Optima PLC Multiple Vulnerabilities,1,Optimalog," Independent researcher Luigi Auriemma identified a NULL Pointer Dereference and an Infinite Loop and released proof-of-concept (exploit) code for Optimalog’s Optima PLC application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT.Optimalog has released a new version to address these vulnerabilities. The component APIFTP is no longer installed by default with Optima PLC, the user must check a specific option. A security warning is displayed at the first performance of APIFTP to inform the user about opening a TCP port and asking the user to validate APIFTP use."
ICSA-12-283-01,https://www.us-cert.gov/ics/advisories/ICSA-12-283-01,2012-10-12,2013-08-30,Siemens S7-1200 Web Application Cross Site Scripting,1,Siemens," This advisory provides mitigation details provided by Siemens for a vulnerability that impacts the Siemens S7-1200 Web Application Module. Siemens has reporteda a cross-site scripting (XSS) vulnerability in Siemens’s S7-1200 Programmable Logic Controllers (PLCs). Positive Technologiesb discovered this vulnerability and reported it directly to Siemens. Siemens has provided mitigations and a firmware update to fix this vulnerability. Exploitation of this vulnerability would allow an attacker to partially modify application data and limit the availability of the device. This vulnerability affects the electric, critical manufacturing, chemical, and food and beverage sectors. This vulnerability can be exploited remotely."
ICSA-12-283-02,https://www.us-cert.gov/ics/advisories/ICSA-12-283-02,2012-10-09,2018-09-06,WellinTech KingView User Credentials Not Securely Hashed,1,WellinTech," This advisory is a follow-up to the alert titled ICS-ALERT-12-212-02 WellinTech KingView User Credentials Not Securely Hashed that was published July 30, 2012, on the ICS-CERT Web page. Dr. Wesley McGrew of Mississippi State University has identified a default credential vulnerability in WellinTech KingView application. WellinTech has produced a patch that mitigates this vulnerability. Exploits that target this vulnerability are known to be publicly available."
ICSA-12-297-01,https://www.us-cert.gov/ics/advisories/ICSA-12-297-01,2012-12-09,2013-12-23,Tropos Wireless Mesh Routers,1,Tropos," This advisory is a follow-up to the original advisory titled ICSA-12-297-01P—Tropos Wireless Mesh Routers Insufficient Entropy Vulnerability that was published October 23, 2012, on the ICS-CERT secure Portal library. This advisory provides mitigation details for a vulnerability that impacts Tropos Wireless Mesh Routers. An independent research group composed of Nadia Heninger (University of California at San Diego), Zakir Durumeric (University of Michigan), Eric Wustrow (University of Michigan), and J. Alex Halderman (University of Michigan) identified an insufficient entropy vulnerabilitya in SSH key generation in Tropos Networks’s wireless network router product line. By impersonating the device, an attacker can obtain the credentials of administrative users and perform a Man-in-the-Middle (MitM) attack. Tropos has validated the vulnerability and produced an embedded operating software update that mitigates the reported vulnerability. According to Tropos, products are deployed across several sectors including the transportation, energy, water, emergency services, and critical manufacturing concentrated in the United States. This vulnerability can be exploited remotely."
ICSA-12-297-02,https://www.us-cert.gov/ics/advisories/ICSA-12-297-02,2012-10-23,2018-09-05,Korenix Jetport 5600 Series Hard-coded Credentials,1,Korenix," This advisory provides mitigation details for a vulnerability that impacts the Korenix JetPort 5600. Independent researcher Reid Wightman of Digital Bond identified undocumented hard-coded root credentials in the firmware of the Korenix JetPort 5600 system application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. The Korenix JetPort is an industrial serial device server to control multiple serial devices over Ethernet. Successful exploitation of this vulnerability would allow attackers to exploit the product by using the hard-coded credential to log into the device with administrative privileges and gain access to the attached serial devices. Korenix has produced an upgraded firmware version that removes the accounts. This product is used worldwide, primarily in the communications and information technology sectors. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-12-305-01,https://www.us-cert.gov/ics/advisories/ICSA-12-305-01,2012-10-31,2018-08-27,Siemens SiPass Server Buffer Overflow,1,Siemens," This advisory provides mitigation details provided by Siemens for a vulnerability that impacts the Siemens SiPass server. Siemens has reported a buffer overflow vulnerability in the Siemens SiPass server. Lucas Apa of IOActive discovered this vulnerability and reported it directly to Siemens. Siemens has provided mitigations and a software hotfix corrects this vulnerability. Exploitation of this vulnerability would allow an attacker to perform a denial of service (DoS) and possibly gain access to the system via remote code execution. This vulnerability can be exploited remotely."
ICSA-12-320-01,https://www.us-cert.gov/ics/advisories/ICSA-12-320-01,2012-11-14,2013-04-30,ABB AC500 PLC Webserver CoDeSys Vulnerability,1,ABB," ICS-CERT has been notified of a buffer overflow vulnerability in the ABB AC500 PLC Webserver application. Successful exploitation of this vulnerability could lead to a denial of service (DoS), affecting the availability of the service. This vulnerability is related to ICS-CERT Advisory, ICSA-12-006-01--3S Smart Software Solutions CoDeSys Vulnerabilities as the ABB AC500 PLC uses the CoDeSys Webserver. ABB has produced a patch for the AC500 PLC that mitigates this vulnerability. This vulnerability affects multiple sectors to include the energy, critical manufacturing, and transportation sectors. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-12-325-01,https://www.us-cert.gov/ics/advisories/ICSA-12-325-01,2012-11-20,2014-03-06,Sinapsi Devices Vulnerabilities,1,Sinapsi," This advisory is a follow-up to the alert titled ICS-ALERT-12-284-01—Sinapsi eSolar Light Vulnerabilities that was published October 10, 2012. Independent researchers Roberto Paleari and Ivan Speziale identified four vulnerabilities and released proof-of-concept (exploit) code for the Sinapsi eSolar Light Photovoltaic System Monitor without coordination with ICS-CERT, this vendor, or any other coordinating entity known to ICS-CERT. The eSolar Light has also been sold with different brands and names. Successful exploitation of the vulnerabilities would allow an attacker to gain unauthorized access, access private information, and execute remote code. The eSolar Light is a monitoring system used in solar power applications. However, Sinapsi also reports that other Sinapsi devices (eSolar, eSolar DUO, eSolar Light) are vulnerable to these vulnerabilities. These devices are used in the Energy Sector."
ICSA-12-335-01,https://www.us-cert.gov/ics/advisories/ICSA-12-335-01,2012-11-30,2018-09-05,Post Oak Bluetooth Traffic Systems Insufficient Entropy Vulnerability,1,Post Oak Traffic Systems," This advisory provides mitigation details for a vulnerability that impacts Post Oak Traffic AWAM Bluetooth Reader Systems. An independent research group composed of Nadia Heninger (University of California at San Diego), J. Alex Halderman, Zakir Durumeric, and Eric Wustrow (all from the University of Michigan) identified an insufficient entropy vulnerability  in authentication key generation in the Post Oak AWAM Bluetooth Reader Traffic System. By impersonating the device, an attacker can obtain the credentials of administrative users and potentially perform a Man-in-the-Middle (MitM) attack. Post Oak has validated the vulnerability and produced an updated firmware version that mitigates the vulnerability. According to Post Oak, its products are deployed in the transportation sector, mainly in the United States.  This vulnerability can be exploited remotely. "
ICSA-12-341-01,https://www.us-cert.gov/ics/advisories/ICSA-12-341-01,2013-01-10,2018-09-06,GE Proficy HMI/SCADA Cimplicity Integer Overflow,1,GE," This updated advisory is a follow-up to the original ICS-CERT Advisory titled ICSA-12-341-01P—GE PROFICY HMI/SCADA CIMPLICITY INTEGER OVERFLOW that was published December 06, 2012, to the US-CERT secure Portal library. Researcher Kuang-Chun Hung of Information and Communication Security Technology Center (ICST) has identified an improper input validation vulnerability in GE’s Intelligent Platforms Proficy HMI/SCADA—Cimplicity. This vulnerability could lead to a possible denial of service (DoS). GE has produced an updated product version that ICST has validated. ICST confirms that the product update resolves the reported vulnerability. This vulnerability can be exploited remotely."
ICSA-12-342-01B,https://www.us-cert.gov/ics/advisories/ICSA-12-342-01B,2014-04-10,2018-09-06,"Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 Fault Generation Vulnerability (Update B)",1,Rockwell Automation," This updated advisory is a follow-up to the updated advisory titled ICSA-12-342-01A Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 controller that was published December 11, 2012, on the NCCIC/ICS-CERT web site. Independent researcher Matthew Luallen of CYBATI has identified a fault generation vulnerability that can cause a denial of service (DoS) in the Rockwell Automation Allen-Bradley MicroLogix, SLC 500, and PLC-5 controller. Rockwell has released a notificationa that includes mitigation strategies for this vulnerability."
ICSA-12-348-01,https://www.us-cert.gov/ics/advisories/ICSA-12-348-01,2012-12-12,2015-02-25,Siemens ProcessSuite and Invensys Intouch Poorly Encrypted Password File,1,Invensys," This advisory provides mitigation details for a vulnerability that impacts Siemens ProcessSuite and Invensys Wonderware InTouch products. Researcher Seth Bromberger of NCI Security, LLC and independent researcher Slade Griffin have identified an insecure password storage vulnerability in both Siemens ProcessSuite and Invensys Wonderware InTouch applications. Siemens states that ProcessSuite is outdated and cannot be updated to match current security requirements; Siemens recommends upgrading to a more recent human-machine interface (HMI). Invensys recommends using Windows integrated security rather than the InTouch security subsystem but has created a new patch to mitigate this vulnerability. Successful exploitation of this vulnerability can allow an attacker to log in to the system as a privileged user and take over the application."
ICSA-12-349-01,https://www.us-cert.gov/ics/advisories/ICSA-12-349-01,2012-12-13,2013-05-07,Siemens Automation License Manager Uncontrolled Resource Consumption,1,Siemens," This advisory provides mitigation details for a vulnerability that impacts the Siemens Automation License Manager (ALM). Siemens ProductCERT has identified an uncontrolled resource consumption vulnerability1 in the Siemens ALM, which is used for license management by various Siemens software products. Siemens has produced a software update that fully resolves this vulnerability. Exploitation of this vulnerability would allow loss of availability of the system."
ICSA-12-354-01A,https://www.us-cert.gov/ics/advisories/ICSA-12-354-01A,2013-04-29,2018-09-06,Ruggedcom ROS Hard-Coded RSA SSL Private Key (Update A),1,RuggedCom," This Updated Advisory is a follow-up to the original advisory titled ICSA-12-354-01 RuggedCom ROS Hard-Coded RSA SSL Private Key that was published December 18, 2012, on the ICS-CERT Web page, as a follow-up to the original ICS-CERT alert ICS-ALERT-12-234-01 RuggedCom ROS Key Management Errors, which was released to the Web page on August 30, 2012. Independent researcher Justin W. Clarke of Cylance Inc., has identified the use of hard-coded RSA SSL private key in RuggedCom’s Rugged Operating System (ROS). RuggedCom, an independent subsidiary of Siemens, has produced a new version of the ROS that mitigates this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are publicly available."
ICSA-12-354-02,https://www.us-cert.gov/ics/advisories/ICSA-12-354-02,2012-12-08,2013-08-28,Carlo Gavazzi EOS Box Multiple Vulnerabilities,1,Carlo Gavazzi," This advisory provides mitigation details for multiple vulnerabilities that impact the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has identified two vulnerabilities in the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has produced a firmware update that fully resolves these vulnerabilities. Successful exploitation of the vulnerabilities would allow an attacker to gain unauthorized access, access private information, and execute remote code. This device is used in the energy sector. These vulnerabilities could be exploitable remotely. Exploits that target these vulnerabilities are publicly available."
ICSA-12-362-01,https://www.us-cert.gov/ics/advisories/ICSA-12-362-01,2012-12-26,2013-04-30,I-GEN opLYNX Central Authentication Bypass,1,I-GEN," This advisory provides mitigation details for a vulnerability that impacts the i-GEN opLYNX Central software. Exploitation of this vulnerability would allow partial leakage of information and access to system settings. Independent researcher Anthony Cicalla has identified an authentication bypass vulnerability in i-GEN Solutions opLYNX Central application. i-GEN Solutions has produced a new version that mitigates this vulnerability. The researcher has tested the new version to validate that it resolves the vulnerability. This vulnerability impacts the energy sector, mainly in Canada. This vulnerability could be exploited remotely."
ICSA-13-011-01,https://www.us-cert.gov/ics/advisories/ICSA-13-011-01,2013-01-10,2018-09-06,3S CoDeSys Vulnerabilities,1,3S-Smart Software Solutions," This advisory is a follow-up to the ICS-CERT Alert titled “ICS-ALERT-12-097-02A 3S-Software CoDeSys Improper Access Control (Update A)"" that was published October 26, 2012. This advisory provides mitigation details for multiple vulnerabilities that affect the 3S-Smart Software Solutions CoDeSys Runtime Toolkit. Independent researcher Reid Wightman of IOActive, formerly of Digital Bond, identified1 an improper access control and a directory traversal vulnerability in the 3S CoDeSys Runtime application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. Exploitation of these vulnerabilities would allow unauthorized access to the system and unauthorized access to the file system. The CoDeSys Runtime Toolkit is used in a number of vendor’s products worldwide. 3S has developed a patch that implements a password for authentication to the system. Reid Wightman has validated that the patch, issued by 3S, mitigates theses vulnerabilities. These vulnerabilities can be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available. This researcher has released proof-of-concept (PoC) code for these vulnerabilities."
ICSA-13-011-02,https://www.us-cert.gov/ics/advisories/ICSA-13-011-02,2013-01-12,2014-03-06,SpecView Directory Traversal,1,SpecView," This advisory is a follow up to the original alert titled ICS-ALERT-12-214-01 SpecView Directory Traversal that was published August 01, 2012, on the ICS-CERT Web. This advisory provides mitigation details for a vulnerability, which impacts SpecView products. Independent researcher Luigi Auriemma identified a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting SpecView, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product. Successful exploitation could result in data leakage and file manipulation. This report was released without coordination with either the vendor or ICS-CERT. This vulnerability could be exploited remotely. Exploits that target this vulnerability are publicly available. SpecView has released a new build that addresses this vulnerability. Luigi Auriemma has verified the new build fixes the vulnerability."
ICSA-13-011-03,https://www.us-cert.gov/ics/advisories/ICSA-13-011-03,2013-01-10,2019-02-13,Rockwell Automation ControlLogix PLC Vulnerabilities,1,Rockwell Automation," This advisory is a follow up to the original alert titled ICS-ALERT-12-020-02A—Rockwell Automation ControlLogix PLC Vulnerabilities that was published February 14, 2012, on the ICS-CERT Web page. Independent researcher Rubén Santamarta of IOActive identified vulnerabilities in Rockwell Automation’s ControlLogix PLC and released proof-of-concept (exploit) code at the Digital Bond S4 Conference on January 19, 2012. The vulnerabilities are exploitable by transmitting arbitrary commands from a control interface to the programmable logic controller (PLC) or network interface card (NIC). The information was released without coordination with either the vendor or ICS-CERT. Rockwell Automation released firmware patches on July 18, 2012, that resolve the following vulnerabilities. There have been no updates from Rockwell since these patches were released. Exploitation of these vulnerabilities could allow loss of confidentiality, integrity, and availability of the device. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available."
ICSA-13-014-01,https://www.us-cert.gov/ics/advisories/ICSA-13-014-01,2013-01-13,2013-05-08,Siemens SIMATIC RF Manager ActiveX Buffer Overflow,1,Siemens," This advisory provides mitigation details for a vulnerability that impacts the Siemens SIMATIC RF Manager. Siemens has identified a buffer overflow vulnerability in the ActiveX component of the SIMATIC RF Manager. Siemens has produced a patch that mitigates this vulnerability. Successful exploitation of this vulnerability could lead to possible remote code execution or a denial of service. This vulnerability could be exploited remotely."
ICSA-13-016-01,https://www.us-cert.gov/ics/advisories/ICSA-13-016-01,2013-01-16,2018-09-06,Schneider Electric Authenticated Communication Risk Vulnerability,1,Schneider Electric," ICS-CERT received a report from Schneider Electric concerning an Authenticated Communication Risk vulnerability in the Schneider Electric Software Update (SESU) utility. This vulnerability was reported to Schneider Electric by security researcher Arthur Gervais. The SESU is a centralized update mechanism for updating Schneider Electric software on Windows PC. Schneider Electric has updated the SESU client as of January 2013, which adds the use of HTTPS to resolve this vulnerability.This vulnerability could be exploited remotely."
ICSA-13-018-01,https://www.us-cert.gov/ics/advisories/ICSA-13-018-01,2013-01-17,2013-05-06,Schneider Electric IGSS Buffer Overflow,1,Schneider Electric," Independent researcher Aaron Portnoy of Exodus Intelligence has identified a buffer overflow vulnerability in Schneider Electric’s Interactive Graphical SCADA System (IGSS) application. Schneider Electric has produced a patch that fully resolves this vulnerability. Aaron Portnoy has validated this patch. This vulnerability could be exploited remotely."
ICSA-13-022-01,https://www.us-cert.gov/ics/advisories/ICSA-13-022-01,2013-01-21,2013-04-30,GE Proficy Real-Time Information Portal Information Disclosure Vulnerabilities,1,GE," This advisory provides mitigation details for multiple vulnerabilities that impact the GE Intelligent Platforms Proficy Real-Time Information Portal. General Electric (GE) has addressed two vulnerabilities in the GE Intelligent Platforms Proficy Real-Time Information Portal. Exploitation of these vulnerabilities would result in information disclosure. The vulnerabilities can be exploited remotely. GE has produced two security advisories (GEIP12-14 and GEIP12-15) available on the GE Intelligent Platforms support Web site to inform customers about these vulnerabilities."
ICSA-13-022-02,https://www.us-cert.gov/ics/advisories/ICSA-13-022-02,2013-01-21,2013-09-12,GE Intelligent Platforms Proficy Cimplicity Multiple Vulnerabilities,1,GE," This advisory provides mitigation details for multiple vulnerabilities that impact GE Intelligent Platforms Proficy HMI/SCADA—CIMPLICITY. General Electric (GE) has addressed two vulnerabilities in GE Intelligent Platforms Proficy HMI/SCADA—CIMPLICITY: a directory transversal vulnerability and improper input validation vulnerability. GE has released two security advisories (GEIP12-13 and GEIP12-19) available on the GE Intelligent Platforms support Web site to inform customers about these vulnerabilities. A remote attacker could exploit these vulnerabilities."
ICSA-13-024-01,https://www.us-cert.gov/ics/advisories/ICSA-13-024-01,2013-02-24,2018-09-05,Beijer Electronics ADP and H-Designer Buffer Overflow Vulnerability,1,Beijer Electronics," This advisory provides details about a buffer overflow vulnerability in multiple Beijer Electronics ADP and H-designer products. Independent researcher Kuang-Chun Hung of Information and Communication Security Technology Center (ICST) has identified a buffer overflow vulnerability in Beijer ADP and H-Designer applications. This vulnerability can allow attackers to execute arbitrary code and gain unauthorized access. This vulnerability affects systems deployed in the critical manufacturing, food and agriculture, transportation, and energy sectors. Beijer has created a new version that corrects this vulnerability. Researcher Morgan Hung has tested this version to verify that it mitigates the reported problem."
ICSA-13-036-01A,https://www.us-cert.gov/ics/advisories/ICSA-13-036-01A,2013-02-21,2013-05-01,Wonderware Intelligence Tableau Server Ruby on Rails Improper Input Validation (Update A),1,Invensys," This updated advisory was orignally posted to the US-CERT secure Portal library on February 5, 2013, and is now being released to the ICS-CERT Web page. Mitigation details for multiple vulnerabilities that impact third-party software integrated into the Invensys Wonderware Intelligence product are provided.  Exploitation of these vulnerabilities could allow loss of availability, integrity, and confidentiality. Invensys Wonderware has become aware of input validation and permissions, privileges, and access controls vulnerabilities in Ruby on Rails that was discovered by research Aaron Patterson.  Ruby on Rails is an open source Web framework that is used by Tableau Server Software, which is a third-party component, shipped with Invensys Wonderware Intelligence. These vulnerabilities can be exploited remotely.  Successful exploit of these vulnerabilities could affect Wonderware Intelligence products deployed in the manufacturing, energy, water and wastewater, healthcare, and building automation sectors. Invensys Wonderware has produced a new product version and confirmed that it resolves the reported vulnerabilities."
ICSA-13-036-02,https://www.us-cert.gov/ics/advisories/ICSA-13-036-02,2013-02-04,2015-01-29,Ecava IntegraXor ActiveX Buffer Overflow,1,Ecava," This advisory provides mitigation details for a vulnerability that impacts the Ecava IntegraXor application. Independent researcher Andrew Brooks has identified a buffer overflow vulnerability in Ecava’s IntegraXor application. Ecava has produced a patch that mitigates this vulnerability. The researcher has tested the patch to validate that it resolves this vulnerability. Exploitation of this vulnerability would allow an attacker to execute arbitrary code or cause a denial of service (DoS).This vulnerability could be exploited remotely."
ICSA-13-038-01A,https://www.us-cert.gov/ics/advisories/ICSA-13-038-01A,2013-03-12,2018-09-06,360 Systems Image Server 2000 Series Remote Root Access (Update A),1,360 Systems," This updated advisory is a follow-up to the original advisory titled ICSA-13-038-01—360 Systems Image Server 2000 Series Remote Root Access that was published March 06, 2013, on the ICS-CERT Web site. This advisory provides mitigation details for a vulnerability that impacts the 360 Systems’ Image Server 2000 series devices. Exploitation of this vulnerability could cause loss of integrity.Independent researchers Neil Smith and Ryan Green have identified a hard-coded password vulnerability in 360 Systems’ Image Server 2000 series devices. 360 Systems has not released a patch, new version, or firmware upgrade to fix this issue, but recommends mitigating this vulnerability by removing the device from any public-facing networks. This vulnerability impacts the communications and emergency services sectors. This vulnerability could be exploited remotely."
ICSA-13-042-01,https://www.us-cert.gov/ics/advisories/ICSA-13-042-01,2013-02-11,2015-09-03,MOXA EDR-G903 Series Multiple Vulnerabilities,1,Moxa," This advisory provides mitigation details for vulnerabilities that impact Moxa EDR-G903 Series Routers.Independent researcher Neil Smith identified a hard-coded user account vulnerability and an insufficient entropy vulnerability in Moxa’s EDR-G903 series routers. By impersonating the device, an attacker can perform a Man-in-the-Middle (MitM) attack to obtain the credentials of administrative users. Moxa has produced and released a patch that resolves these vulnerabilities on December 17, 2012. Neil Smith has tested the patch and confirms that it fully resolves these vulnerabilities. If exploited, attackers could affect the availability, integrity, and confidentiality of the EDR-G903 routers. These vulnerabilities affect devices deployed in the critical manufacturing, commercial facilities, energy, water and wastewater, and other sectors.These vulnerabilities could be exploited remotely."
ICSA-13-043-01,https://www.us-cert.gov/ics/advisories/ICSA-13-043-01,2013-02-11,2013-05-07,Schneider Electric Accutech Manager Heap Overflow,1,Schneider Electric," This advisory provides mitigation details for a vulnerability that impacts the Schneider Electric Accutech Manager. Independent researcher Aaron Portnoy of Exodus Intelligence has identified a heap-based buffer overflow vulnerability in Schneider Electric’s Accutech Manager application. Schneider Electric has produced an update that mitigates this vulnerability. This researcher has tested the update and verified that it fixes the vulnerability. Exploitation of this vulnerability could allow an attacker to execute code with administrator privileges. This vulnerability could affect the energy, water and wastewater, and critical manufacturing sectors. This vulnerability could be exploited remotely. Exploit code for this vulnerability has recently been published by another researcher who was not part of any coordinated effort with the vendor, ICS-CERT, or Exodus Intelligence."
ICSA-13-043-02A,https://www.us-cert.gov/ics/advisories/ICSA-13-043-02A,2013-03-27,2013-05-08,WellinTech KingView KingMess Buffer Overflow (Update A),1,WellinTech," This updated advisory is a follow-up to the original advisory titled ICSA-13-043-02—WellinTech KingView KingMess Buffer Overflow that was published February 12, 2013, on the ICS-CERT Web page. This updated advisory provides mitigation details for a vulnerability that impacts the WellinTech KingView KingMess application. Researchers Lucas Apa and Carlos Mario Penagos Hollman of IOActive have identified a buffer overflow vulnerability in WellinTech’s KingView KingMess application. WellinTech produced and released a patch on November 15, 2012, that mitigates this vulnerability. The researchers have validated that this patch fixes the vulnerability. Exploitation of this vulnerability could allow loss of confidentiality and integrity. This vulnerability could be exploited remotely. --------- Begin Update A Part 1 of 2 -------- Exploits that target this vulnerability are publicly available. A Metaspoit module for this vulnerability has been released. --------- End Update A Part 1 of 2 ----------"
ICSA-13-045-01,https://www.us-cert.gov/ics/advisories/ICSA-13-045-01,2013-02-14,2013-05-08,Tridium NiagaraAX Directory Traversal Vulnerability,1,Tridium," This advisory provides mitigation details for a vulnerability in the Tridium NiagaraAX software. Independent researchers Billy Rios and Terry McCorkle discovered a directory traversal vulnerability in the Tridium NiagaraAX software product. They demonstrated that with a valid user account or guest privileges enabled, privilege escalation is possible on a NiagaraAX system. Exploitation of this vulnerability could allow loss of availability, integrity, and confidentiality of the system.Tridium has produced a patch that mitigates this vulnerability. This vulnerability is remotely exploitable."
ICSA-13-050-01A,https://www.us-cert.gov/ics/advisories/ICSA-13-050-01A,2013-03-27,2018-09-06,3S CODESYS Gateway-Server Vulnerabilities (Update A),1,3S-Smart Software Solutions," This updated advisory is a follow-up to the original advisory titled ICSA-13-050-01, 3S CODESYS Gateway-Server Vulnerabilities that was published February 19, 2013, on the ICS-CERT Web page. This updated advisory provides mitigation details for five vulnerabilities in the 3S-Smart Software Solutions GmbH CODESYS Gateway-Server. Independent researcher Aaron Portnoy of Exodus Intelligence has identified five vulnerabilities in the 3S CODESYS Gateway-Server application. 3S has produced a security patch that mitigates these vulnerabilities. Successful exploitation of these vulnerabilities could allow remote code execution. The Gateway-Server is a third-party component found in multiple control systems manufacturer’s products. These vulnerabilities affect products primarily found in the energy, critical manufacturing, and industrial automation industries. These vulnerabilities could be exploited remotely."
ICSA-13-053-01,https://www.us-cert.gov/ics/advisories/ICSA-13-053-01,2013-03-12,2013-04-30,Emerson DeltaV Uncontroller Resource Consumption Vulnerability,1,Emerson," This advisory was originally posted to the US-CERT secure portal library on February 22, 2013, and is now being released to the ICS-CERT Web page. This advisory provides mitigation details for a vulnerability that impacts the Emerson DeltaV MD and SD controllers.Independent researcher Joel Langill has identified an uncontrolled resource consumption vulnerability in Emerson’s DeltaV MD and SD controllers that could lead to a denial of service (DoS). Emerson has produced a hotfix that mitigates this vulnerability. Exploitation of this vulnerability could cause loss of availability."
ICSA-13-053-02A,https://www.us-cert.gov/ics/advisories/ICSA-13-053-02A,2013-03-14,2018-09-06,"Honeywell EBI, SymmetrE, and ComfortPoint Open Manager Station (Update A)",1,Honeywell," This updated advisory is a follow-up to the original advisory titled ICSA-13-053-02--Honeywell Enterprise Buildings Integrator (EBI), SymmetrE, and ComfortPoint Open Manager Station that was published February 22, 2013, on the ICS-CERT Web page. This advisory provides mitigation details for a vulnerability that impacts the Honeywell EBI. Independent researcher Juan Vazquez of Rapid7 privately disclosed an ActiveX vulnerability in the Honeywell EBI, SymmetrE, and ComfortPoint Open Manager (CPO-M) Station, and HMIWeb Browser client packages. Honeywell has produced an update that mitigates this vulnerability. Rapid7 has tested the update to validate that it resolves the vulnerability. Exploitation of this vulnerability could allow partial loss of availability, integrity, and confidentiality. This vulnerability could affect systems deployed in the government facilities and commercial facilities sectors. This vulnerability could be exploited remotely."
ICSA-13-067-01,https://www.us-cert.gov/ics/advisories/ICSA-13-067-01,2013-03-13,2018-09-06,InduSoft Advantech Studio Directory Traversal,1,"Advantech, InduSoft"," This advisory is a follow-up to the alert titled ICS-ALERT-13-004-01—Advantech Studio Directory Traversal that was published January 4, 2013, on the ICS-CERT Web page. Independent researcher Nin3 released proof-of-concept (PoC) exploit code for a directory traversal vulnerability in Indusoft Studio and Advantech Studio applications without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. Indusoft originally produced this product that was rebranded to Advantech Studio (both products share the vulnerability). Indusoft has produced a fix that mitigates this vulnerability.This vulnerability could be exploited remotely. Exploits that target this vulnerability are publicly available."
ICSA-13-067-02,https://www.us-cert.gov/ics/advisories/ICSA-13-067-02,2013-03-21,2013-05-01,Invensys Wonderware Win-XML Exporter Improper Input Validation Vulnerability,1,Invensys," This advisory was originally posted to the US-CERT secure Portal library on March 08, 2013, and is now being released to the ICS-CERT Web page.This advisory provides mitigation details for a vulnerability that impacts the Invensys Wonderware Win-XML Exporter.Researchers Timur Yunusov, Alexey Osipov, and Ilya Karpov of the Positive Technologies Research Team have discovered an improper input validation vulnerability in the Invensys Wonderware Win-XML Exporter. Invensys has released a patch that mitigates the vulnerability. The Positive Technologies Research Team has validated that the patch fixes the vulnerability. Exploitation of this vulnerability could impact systems deployed in the critical manufacturing, energy, food and beverage, chemical, and water and wastewater sectors."
ICSA-13-077-01B,https://www.us-cert.gov/ics/advisories/ICSA-13-077-01B,2013-06-04,2019-06-25,Schneider Electric PLCs Vulnerabilities (Update B),1,Schneider Electric," These vulnerabilities could be exploited remotely. Additional issues reported by the researcher have also been investigated by the vendor. The vendor and researcher disagree on whether Magelis XBT HMI issue is a valid vulnerability. The Magelis XBT HMI panels have a security mode where a password is required to enable remote configuration uploads. After this mode is initially enabled, a factory default password is provided. The user is not prompted or required to supply a new password, although this capability is provided. Once the user supplies a new password, the factory default password is no longer valid. This does not fit the definition of a hard-coded password, because it can be changed. Users should be aware of the potential for configuration errors that can lead to significant security issues. The reported Resource Exhaustion issue affecting the M340 PLC family could not be duplicated by the vendor given the information supplied by the researcher. Software versions or specific configuration differences could account for the inability of the vendor to duplicate the results. In Schneider Electric’s testing on this issue, the communications module does in fact stop communicating when the connection limit is exceeded, but the PLC continues its control functions and its operation is unaffected. After the connection limit is exceeded, the communications module performs a soft reset. An attacker could not remotely exploit this observed behavior to deny PLC control functions. Although the researcher-reported behavior could not be duplicated, the vendor could not go any further with addressing it without more specific-detailed information. The remainder of this advisory addresses the two vulnerabilities that the vendor did confirm."
ICSA-13-079-01,https://www.us-cert.gov/ics/advisories/ICSA-13-079-01,2013-03-20,2013-09-03,Schweitzer Engineering Laboratories AcSELerator Improper Authorization Vulnerability,1,Schweitzer Engineering Laboratories," This advisory provides mitigation details for a vulnerability affecting the Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the SEL AcSELerator application using the Microsoft Attack Surface Analyzer tool. The vulnerability was disclosed to vendors prior to the 2013 Digital Bond S4 Conference and then presented at the conference. The function of AcSELerator QuickSet is to configure, read, and send settings to supported SEL devices such as relays, meters, and communication products. SEL has produced an update that mitigates this vulnerability. This vulnerability is not exploitable remotely and cannot be exploited without access to the computer as an authorized user. No known public exploits specifically target this vulnerability."
ICSA-13-079-02,https://www.us-cert.gov/ics/advisories/ICSA-13-079-02,2013-03-20,2013-05-08,Siemens WinCC 7.0 SP3 Multiple Vulnerabilities,1,Siemens," This advisory provides mitigation details for vulnerabilities that impact the Siemens SIMATIC WinCC. Positive Technologies and Siemens ProductCERT have identified multiple vulnerabilities in the Siemens SIMATIC WinCC, which is used to configure SIMATIC operator devices. Siemens has produced a software update that fully resolves these vulnerabilities. Exploitation of these vulnerabilities could allow a denial-of-service (DoS) condition, unauthorized read access to files, or remote code execution. This could affect multiple industries, including food and beverage, water and wastewater, oil and gas, and chemical sectors worldwide. These vulnerabilities could be exploited remotely."
ICSA-13-079-03,https://www.us-cert.gov/ics/advisories/ICSA-13-079-03,2013-03-20,2013-09-03,Siemens WinCC TIA Portal Vulnerabilities,1,Siemens," This advisory provides mitigation details for a vulnerability that impacts the Siemens WinCC TIA (Totally Integrated Automation) Portal (HMI). Researchers Billy Rios and Terry McCorkle of Cylance; Gleb Gritsai, Sergey Bobrov, Roman Ilin, Artem Chaykin, Timur Yunusov, and Ilya Karpov from Positive Technologies; and Shawn Merdinger have identified multiple vulnerabilities in Siemens WinCC TIA Portal. Siemens has produced a new software versiona that mitigates this vulnerability. These vulnerabilities are not exploitable remotely and cannot be exploited without user interaction. An attacker must use social engineering on a valid user or have user credentials. No known public exploits specifically target this vulnerability."
ICSA-13-084-01,https://www.us-cert.gov/ics/advisories/ICSA-13-084-01,2013-03-25,2013-05-08,Siemens CP 1604 and CP 1616 Improper Access Control,1,Siemens," This advisory provides mitigation details for a vulnerability that impacts the Siemens CP 1604 and CP 1616 communication modules.Siemens has identified a vulnerability in the debugging interface of the CP 1604 and CP 1616 communications modules. Independent researchers Christopher Scheuring and Jürgen Bilberger from Daimler TSS GmbH coordinated disclosure of the vulnerability with Siemens. These products are used to connect PCI-104 systems to the PROFINET IO. By default, the debugging interface has been left enabled and can be accessed remotely on both devices. This remote access could lead to compromise of the system by denial of service (DoS), remote code execution, and loss of confidentiality. Siemens has produced a firmware update to mitigate the vulnerability.This vulnerability could be exploited remotely."
ICSA-13-091-01,https://www.us-cert.gov/ics/advisories/ICSA-13-091-01,2013-04-01,2019-02-21,Wind River VxWorks SSH and Web Server and General Electric D20MX (Update A),1,"Wind River, GE",NULL
ICSA-13-095-01,https://www.us-cert.gov/ics/advisories/ICSA-13-095-01,2013-04-05,2014-02-13,Cogent Real-Time Systems Vulnerabilities,1,Cogent Real-Time Systems Inc," Dillon Beresford of Cimation has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-13-095-02A,https://www.us-cert.gov/ics/advisories/ICSA-13-095-02A,2013-10-07,2018-09-05,Rockwell Automation FactoryTalk and RSLinx Vulnerabilities (Update A),1,Rockwell Automation,
ICSA-13-098-01,https://www.us-cert.gov/ics/advisories/ICSA-13-098-01,2013-04-08,2013-04-30,Canary Labs Inc Trend Link Insecure ActiveX Control Method,1,"Canary Labs, Inc."," This advisory provides mitigation details for a vulnerability in the Canary Labs, Inc. Trend Link software. Researcher Kuang-Chun Hung of Security Research and Service Institute-Information and Communication Security Technology Center (ICST) has identified an insecure ActiveX control method vulnerability in Canary Labs, Inc. Trend Link ActiveX control. Canary Labs, Inc. has updated Trend Link, and Kuang-Chun Hung has tested the patch and verified that it mitigates the vulnerability. If exploited, an attacker could influence the paths or file names that are used in the software application. This could affect systems using Trend Link in the critical manufacturing and energy sectors in the United States, South America, and Europe. This vulnerability could be exploited remotely."
ICSA-13-100-01,https://www.us-cert.gov/ics/advisories/ICSA-13-100-01,2013-04-10,2018-09-06,Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability,1,Schneider Electric," This advisory provides mitigation details for a vulnerability affecting the Schneider Electric MiCOM S1 Studio Software.Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the MiCOM S1 Studio Software using the Microsoft Attack Surface Analyzer tool. The vulnerability was disclosed to vendors prior to the 2013 Digital Bond S4 Conference and then presented at the conference. The function of MiCOM S1 Studio Software is to allow users to modify or manage the configuration parameters of electronic protective relays."
ICSA-13-106-01,https://www.us-cert.gov/ics/advisories/ICSA-13-106-01,2013-04-26,2013-04-30,MatrikonOPC Multiple Product Vulnerabilities,1,MatrikonOPC," This advisory was originally posted to the US-CERT secure Portal library on April 16, 2013, and is now being released to the ICS-CERT Web page. Independent researcher Dillon Beresford of Cimation has identified vulnerabilities in two MatrikonOPC products; MatrikonOPC A&E Historian and MatrikonOPC Security Gateway. MatrikonOPC has produced patches that mitigate these vulnerabilities. Mr. Beresford has tested the patches to validate that they resolve the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-13-113-01,https://www.us-cert.gov/ics/advisories/ICSA-13-113-01,2013-05-07,2013-08-01,Wonderware Information Server Vulnerabilities,1,Invensys," This advisory was originally posted to the US-CERT secure Portal library on April 23, 2013, and is now being released to the ICS-CERT Web page. This advisory provides mitigation details for multiple vulnerabilities that impact the Invensys Wonderware Information Server (WIS) software. Researchers Gleb Gritsai, Nikita Mikhalevsky, Timur Yunusov, Denis Baranov, Alexey Osipov, Vyacheslav Egoshin, Dmitry Serebryannikov, Ivan Poliyanchuk, Evgeny Ermakov, and Ilya Karpov of the Positive Technologies Research Team have identified multiple vulnerabilities in the Invensys WIS software. Invensys has produced an update that mitigates these vulnerabilities. The Positive Technologies Research Team has tested the update and validated that it fixes the vulnerabilities. Exploitation of these vulnerabilities could impact systems deployed in the critical manufacturing, energy, food and beverage, chemical, and water and wastewater sectors. These vulnerabilities could be exploited remotely."
ICSA-13-116-01,https://www.us-cert.gov/ics/advisories/ICSA-13-116-01,2013-04-26,2013-04-29,Galil RIO-47100 Improper Input Validation,1,Galil," This advisory provides mitigation details for a vulnerability affecting the Galil RIO-47100 “Pocket PLC.” Researcher Jon Christmas of Solera Networks has identified an improper validation vulnerability in the Galil RIO-47100 PLC, which can result in a loss of availability. Galil has produced an update that mitigates this vulnerability. The researcher has tested this update and validates that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-136-01,https://www.us-cert.gov/ics/advisories/ICSA-13-136-01,2013-05-16,2018-09-05,TURCK BL20 and BL67 Programmable Gateway Hard-Coded User Accounts,1,TURCK," Researcher Rubén Santamarta of IOActive has identified hard-coded user accounts in TURCK’s BL20 and BL67 Programmable Gateways. Exploitation of this vulnerability would allow an attacker to have remote administrative access to the device. This vulnerability affects programmable gateways deployed in the agriculture and food, automotive, and critical manufacturing sectors. TURCK has produced an updated firmware version for the devices that mitigates the vulnerability by removing the hard-coded accounts accessible by the FTP service. This vulnerability could be exploited remotely."
ICSA-13-140-01,https://www.us-cert.gov/ics/advisories/ICSA-13-140-01,2013-05-20,2018-09-06,Mitsubishi Electric Automation MX Component V3 ActiveX Vulnerability,1,Mitsubishi Electric Automation," This advisory is a follow-up to the alert titled ICS-ALERT-13-091-01 Mitsubishi Electric Automation MX Buffer Overflow Vulnerability that was published April 1, 2013, on the ICS-CERT Web sitea Independent researchers Derek Betker and Dr_IDE have identified an ActiveX buffer overflow vulnerability in the Mitsubishi MX Component Version 3 application. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-13-142-01,https://www.us-cert.gov/ics/advisories/ICSA-13-142-01,2013-05-22,2018-08-23,3S CODESYS Gateway Use After Free,1,3S-Smart Software Solutions," Independent researcher Nicholas Miles has identified a vulnerability in the 3S CODESYS Gateway application that can result in a denial-of-service (DoS) condition. 3S has produced an update that mitigates this vulnerability. Nicholas Miles has tested this update and validates that it resolves the vulnerability. Successful exploitation of this vulnerability could cause a DoS condition and may also allow the possibility of remote execution of arbitrary code. The Gateway-Server is a third-party component found in multiple control systems manufacturer’s products. This vulnerability could be exploited remotely."
ICSA-13-149-01,https://www.us-cert.gov/ics/advisories/ICSA-13-149-01,2013-05-29,2018-08-27,Siemens SCALANCE Privilege Escalation Vulnerabilities,1,Siemens," Siemens ProductCERTa has identified two privilege escalation vulnerabilities in Siemens SCALANCE X200 IRT switch devices. Siemens has produced a firmware upgradeb that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-13-161-01,https://www.us-cert.gov/ics/advisories/ICSA-13-161-01,2013-06-10,2018-09-06,IOServer DNP3 Improper Input Validation,1,IOServer," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified improper input validation in IOServer’s DNP3 driver software. IOServer has produced an updated software version that mitigates this vulnerability. Adam Crain and Chris Sistrunk updated and tested this version and validated that this vulnerability is resolved. This vulnerability could be exploited remotely."
ICSA-13-169-01,https://www.us-cert.gov/ics/advisories/ICSA-13-169-01,2013-06-18,1900-01-01,Siemens Scalance X200 IRT Multiple Vulnerabilities,1,Siemens," This advisory provides mitigation details for vulnerabilities that impact the Siemens Scalance X200 IRT. Siemens has identified multiple vulnerabilities in Siemens Scalance X200 IRT. Siemens has produced an update that mitigates these vulnerabilities. Siemens has tested the update to validate that it resolves the vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to execute privileged commands using an unprivileged account. This could affect multiple industries, including food and beverage, water and wastewater, oil and gas, and chemical sectors worldwide. These vulnerabilities could be exploited remotely."
ICSA-13-169-02,https://www.us-cert.gov/ics/advisories/ICSA-13-169-02,2013-06-18,2013-06-24,Siemens WinCC 7.2 Multiple Vulnerabilities,1,Siemens," This advisory provides mitigation details for vulnerabilities that impact the Siemens WinCC Web Navigator 7.2. Researchers Alexander Tlyapov, Sergey Gordeychik, and Timur Yunusov of Positive Technologies have identified multiple vulnerabilities in the Siemens WinCC Web Navigator 7.2 application. Siemens has produced an update that mitigates these vulnerabilities. Siemens ProductCERT has tested the update to validate that it resolves the vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to probe for valid NetBIOS user names, log onto the system as an authenticated user, or have full access to the system. This could affect multiple industries, including food and beverage, water and wastewater, oil and gas, and chemical sectors worldwide. These vulnerabilities could be exploited remotely."
ICSA-13-169-03,https://www.us-cert.gov/ics/advisories/ICSA-13-169-03,2013-06-18,2013-06-21,"Siemens COMOS Permissions, Privileges, and Access Controls",1,Siemens," This advisory provides mitigation details for vulnerabilities that impact the Siemens COMOS database system. Siemens has identified a permissions, privileges, and access controls vulnerability in the Siemens COMOS database system. Siemens has produced software updates that mitigate this vulnerability. Siemens has tested the updates to validate that they resolve the vulnerability."
ICSA-13-170-01,https://www.us-cert.gov/ics/advisories/ICSA-13-170-01,2013-07-30,2013-08-01,GE Proficy HMI/SCADA CIMPLICITY WebView Improper Input Validation,1,GE," This advisory was originally posted to the US-CERT secure Portal library on June 19, 2013, and is now being released to the ICS-CERT-Web page. Independent researchers ZombiE and amisto0x07 have identified an improper input validation vulnerability in the GE CIMPLICITY WebView application. GE has produced an update that mitigates this vulnerability. GE has released a security advisory (GEIP13-03) available on the GE Intelligent Platforms support Web site to inform customers about this vulnerability. This vulnerability could be exploited remotely."
ICSA-13-184-01,https://www.us-cert.gov/ics/advisories/ICSA-13-184-01,2013-07-03,1900-01-01,Alstom Grid S1 Agile Improper Authorization,1,Alstom," This advisory provides mitigation details for a vulnerability affecting the Alstom Grid MiCOM S1 Agile and S1 Studio Software. Note: Alstom Grid MiCOM S1 Studio Software is its own software suite. A user could have MiCOM S1 Studio Software from a different vendor. This advisory only addresses the Alstom software product. Alstom has identified an improper authorization vulnerability in the Alstom Grid MiCOM S1 Agile Software. Alstom has produced an update that mitigates this vulnerability. Alstom has tested the update to validate that it resolves the vulnerability."
ICSA-13-184-02,https://www.us-cert.gov/ics/advisories/ICSA-13-184-02,2013-07-03,1900-01-01,Monroe Electronics DASDEC Compromised Root SSH Key,1,Monroe Electronics," This advisory provides mitigation details for a vulnerability that impacts the Monroe Electronics DASDEC. Mike Davis, a researcher with IOActive, reported a compromised root SSH key vulnerability to CERT Coordination Center (CERT/CC). This vulnerability is in Monroe Electronics DASDEC-I and DASDEC-II appliances. ICS-CERT coordinated with CERT/CC and Monroe Electronics to resolve the vulnerability. Monroe Electronics has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-13-189-01,https://www.us-cert.gov/ics/advisories/ICSA-13-189-01,2013-07-08,1900-01-01,QNX Multiple Vulnerabilities,1,QNX," Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. QNX has produced a patch that mitigates these vulnerabilities. Luigi Auriemma has confirmed that the patch resolves the reported vulnerabilities. Proof-of-concept code has been publicly released that takes advantage of these vulnerabilities. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available."
ICSA-13-189-02,https://www.us-cert.gov/ics/advisories/ICSA-13-189-02,2013-07-08,1900-01-01,Triangle Research Nano 10 PLC Denial of Service,0,"Triangle Research International, Inc."," Researcher Jon Christmas of Solera Networks has identified an improper input validation vulnerability in Triangle Research International, Inc.’s (Tri Inc.) Nano-10 programmable logic controller (PLC). Tri Inc. has produced a firmware upgrade and tested it to validate that the upgrade resolves the vulnerability. This vulnerability is remotely exploitable."
ICSA-13-213-01,https://www.us-cert.gov/ics/advisories/ICSA-13-213-01,2013-08-01,2013-08-02,Siemens Scalance W-7xx Product Family Multiple Vulnerabilities,1,Siemens," Siemens has identified multiple vulnerabilities in the Siemens Scalance W-7xx product family and reported them to ICS-CERT. A software update has been produced by Siemens that mitigates these vulnerabilities. Siemens has tested the software update to validate that it resolves the vulnerabilities. Exploitation of these vulnerabilities could allow a man-in-the-middle attack or the ability to gain complete control of the system. These vulnerabilities could be exploited remotely."
ICSA-13-213-02,https://www.us-cert.gov/ics/advisories/ICSA-13-213-02,2013-08-01,2013-09-03,Siemens WinCC TIA Portal Vulnerabilities,1,Siemens," Researchers Timur Yunusov and Sergey Bobrov of Positive Technologies have identified several vulnerabilities in the Siemens WinCC (TIA Portal). A software update has been produced by Siemens that mitigates these vulnerabilities. Siemens has tested the software update to validate that it resolves the vulnerabilities. Exploitation of these vulnerabilities could either allow URL redirection to Web sites that are not trusted or compromise of integrity and availability of the system. These vulnerabilities could be exploited remotely."
ICSA-13-213-03,https://www.us-cert.gov/ics/advisories/ICSA-13-213-03,2013-08-01,2013-08-05,IOServer Master Station Improper Input Validation,1,IOServer," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the IOServer DNP3 Driver on the master station. IOServer has produced a new version that mitigates this vulnerability. The researchers have tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-213-04A,https://www.us-cert.gov/ics/advisories/ICSA-13-213-04A,2013-08-29,2013-10-03,MatrikonOPC SCADA DNP3 Master Station Improper Input Validation,1,MatrikonOPC," This updated advisory was originally posted to the US-CERT secure Portal library on August 02, 2013, and is now being released to the ICS-CERT Web page. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in MatrikonOPC’s SCADA DNP3 OPC Server application. MatrikonOPC has produced a patch that mitigates this vulnerability. The researchers tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-217-01,https://www.us-cert.gov/ics/advisories/ICSA-13-217-01,2013-08-05,2015-06-02,MOXA Weak Entropy in DSA Keys Vulnerability,1,Moxa," Researcher Nadia Heninger of the University of California, San Diego, and researchers Zakir Durumeric, Eric Wustrow, and J. Alex Halderman of the University of Michigan identified an insufficient entropy vulnerability in MOXA OnCell Gateways. MOA produced and released a firmware upgrade on April 3, 2013, that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-13-217-02,https://www.us-cert.gov/ics/advisories/ICSA-13-217-02,2013-08-05,2013-08-06,"Schneider Electric Vijeo Citect, CitectSCADA, PowerLogic SCADA Vulnerability",1,Schneider Electric," Schneider Electric has identified an XML external entity vulnerability in Vijeo Citect, CitectSCADA, and PowerLogic SCADA applications. Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies reported the vulnerability directly to Schneider Electric. Schneider Electric has produced patches that mitigate this vulnerability."
ICSA-13-219-01,https://www.us-cert.gov/ics/advisories/ICSA-13-219-01,2013-08-07,2013-08-12,Schweitzer Engineering Laboratories Improper Input Validation,1,Schweitzer Engineering Laboratories," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified improper DNP3 input validation in Schweitzer Engineering Laboratories’ real-time automation controllers (RTAC). Schweitzer Engineering Laboratories (SEL) has produced updated firmware that mitigates this vulnerability. Adam Crain and Chris Sistrunk tested this version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-225-01,https://www.us-cert.gov/ics/advisories/ICSA-13-225-01,2013-08-13,2014-03-12,Advantech WebAccess Cross-Site Scripting,1,Advantech," This advisory is a follow-up to the alert titled ICS-ALERT-13-009-01 Advantech WebAccess Cross-Site Scripting that was published January 9, 2013, on the ICS-CERT Web page. This advisory provides mitigation details for a vulnerability in Advantech’s WebAccess application. Independent researcher Sanadi Antu identified a cross-site scripting vulnerability and released proof-of-concept (exploit) code for Advantech WebAccess application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. Advantech has created a patch to mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-13-225-02,https://www.us-cert.gov/ics/advisories/ICSA-13-225-02,2013-08-13,2015-05-06,OSIsoft Multiple Vulnerabilities,1,OSIsoft," OSIsoft has identified multiple vulnerabilities in the PI Interface for IEEE C37.118 and reported them to ICS-CERT. OSIsoft has produced a software update that mitigates these vulnerabilities. OSIsoft has tested the software update to validate that it resolves the vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to shut down the PI Interface for IEEE C37.118 instance and cause a data gap for PI points belonging to it. These vulnerabilities could be exploited remotely."
ICSA-13-226-01,https://www.us-cert.gov/ics/advisories/ICSA-13-226-01,2013-08-14,2013-08-16,Kepware Technologies Improper Input Validation Vulnerability,1,Kepware Technologies," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified a improper input validation vulnerability in the Kepware Technologies’ DNP Master Driver for the KEPServerEX Communications Platform. Kepware Technologies has produced a new version that mitigates this vulnerability. The researchers have tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-231-01B,https://www.us-cert.gov/ics/advisories/ICSA-13-231-01B,2013-09-17,2018-09-06,Sixnet Universal Protocol Undocumented Function Codes (Update B),1,Sixnet," This updated advisory is a follow-up to the updated advisory titled ICSA-13-231-01A Sixnet Universal Protocol Undocumented Function Codes that was published August 26, 2013, on the ICS-CERT Web page."
ICSA-13-233-01,https://www.us-cert.gov/ics/advisories/ICSA-13-233-01,2013-08-21,1900-01-01,Siemens COMOS Privilege Escalation Vulnerability,1,Siemens," Siemens has notified ICS-CERT of a privilege escalation vulnerability in the Siemens COMOS database application. Siemens has produced a patch that mitigates this vulnerability."
ICSA-13-234-01,https://www.us-cert.gov/ics/advisories/ICSA-13-234-01,2013-08-22,1900-01-01,Schneider Electric Trio J-Series Radio Encryption,1,Schneider Electric," Schneider Electric has self-reported a hard-coded encryption key vulnerability in Schneider Electric’s J-Series Radios. Schneider Electric has produced a patch that mitigates this vulnerability and has published a customer security notification.a This vulnerability could be exploited remotely."
ICSA-13-234-02,https://www.us-cert.gov/ics/advisories/ICSA-13-234-02,2013-08-22,2015-05-28,Top Server OPC Improper Input Validation Vulnerability,1,Software Toolbox," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the Software Toolbox TOP Server DNP Master OPC product. Software Toolbox has produced a new version that mitigates this vulnerability. The researchers have tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-240-01,https://www.us-cert.gov/ics/advisories/ICSA-13-240-01,2013-08-28,2013-09-17,Triangle MicroWorks Improper Input Validation,0,Triangle MicroWorks," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in multiple Triangle MicroWorks’ products and third-party components. Triangle MicroWorks has produced an update that mitigates this vulnerability. Adam Crain has tested the update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-248-01,https://www.us-cert.gov/ics/advisories/ICSA-13-248-01,2013-09-05,2013-09-06,ProSoft Technology RadioLinx ControlScape PRNG Vulnerability,1,ProSoft Technology," Lucas Apa and Carlos Mario Penagos Hollman, security researchers with IOActive, have identified a weak pseudo-random number generator (PRNG) seed in the ProSoft Technology RadioLinx ControlScape application software. ProSoft Technology has produced a new firmware patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-13-252-01,https://www.us-cert.gov/ics/advisories/ICSA-13-252-01,2013-09-09,2014-07-31,SUBNET Solutions Inc. SubSTATION Server DNP3 Outstation Improper Input Validation,1,SUBNET Solutions Inc.," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in the SUBNET Solutions Inc. SubSTATION Server software application. SUBNET Solutions Inc. has produced a new version that mitigates this vulnerability. SUBNET Solutions Inc. has tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-254-01,https://www.us-cert.gov/ics/advisories/ICSA-13-254-01,2013-09-11,2018-08-29,Siemens SCALANCE X-200 Web Hijack Vulnerability,1,Siemens," Siemens has identified a Web hijack vulnerability in the SCALANCE X-200 switch product family. Researcher Eireann Leverett of IOActive coordinated disclosure of the vulnerability with Siemens. Siemens has produced a firmware update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-13-259-01B,https://www.us-cert.gov/ics/advisories/ICSA-13-259-01B,2014-12-18,2018-09-05,Emerson ROC800 Multiple Vulnerabilities (Update B),1,Emerson," This updated advisory is a follow-up to the updated advisory titled ICSA-13-259-01A Emerson ROC800 Multiple Vulnerabilities that was published December 2, 2014, on the NCCIC/ICS-CERT web site. This advisory provides mitigation details for multiple vulnerabilities affecting the Emerson Process Management’s ROC800 remote terminal units (RTUs) products (ROC800, ROC800L, and DL8000). Researchers Dillon Beresford, Brian Meixell, Marc Ayala, and Eric Forner, formally of Cimation, have identified multiple vulnerabilities in Emerson Process Management’s ROC800 RTU products."
ICSA-13-274-01,https://www.us-cert.gov/ics/advisories/ICSA-13-274-01,2013-10-03,1900-01-01,Siemens SCALANCE X-200 Authentication Bypass Vulnerability,1,Siemens," This advisory was originally posted to the US-CERT secure Portal library on October 01, 2013, and is now being released to the ICS-CERT-Web page. Siemens has identified an authentication bypass vulnerability in the SCALANCE X-200 switch product family. Researcher Eireann Leverett of IOActive coordinated disclosure of the vulnerability with Siemens. This issue only applies to switches using older firmware versions and has been fixed from firmware V4.5.0 (non-IRT) and V5.1.0 (IRT) on. Siemens has reported the resolution to ICS-CERT. This vulnerability could be exploited remotely."
ICSA-13-276-01,https://www.us-cert.gov/ics/advisories/ICSA-13-276-01,2013-10-09,2013-12-17,Invensys Wonderware InTouch Improper Input Validation Vulnerability,1,Invensys," This advisory was originally posted to the US-CERT secure Portal library on October 03, 2013, and is now being released to the NCCIC/ICS-CERT-Web page. This advisory provides mitigation details for a vulnerability that impacts the Invensys Wonderware InTouch application. Independent researchers Timur Yunusov, Alexey Osipov, and Ilya Karpov of the Positive Technologies Research Team have identified an improper input validation vulnerability in the Invensys InTouch human-machine interface (HMI). Invensys has produced an update that mitigates this vulnerability. The Positive Technologies Research Team has tested the update to validate that it resolves the vulnerability."
ICSA-13-277-01,https://www.us-cert.gov/ics/advisories/ICSA-13-277-01,2013-10-04,2013-12-17,Philips Xper Buffer Overflow Vulnerability,1,Philips," Independent researcher Billy Rios has identified a heap-based buffer overflow in the Philips Xper application. Philips has produced an update that mitigates this vulnerability. Philips has tested the update and verified that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-282-01A,https://www.us-cert.gov/ics/advisories/ICSA-13-282-01A,2013-10-21,2013-12-17,Alstom e-Terracontrol DNP3 Master Improper Input Validation (Update A),1,Alstom," This updated advisory is a follow-up to the original advisory titled ICSA-13-282-01, Alstom e-terracontrol DNP3 Master Improper Input Validation, which was posted to the NCCIC/ICS-CERT Web site October 09, 2013. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in the Alstom e-terracontrol software. Alstom has produced a patch that mitigates this vulnerability. Adam Crain and Chris Sistrunk have tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-289-01,https://www.us-cert.gov/ics/advisories/ICSA-13-289-01,2013-10-16,2018-09-05,Cisco ASA and FWSM Security Advisories,1,Cisco," On October 9, 2013, Cisco released two security advisoriesa concerning multiple vulnerabilities within software for the following components: Cisco Adaptive Security Appliance (ASA) hardwarebFirewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routersc These devices are used by many organizations to provide essential network services, including control systems integration and operations. As such, it is essential that each organization assess their environment to determine the applicability of the risks, and apply appropriate mitigation techniques in accordance with Cisco’s guidance. The noted vulnerabilities (denial of service (DoS) and remote authentication bypass) can directly impact the confidentiality, integrity, and availability of control systems. In addition to remediating the noted vulnerabilities, ICS-CERT advises organizations to employ multiple layers of security controls and monitoringd (defense in depth) to minimize overall risk."
ICSA-13-291-01B,https://www.us-cert.gov/ics/advisories/ICSA-13-291-01B,2014-04-09,2018-09-06,DNP3 Implementation Vulnerability (Update B),1,Other," This updated advisory is a follow-up to the updated advisory titled ICSA-13-291-01A DNP3 Implementation Vulnerability that was published November 21, 2013, on the NCCIC/ICS-CERT web site. Adam Crain of Automatak and Chris Sistrunk, Sr. Consultant for Mandiant, reported an improper input validation vulnerability to ICS-CERT that was evident in numerous slave and/or master station software products. The researchers emphasize that the vulnerability is not with the DNP3 stack but with the implementation. The research showed that some implementations were third-party components in other software packages. ICS-CERT wants to bring greater awareness to developers and consumers of the third-party components for mitigation purposes. This vulnerability can be exploited remotely (over an IP-based implementation) as well as from the local system (through a serial-based implementation). Below is a nonexhaustive list of advisories that ICS-CERT has produced in conjunction with the vendors who are producing patches or updates to mitigate the reported vulnerability."
ICSA-13-295-01,https://www.us-cert.gov/ics/advisories/ICSA-13-295-01,2013-10-22,2013-12-17,WellinTech KingView ActiveX Vulnerabilities,1,WellinTech," This advisory is a follow-up to the alert titled ICS-ALERT-13-256-01 WellinTech KingView ActiveX Vulnerabilitiesa that was published September 13, 2013, on the NCCIC/ICS-CERT Web site. Independent researcher “Blake” identified ActiveX vulnerabilities and released proof-of-concept (exploit) code for WellinTech KingView application without coordination with NCCIC/ICS-CERT, the vendor, or any other coordinating entity known to NCCIC/ICS-CERT. WellinTech has produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-13-297-01,https://www.us-cert.gov/ics/advisories/ICSA-13-297-01,2013-11-19,2013-12-17,Catapult Software DNP3 Driver Improper Input Validation,1,Catapult Software," This advisory was originally posted to the US-CERT secure Portal library on October 24, 2013, and is now being released to the NCCIC/ICS-CERT Web site. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in Catapult Software’s DNP3 Driver software. Catapult Software has produced an updated software version that mitigates this vulnerability. Adam Crain and Chris Sistrunk tested the updated software to validate that it resolves the vulnerability. This driver is used with General Electric (GE) Intelligent Platform’s Proficy iFIX and CIMPLICITY products. Please see ICSA-13-297-02 GE Proficy DNP3 Improper Input Validation for specific GE mitigations. This vulnerability could be exploited remotely."
ICSA-13-297-02,https://www.us-cert.gov/ics/advisories/ICSA-13-297-02,2013-11-19,2013-12-17,GE Proficy DNP3 Improper Input Validation,1,GE," This advisory was originally posted to the US-CERT secure Portal library on October 24, 2013, and is now being released to the NCCIC/ICS-CERT Web site. General Electric (GE) Intelligent Platforms reported to NCCIC/ICS-CERT an improper input validation vulnerability in the DNP3 driver used with Proficy products iFIX and CIMPLICITY. The vulnerability report was part of a resolution by Catapult Software, which developed the driver for the GE products. Adam Crain of Automatak and independent researcher Chris Sistrunk originally reported the improper input validation vulnerability in the Catapult Software driver to NCCIC/ICS-CERT in the advisory ICSA-13-297-01 Catapult Software DNP3 Driver Improper Input Validation. This vulnerability is remotely exploitable."
ICSA-13-329-01,https://www.us-cert.gov/ics/advisories/ICSA-13-329-01,2013-11-25,2018-09-05,Triangle Research Nano-10 PLC Improper Input Validation,0,"Triangle Research International, Inc."," Researcher Wei Gao of IXIA has identified an improper input validation vulnerability in Triangle Research International, Inc.’s (TRi Inc.) Nano-10 programmable logic controller (PLC).a The researcher had notified NCCIC/ICS-CERT originally in September. TRi Inc. has produced a firmware upgrade (Revision 82) that mitigates this vulnerability. Researcher Wei Gao has tested the firmware upgrade to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-337-01,https://www.us-cert.gov/ics/advisories/ICSA-13-337-01,2013-12-03,2018-09-05,Elecsys Director Gateway Improper Input Validation Vulnerability,1,Elecsys," Adam Crain of Automatak and independent researchers Chris Sistrunk and Adam Todorski have identified an improper input validation in the Elecsys Director Gateway application. Elecsys has produced a patch that mitigates this vulnerability. Adam Todorski has tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-338-01,https://www.us-cert.gov/ics/advisories/ICSA-13-338-01,2013-12-04,2018-09-05,Siemens SINAMICS S/G Authentication Bypass Vulnerability,1,Siemens," Siemens has identified an authentication bypass vulnerability in the SINAMICS S/G product family. Siemens has produced a firmware update that mitigates this vulnerability and has tested the update to validate that it resolves the vulnerability. Exploitation of this vulnerability could allow an attacker to access administrative functions on the device without authentication. This vulnerability could be exploited remotely."
ICSA-13-340-01,https://www.us-cert.gov/ics/advisories/ICSA-13-340-01,2013-12-06,2018-09-05,RuggedCom ROS Multiple Vulnerabilities,1,RuggedCom," Siemens has reported to NCCIC/ICS-CERT multiple vulnerabilities in the RuggedCom Rugged OS (ROS). Siemens has produced a firmware update that mitigates these vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to hijack an active Web session and access administrative functions on the devices without proper authorization. These vulnerabilities could be exploited remotely."
ICSA-13-344-01,https://www.us-cert.gov/ics/advisories/ICSA-13-344-01,2014-01-14,2018-09-06,WellinTech Vulnerabilities,1,WellinTech," This advisory was originally posted to the US-CERT secure Portal library on December 10, 2013, and is now being released to the NCCIC/ICS-CERT Web site. NCCIC/ICS-CERT received reports from the Zero Day Initiative (ZDI) regarding a remote code execution vulnerability and an information disclosure vulnerability in WellinTech KingSCADA, KingAlarm&Event, and KingGraphic applications. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi. WellinTech has produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-13-346-01,https://www.us-cert.gov/ics/advisories/ICSA-13-346-01,2013-12-12,2013-12-18,Cooper Power Systems Improper Input Validation Vulnerability,1,Cooper Power Systems," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the Cooper Power Systems SMP Gateway DNP3 protocol components. Cooper Power Systems has produced a new firmware version that mitigates this vulnerability. Cooper Power Systems has tested the new firmware version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-13-346-02,https://www.us-cert.gov/ics/advisories/ICSA-13-346-02,2013-12-12,2013-12-17,Cooper Power Systems Cybectec DNP3 Master OPC Server Improper Input Validation,1,Cooper Power Systems," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in Cooper Power Systems Cybectec DNP3 Master OPC Server software. Cooper Power Systems has discontinued the OPC server and recommends that customers use the SMP Gateway as a replacement that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-13-347-01,https://www.us-cert.gov/ics/advisories/ICSA-13-347-01,2013-12-13,2018-08-29,Siemens COMOS Privilege Escalation,1,Siemens," Siemens notified NCCIC/ICS-CERT of a privilege escalation vulnerability in the Siemens COMOS database application. An update has been produced by Siemens and is available to resolve the vulnerability. The client application used for accessing the database system might allow authenticated Windows users to elevate their rights in regard to the database access over the COMOS graphical user interface."
ICSA-13-350-01A,https://www.us-cert.gov/ics/advisories/ICSA-13-350-01A,2014-02-26,2018-09-06,Schneider Electric CitectSCADA Products Exception Handler Vulnerability (Update A),1,Schneider Electric,
ICSA-13-352-01,https://www.us-cert.gov/ics/advisories/ICSA-13-352-01,2013-12-18,2018-09-05,NovaTech Orion DNP3 Improper Input Validation Vulnerability,1,NovaTech," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the NovaTech Orion Substation Automation Platform. NovaTech has produced a firmware update that mitigates this vulnerability. The researchers have tested the firmware update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-006-01,https://www.us-cert.gov/ics/advisories/ICSA-14-006-01,2014-01-30,2018-09-06,Schneider Electric Telvent SAGE RTU DNP3 Improper Input Validation Vulnerability,1,Schneider Electric," This advisory was originally posted to the US-CERT secure portal library on January 06, 2014, and is now being released to the NCCIC/ICS-CERT Web site. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in the Schneider Electric Telvent SAGE 3030 remote terminal unit (RTU). Schneider Electric has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-007-01B,https://www.us-cert.gov/ics/advisories/ICSA-14-007-01B,2014-07-23,2018-09-06,Sierra Wireless AirLink Raven X EV-DO Vulnerabilities (Update B),1,Sierra Wireless," This updated advisory is a follow-up to the advisory titled ICSA-14-007-01A Sierra Wireless AirLink Raven X EV-DO Multiple Vulnerabilities that was published January 16, 2014, on the NCCIC/ICS-CERT web site. A researcher at Cimation has identified multiple vulnerabilities in the Sierra Wireless AirLink Raven X EV-DO application. Sierra Wireless has discontinued the AirLink Raven X EV-DO and recommends that customers use GX400, GX440, or LS300 as replacements that mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-008-01,https://www.us-cert.gov/ics/advisories/ICSA-14-008-01,2014-01-08,2018-09-06,Ecava Sdn Bhd IntegraXor Project Directory Information Disclosure Vulnerability,1,Ecava," NCCIC/ICS-CERT received a report from the Zero Day Initiativea (ZDI) regarding a project directory information disclosure vulnerability in the Ecava Sdn Bhd IntegraXor application. This vulnerability was reported to ZDI by security researcher “Alphazorx aka technically.screwed.” Ecava Sdn Bhd has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-010-01,https://www.us-cert.gov/ics/advisories/ICSA-14-010-01,2014-02-11,2018-09-06,MatrikonOPC Improper Input Validation,1,MatrikonOPC," This advisory was originally posted to the US-CERT secure Portal library on January 10, 2014, and is now being released to the NCCIC/ICS-CERT web site. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the MatrikonOPC SCADA DNP3 OPC Server application. MatrikonOPC has produced a patch that mitigates this vulnerability. The researchers have tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-014-01,https://www.us-cert.gov/ics/advisories/ICSA-14-014-01,2014-01-14,2018-09-06,Schneider Electric ClearSCADA Uncontrolled Resource Consumption Vulnerability,1,Schneider Electric," Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an uncontrolled resource consumption vulnerability in the Schneider Electric SCADA Expert ClearSCADA software. Schneider Electric has produced a new version that mitigates this vulnerability. Adam Crain has tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-016-01,https://www.us-cert.gov/ics/advisories/ICSA-14-016-01,2014-01-16,2018-09-06,Ecava IntegraXor Buffer Overflow Vulnerability,1,Ecava," This advisory is a follow-up to the alert titled ICS-ALERT-14-015-01 Ecava IntegraXor Buffer Overflow Vulnerability that was published January 15, 2014, on the NCCIC/ICS-CERT Web site. Independent researcher Luigi Auriemma identified a buffer overflow vulnerability in the Ecava IntegraXor application without coordination with NCCIC/ICS-CERT, the vendor, or any other coordinating entity known to NCCIC/ICS-CERT. Ecava has produced a patch version that mitigates this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-021-01,https://www.us-cert.gov/ics/advisories/ICSA-14-021-01,2014-02-04,2018-09-06,Rockwell RSLogix 5000 Password Vulnerability,1,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on January 21, 2014, and is now being released to the NCCIC/ICS-CERT Web site. Independent researcher Stephen Dunlap has identified a password vulnerability in the Rockwell Automation RSLogix 5000 software. Rockwell Automation has produced a new version that mitigates this vulnerability."
ICSA-14-023-01,https://www.us-cert.gov/ics/advisories/ICSA-14-023-01,2014-01-23,2018-09-06,GE Proficy Vulnerabilities,1,GE," Researchers amisto0x07 and Z0mb1E of Zero Day Initiative (ZDI) have identified two vulnerabilities in the General Electric (GE) Proficy human-machine interface/supervisory control and data acquisition (HMI/SCADA) - CIMPLICITY application. GE has released security advisories, GEIP13-05 and GEIP13-06, to inform customers about these vulnerabilities. These vulnerabilities could be exploited remotely. "
ICSA-14-030-01,https://www.us-cert.gov/ics/advisories/ICSA-14-030-01,2014-01-30,2018-09-06,3S CoDeSys Runtime Toolkit NULL Pointer Dereference,1,3S-Smart Software Solutions," Independent researcher Nicholas Miles has identified a NULL pointer dereference vulnerability in Smart Software Solutions (3S) CoDeSys Runtime Toolkit application. 3S has produced an update that mitigates this vulnerability. Nicholas Miles has tested the update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-035-01,https://www.us-cert.gov/ics/advisories/ICSA-14-035-01,2014-02-04,2018-09-06,Siemens SIMATIC WinCC OA Multiple Vulnerabilities,1,Siemens," Researchers Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies have identified multiple vulnerabilities in the Siemens SIMATIC WinCC Open Architecture (OA) application. Siemens has produced updates that mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-051-01,https://www.us-cert.gov/ics/advisories/ICSA-14-051-01,2014-02-20,2018-09-06,ICONICS GENESIS32 Insecure ActiveX Control,1,ICONICS," NCCIC/ICS-CERT discovered a vulnerability in the ICONICS GENESIS32 application during resolution of unrelated products. ICONICS has produced a patch for all vulnerable versions of its GENESIS32 product. ICONICS GENESIS32 Version 9.0 and newer are not vulnerable to this ActiveX vulnerability. This vulnerability could be exploitable remotely, but requires user interaction."
ICSA-14-051-02,https://www.us-cert.gov/ics/advisories/ICSA-14-051-02,2014-02-20,2018-09-06,Mitsubishi Electric Automation MC-WorX Suite Unsecure ActiveX Control,1,Mitsubishi Electric Automation," This advisory is a follow-up to the original alert, titled ICS-ALERT-13-259-01 Mitsubishi MC-WorX Suite Unsecure ActiveX Control,a published September 16, 2013, on the NCCIC/ICS-CERT web site (this was originally incorrectly identified as MC-WorkX, the correct product name is MC-WorX). The original alert was prompted by an uncoordinated public web site release September 15, 2013, by an anonymous researcher. The anonymous researcher, “Blake,” identified an insecure ActiveX control vulnerability in Mitsubishi Electric Automation’s MC-WorX application with proof-of-concept (PoC) code, without coordination with NCCIC/ICS-CERT, the vendor, or any other coordinating entity known to NCCIC/ICS-CERT. Mitsubishi Electric Automation, Inc has developed a patch for the vulnerable version (8.02). The currently available version of this product is MC-WorX v9.22 released in 2011, which is not vulnerable to this ActiveX vulnerability. This vulnerability could be exploitable remotely, but requires user interaction. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-051-03B,https://www.us-cert.gov/ics/advisories/ICSA-14-051-03B,2014-05-27,2018-09-06,Siemens RuggedCom Uncontrolled Resource Consumption Vulnerability (Update B),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-14-051-03A Siemens RuggedCom Uncontrolled Resource Consumption Vulnerability that was published March  18, 2014, on the NCCIC/ICS-CERT web site. Researchers Ling Toh Koh, Ng Yi Teng, Seyed Dawood Sajjadi Torshizi, Ryan Lee, and Ho Ping Hou of EV-Dynamic, Malaysia, have identified an uncontrolled resource consumption vulnerability in the Siemens RuggedCom ROS-based devices. Siemens has produced a firmware update that mitigates this vulnerability. The vulnerability could be exploited remotely."
ICSA-14-051-04,https://www.us-cert.gov/ics/advisories/ICSA-14-051-04,2014-02-20,2018-09-06,NTP Reflection Attack,1,Other," NCCIC/ICS-CERT has been following the increase in denial-of-service (DoS) attacks using Network Time Protocol (NTP) Reflection. This type of attack provides an adversary the ability to generate high volume distributed denial of service (DDoS) traffic to target web sites or public-facing devices that could cause disruption to services. This vulnerability could be exploited remotely. Exploits that target this type of attack are known to be publicly available. Mitigations are available for both operators of NTP Stratum devices and possible victims of these attacks."
ICSA-14-058-01,https://www.us-cert.gov/ics/advisories/ICSA-14-058-01,2014-02-27,2018-09-06,Schneider Electric Floating License Manager Vulnerability,1,Schneider Electric," Schneider Electric had become aware of an “unquoted service path” vulnerability in the Schneider Electric Floating License Manager, produced a patcha that mitigates this vulnerability, and notified NCCIC/ICS-CERT."
ICSA-14-058-02,https://www.us-cert.gov/ics/advisories/ICSA-14-058-02,2014-02-27,2018-09-06,Schneider Electric OFS Buffer Overflow Vulnerability,1,Schneider Electric," Schneider Electric has reported to NCCIC/ICS-CERT a Stack Buffer Overflow vulnerability supplied with the Schneider Electric OPC Factory Server (OSF). Independent researcher (known as) 0x7A240E67 submitted the vulnerability to ZDI, who provided coordination with the vendor and ICS-CERT."
ICSA-14-070-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-070-01A,2014-05-13,2018-09-06,Yokogawa CENTUM CS 3000 Vulnerabilities (Update A),1,Yokogawa," This updated advisory is a follow-up to the original advisory titled ICSA-14-070-01 Yokogawa CENTUM CS 3000 Vulnerabilities that was published March 11, 2014, on the NCCIC/ICS-CERT web site. Juan Vazquez of Rapid7 Inc.,a and independent researcher Julian Vilas Diaz have identified several buffer overflow vulnerabilities and released proof-of-concept (exploit) code for the Yokogawa CENTUM CS 3000 application. CERT/CC, ICS-CERT, and JPCERT have coordinated with Rapid7 and Yokogawa to mitigate these vulnerabilities."
ICSA-14-072-01,https://www.us-cert.gov/ics/advisories/ICSA-14-072-01,2014-03-13,2018-09-06,Schneider Electric StruxureWare SCADA Expert ClearSCADA Parsing Vulnerability,1,Schneider Electric," Andrew Brooks identified and reported to The Zero Day Initiative (ZDI) a File Parsing Vulnerability: Schneider Electric StruxureWare SCADA Expert ClearSCADA ServerMain.exe OPF File Parsing Vulnerability. Schneider Electric has prepared workarounds and helped develop security upgrades for a third-party component that is affected."
ICSA-14-073-01,https://www.us-cert.gov/ics/advisories/ICSA-14-073-01,2014-03-14,2018-09-06,Siemens SIMATIC S7-1500 CPU Firmware Vulnerabilities,1,Siemens," Siemens and Positive Technology researchers (Yury Goltsev, Llya Karpov, Alexey Osipov, Dmitry Serebryannikov and Alex Timorin) have identified nine firmware vulnerabilities in the Siemens SIMATIC S7-1500 CPU Firmware. Siemens has produced a patch that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. "
ICSA-14-079-01,https://www.us-cert.gov/ics/advisories/ICSA-14-079-01,2014-03-20,2018-09-06,Siemens SIMATIC S7-1200 Improper Input Validation Vulnerabilities,1,Siemens," Siemens has reported two improper input validation vulnerabilities discovered separately by Prof. Dr. Hartmut Pohl of softScheck GmbH and Arne Vidström of Swedish Defence Research Agency (FOI) in Siemens’ SIMATIC S7-1200 PLC. Siemens has produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-079-02,https://www.us-cert.gov/ics/advisories/ICSA-14-079-02,2014-03-20,2018-08-23,Siemens SIMATIC S7-1200 Vulnerabilities,1,Siemens," Siemens, Ralf Spenneberg of OpenSource Training, Lucian Cojocar of EURECOM, Sascha Zinke from the FU Berlin’s work team SCADACS, and Positive Technologies’ researchers (Alexey Osipov, and Alex Timorin) have identified six vulnerabilities in the Siemens SIMATIC S7-1200 CPU family. Siemens has produced a new product release that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-079-03,https://www.us-cert.gov/ics/advisories/ICSA-14-079-03,2014-04-08,2018-09-06,Advantech WebAccess Vulnerabilities,1,Advantech," This advisory is a follow-up to the original advisory titled “ICSA-14-079-03P Advantech WebAccess Vulnerabilities” that was posted to the US-CERT secure Portal library March 20, 2014. Researchers working with HP’s Zero Day Initiative (ZDI), Andrea Micalizzi, aka rgod, Tom Gallagher, and an independent anonymous researcher, have identified several vulnerabilities in Advantech’s WebAccess application. ZDI reported them to NCCIC/ICS-CERT. Advantech has produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-084-01,https://www.us-cert.gov/ics/advisories/ICSA-14-084-01,2014-04-24,2018-09-06,Festo CECX-X-(C1/M1) Controller Vulnerabilities,1,Festo," This advisory was originally posted to the US-CERT secure Portal library on March 25, 2014, and is now being released to the NCCIC/ICS-CERT web site. K. Reid Wightman of IOActive, Inc. has identified vulnerabilities in Festo’s CECX-X-C1 and CECX-X-M1 controllers. Festo has decided not to resolve these vulnerabilities because of compatibility reasons with existing engineering tools. This places critical infrastructure asset owners using this product at risk. This advisory is being published to alert critical infrastructure asset owners of the risk of using this equipment and for them to increase compensating measures if possible. These vulnerabilities can be remotely exploited, and public exploit code is known to be available."
ICSA-14-086-01,https://www.us-cert.gov/ics/advisories/ICSA-14-086-01,2014-03-27,2018-09-06,Schneider Electric Serial Modbus Driver Buffer Overflow,1,Schneider Electric," Carsten Eiram of Risk-Based Security has identified a stack-based buffer overflow vulnerability in Schneider Electric’s Serial Modbus Driver that affects 11 Schneider Electric products. Schneider Electric has produced patches that mitigate this vulnerability. This vulnerability can be exploited remotely."
ICSA-14-086-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-086-01A,2014-04-01,2018-09-06,Schneider Electric Serial Modbus Driver Buffer Overflow (Update A),1,Schneider Electric," This updated advisory is a follow-up to the original advisory titled ICSA-14-086-01A Schneider Electric Serial Modbus Driver Buffer Overflow that was published March 27, 2014, on the NCCIC/ICS-CERT web site. Carsten Eiram of Risk-Based Security has identified a stack-based buffer overflow vulnerability in Schneider Electric’s Serial Modbus Driver that affects 11 Schneider Electric products. Schneider Electric has produced patches that mitigate this vulnerability for some of the products listed below. This vulnerability can be exploited remotely."
ICSA-14-087-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-087-01A,2014-05-27,2018-09-06,Siemens ROS Improper Input Validation (Update A),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-14-087-01 Siemens ROS Improper Input Validation that was published March  28, 2014, on the NCCIC/ICS-CERT web site. Researcher Aivar Liimets from Martem Telecontrol Systems reported an improper input validation vulnerability in the Siemens Rugged Operating System (ROS), which could cause a denial-of-service (DoS) condition against the device’s management web interface. Siemens coordinated the vulnerability details with ICS-CERT and has provided information for mitigation of the vulnerability. This vulnerability can be exploited remotely."
ICSA-14-091-01,https://www.us-cert.gov/ics/advisories/ICSA-14-091-01,2014-04-29,2018-09-06,Ecava IntegraXor Guest Account Information Disclosure Vulnerability,1,Ecava," This advisory was originally posted to the US-CERT secure Portal library on April 1, 2014, and is now being released to the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi, aka rgod, has identified an information disclosure vulnerability in the Ecava IntegraXor application. Mr. Micalizzi submitted the vulnerability to ZDI (Zero Day Initiative) who in turn, coordinated the information with ICS-CERT. Ecava has produced a new release that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-093-01,https://www.us-cert.gov/ics/advisories/ICSA-14-093-01,2014-04-03,2018-09-06,Schneider Electric OPC Factory Server Buffer Overflow,1,Schneider Electric," Researcher Wei Gao, formerly of IXIA, has identified a buffer overflow vulnerability in the Schneider Electric OPC Factory Server (OFS) application. Schneider Electric has produced a patch that mitigates this vulnerability. Wei Gao has tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-098-01,https://www.us-cert.gov/ics/advisories/ICSA-14-098-01,2014-04-08,2018-08-27,OSIsoft PI Interface for DNP3 Improper Input Validation,1,OSIsoft," Adam Crain of Automatak and Chris Sistrunk, Sr. Consultant for Mandiant, have identified an improper input validation vulnerability in the OSIsoft PI Interface for DNP3 product. OSIsoft has produced an update that mitigates this vulnerability. OSIsoft and Automatak have tested the new version to validate that it resolves the vulnerability This vulnerability can be remotely exploited."
ICSA-14-098-02,https://www.us-cert.gov/ics/advisories/ICSA-14-098-02,2014-04-08,2018-09-06,WellinTech KingSCADA Stack-Based Buffer Overflow,1,WellinTech," An anonymous researcher working with HP’s Zero Day Initiative has identified a stack-based buffer overflow in the WellinTech KingSCADA Stack. WellinTech has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-098-03,https://www.us-cert.gov/ics/advisories/ICSA-14-098-03,2014-04-08,2018-09-06,Siemens Ruggedcom WIN Products BEAST Attack Vulnerability,1,Siemens," Siemens has identified a BEAST (Browser Exploit Against SSL/TLS) attack vulnerability in Siemens Ruggedcom WIN products. This vulnerability was originally reported directly to Siemens ProductCERT by Dan Frein and Paul Cotter of West Monroe Partners. Siemens has produced a firmware update that fixes compatibility issues with BEAST mitigations of current browser versions. This vulnerability could be exploited remotely."
ICSA-14-100-01,https://www.us-cert.gov/ics/advisories/ICSA-14-100-01,2014-04-10,2018-09-06,IOServer Out of Bounds Read Vulnerability,1,IOServer," Chris Sistrunk of Mandiant and Adam Crain of Automatak have identified an out of bounds read vulnerability in IOServer’s OPC Server application. IOServer has released a new version that mitigates this vulnerability. The researchers have tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-105-01,https://www.us-cert.gov/ics/advisories/ICSA-14-105-01,2014-04-15,2018-09-06,Progea Movicon SCADA Information Disclosure Vulnerability,1,Progea," Celil Ünüver of SignalSEC Ltd. has identified an information disclosure vulnerability in the Progea Movicon application. Progea has produced a new version that mitigates this vulnerability. The researcher has tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-105-02A,https://www.us-cert.gov/ics/advisories/ICSA-14-105-02A,2014-04-17,2018-09-06,Innominate mGuard OpenSSL HeartBleed Vulnerability (Update A),1,Innominate," Researcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Innominate has released a new firmware version that mitigates the OpenSSL HeartBleed vulnerability in the mGuard products."
ICSA-14-105-03B,https://www.us-cert.gov/ics/advisories/ICSA-14-105-03B,2014-05-20,2018-09-06,Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-14-105-03A Siemens Industrial Products OpenSSL Heartbleed Vulnerability that was published April 29, 2014, on the NCCIC/ICS-CERT web site. Siemens reported to ICS-CERT a list of products affected by the OpenSSL vulnerability (known as “Heartbleed”). Joel Langill of Infrastructure Defense Security Services reported to ICS-CERT and Siemens the OpenSSL vulnerability affecting the S7-1500."
ICSA-14-107-01,https://www.us-cert.gov/ics/advisories/ICSA-14-107-01,2014-04-17,2018-09-06,Siemens SINEMA Vulnerabilities,1,Siemens," Siemens has identified vulnerabilities in SINEMA server. Siemens has produced a software update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-107-02,https://www.us-cert.gov/ics/advisories/ICSA-14-107-02,2014-04-24,2018-08-23,InduSoft Web Studio Directory Traversal Vulnerability,1,InduSoft," This advisory was originally posted to the US-CERT secure Portal library on April 17, 2014, and is now being released to the NCCIC/ICS-CERT web site. ICS-CERT received a report from the Zero Day Initiative (ZDI) concerning a Directory Traversal vulnerability affecting the InduSoft Web Studio application. This vulnerability was reported to ZDI by security researcher John Leitch. Successful exploitation of this vulnerability could allow remote execution of arbitrary code. This vulnerability could be exploited remotely."
ICSA-14-114-01,https://www.us-cert.gov/ics/advisories/ICSA-14-114-01,2014-04-24,2018-08-23,Certec atvise scada OpenSSL Heartbleed Vulnerability,1,Certec EDV GmbH," Researcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Certec has released new libraries that mitigate the OpenSSL Heartbleed vulnerability in atvise scada. This vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available."
ICSA-14-114-02,https://www.us-cert.gov/ics/advisories/ICSA-14-114-02,2014-04-24,2018-09-06,Siemens SIMATIC S7-1200 CPU Web Vulnerabilities,1,Siemens," Siemens ProductCERT and Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training have reported two vulnerabilities in the Siemens SIMATIC S7-1200 CPU family. Siemens has produced a new product release that mitigates these vulnerabilities."
ICSA-14-121-01,https://www.us-cert.gov/ics/advisories/ICSA-14-121-01,2014-05-01,1900-01-01,AMTELCO miSecure Vulnerabilities,1,AMTELCO," Researcher Jared Bird of Allina Health reported multiple vulnerabilities in the AMTELCO miSecureMessage (MSM) medical messaging system. AMTELCO has an update available to all customers that mitigates the vulnerabilities. The vulnerabilities were discovered during cooperative testing between Allina Health and AMTELCO. This issue was separately reported to CERT/CC, which posted a notification on April 11, 2014, available here: http://www.kb.cert.org/vuls/id/251628 These vulnerabilities can be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-14-126-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-126-01A,2014-07-08,2018-09-06,ABB Relion 650 Series OpenSSL Vulnerability (Update A),1,ABB,
ICSA-14-128-01,https://www.us-cert.gov/ics/advisories/ICSA-14-128-01,2014-05-08,2018-09-06,Digi International OpenSSL Vulnerability,1,Digi International," Digi International has identified five products that are vulnerable to the OpenSSL Heartbleed bug. Digi International has produced downloadable firmware upgrade versions that mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-133-01,https://www.us-cert.gov/ics/advisories/ICSA-14-133-01,2014-05-13,2018-09-06,Yokogawa Multiple Products Vulnerabilities,1,Yokogawa," Yokogawa reports that several buffer overflow vulnerabilities affect several of its products. Juan Vazquez of Rapid7 Inc.,a and independent researcher Julian Vilas Diaz reported to CERT/CC that they identified several vulnerabilities for the Yokogawa CENTUM CS 3000 application. In the investigation of this report, Yokogawa found other products that could also be affected. Please see the affected products below for the complete list. CERT/CC, NCCIC/ICS-CERT, and JPCERT have coordinated with Rapid7 and Yokogawa to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-14-133-02,https://www.us-cert.gov/ics/advisories/ICSA-14-133-02,2014-05-22,2018-09-06,Emerson DeltaV Vulnerabilities,1,Emerson," This advisory was originally posted to the US-CERT secure Portal library on May 13, 2014, and is being released to the NCCIC/ICS-CERT web site. Emerson has identified two authorization vulnerabilities in the Emerson DeltaV application. These vulnerabilities were reported directly to Emerson by Kirill Nesterov, Alexander Tlyapov, Dmitry Nagibin, Alexey Osipov, and Timur Yunusov of Positive Technologies. Emerson has produced a patch that mitigates these vulnerabilities."
ICSA-14-135-01,https://www.us-cert.gov/ics/advisories/ICSA-14-135-01,2014-05-15,2018-09-06,CSWorks Software SQL Injection Vulnerability,1,CSWorks," Researcher John Leitch, working with HP’s Zero Day Initiative (ZDI), has identified an SQL injection vulnerability in CSWorks’ CSWorks software framework. CSWorks has produced an updated version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-135-02,https://www.us-cert.gov/ics/advisories/ICSA-14-135-02,2014-05-15,2018-08-27,Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability,1,Schneider Electric," Schneider Electric Wonderware’s Cyber Security Team has identified an OpenSSL Heartbleed vulnerability in the Wonderware Intelligence application, caused by a third-party component. Schneider Electric Wonderware has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-135-03A,https://www.us-cert.gov/ics/advisories/ICSA-14-135-03A,2014-10-16,2018-09-06,Siemens RuggedCom ROX-based Devices Certificate Verification Vulnerability (Update A),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-14-135-03 Siemens RuggedCom ROX-Based Devices Certificate Verification Vulnerability that was published May 15, 2014, on the NCCIC/ICS-CERT web site. Siemens has reported to ICS-CERT an incorrect certificate verification in RuggedCom ROX-based devices. Siemens is working on a firmware update for the affected products. This vulnerability could be exploited remotely."
ICSA-14-135-04,https://www.us-cert.gov/ics/advisories/ICSA-14-135-04,2014-05-15,2018-09-06,Unified Automation OPC SDK OpenSSL Vulnerability,1,Unified Automation," On April 09, 2014, Unified Automation GmbH announced that its OPC UA Software Development Kits (SDKs) for Windows included vulnerable OpenSSL libraries. HTTPS support is disabled by default in Unified Automation SDK products. However if HTTPS is used, Unified Automation recommends replacing the OpenSSL library with a current version (1.01.g or later) to mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-135-05,https://www.us-cert.gov/ics/advisories/ICSA-14-135-05,2014-05-15,2018-08-27,OpenSSL Vulnerability,1,Other," This advisory is a follow-up to the updated alert titled ICS-ALERT-14-099-01E Situational Awareness Alert for OpenSSL Vulnerability that was published April 29, 2014, on the NCCIC/ICS-CERT web site. The OpenSSL (Heartbleed) vulnerability was independently identified by both Neel Mehta of Google Security on April 1, 2014, and 2 days later by a team of security engineers Riku, Antti, and Matti at Codenomicon.a b The OpenSSL (Heartbleed) vulnerability has been identified in OpenSSL Versions 1.0.1 through 1.0.1f and 1.0.2-beta1 that contain a flaw in the implementation of the transport layer security/datagram transport layer security (TLS/DTLS) heartbeat functionality. OpenSSL Version 1.0.1g addresses and mitigates this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-149-01,https://www.us-cert.gov/ics/advisories/ICSA-14-149-01,2014-05-29,2018-09-06,Triangle MicroWorks Uncontrolled Resource Consumption,0,Triangle MicroWorks," Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified an uncontrolled resource consumption vulnerability in Triangle MicroWorks products and third-party components. Triangle MicroWorks has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-149-02,https://www.us-cert.gov/ics/advisories/ICSA-14-149-02,2014-05-29,2018-09-06,Cogent DataHub Vulnerabilities,1,Cogent Real-Time Systems Inc," Independent researcher Alain Homewood has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent Real-Time Systems has produced a new version that mitigates three of the four identified vulnerabilities; they have recommended a mitigation for the unresolved vulnerability. The researcher has tested the new version to validate that it resolves three of the four vulnerabilities. Three of the identified vulnerabilities could be exploited remotely."
ICSA-14-154-01,https://www.us-cert.gov/ics/advisories/ICSA-14-154-01,2014-06-03,2018-09-06,COPA-DATA Improper Input Validation,1,COPA-DATA," Automation software company Ing. Punzenberger COPA-DATA GmbH reported an improper input validation vulnerability affecting the DNP3 driver in the zenon SCADA software. The vulnerability was found based on the DNP3 research conducted by Adam Crain of Automatak and Chris Sistrunk of Mandiant. COPA-DATA has produced an update that mitigates the vulnerability, as well as provides customer support information to assist asset owners and integrators. This vulnerability could be exploited remotely."
ICSA-14-156-01,https://www.us-cert.gov/ics/advisories/ICSA-14-156-01,2014-06-05,2018-08-23,OpenSSL Releases Security Advisory,1,Other," On June 5, 2014, OpenSSL announceda that they were releasing new versions that mitigate several additional vulnerabilities that were discovered since the last OpenSSL vulnerability, which was caused by the HeartBleed bug in April. These vulnerabilities were discovered by various researchers including: KIKUCHI Masashi of Lepidum Co. Ltd., Imre Rad of Search-Lab Ltd., Jüri Aedla, Felix Gröbert, and Ivan Fratric at Google. More information about these vulnerabilities and the new versions that mitigate them can be found in the OpenSSL Security Advisory and in the CERT/CC vulnerability note.b These vulnerabilities can be exploited remotely. Exploits that target some of these vulnerabilities are publicly available."
ICSA-14-175-01,https://www.us-cert.gov/ics/advisories/ICSA-14-175-01,2014-07-22,2018-09-06,Honeywell FALCON XLWeb Controllers Vulnerabilities,1,Honeywell," This advisory was originally posted to the US-CERT secure Portal library on June 24, 2014, and is being released to the NCCIC/ICS-CERT web site. Martin Jartelius of Outpost24 has identified an authentication bypass vulnerability in Honeywell FALCON XLWeb controllers. Juan Francisco Bolivar has identified cross-site scripting vulnerabilities in Honeywell FALCON XLWeb controllers. Honeywell has produced an update that mitigates both vulnerabilities. Mr. Jartelius has tested the update to validate that it resolves the vulnerability that he reported. These vulnerabilities could be exploited remotely."
ICSA-14-178-01,https://www.us-cert.gov/ics/advisories/ICSA-14-178-01,2014-06-30,2018-08-22,ICS Focused Malware,1,Other," This advisory is a follow-up to the updated alert titled ICS-ALERT-14-176-02A that was published June 27, 2014, on the NCCIC/ICS-CERT web site. This advisory provides additional details regarding ICS Focused Malware Havex. NCCIC/ICS-CERT is analyzing malware and artifacts associated with an industrial control system (ICS) focused malware campaign that uses multiple vectors for infection. These include phishing emails, redirections to compromised web sites and most recently, trojanized update installers on at least three ICSs vendor web sites, in what are referred to as watering-hole style attacks. Based on information ICS-CERT has obtained from Symantec and F-Secure,a the software installers for these vendors were infected with malware known as the Havex Trojan (Backdoor.Oldrea).b According to analysis, these techniques could have allowed attackers to access the networks of systems that have installed the trojanized software. Symantec describes the victims as Spain, US, France, Italy, and Germany in that order. Symantec has posted a Security Response whitepaper that details this activity and provides indicators of compromise. Symantec also ties this campaign with previous watering hole activity, namely Trojan.Karagany and the Lightsout exploit kit. The Trojan.Karagany was previously identified by Cisco as part of another watering hole attack targeting energy and oil sectors.  This malware was analyzed and detailed by ICS-CERT in Analysis Report-14-30001 Cisco Watering-Hole Malware, located within the secure portal library."
ICSA-14-189-01,https://www.us-cert.gov/ics/advisories/ICSA-14-189-01,2014-07-08,2018-09-06,Yokogawa Centum Buffer Overflow Vulnerability,1,Yokogawa," Researcher group Rapid7 has identified a buffer overflow vulnerability in Yokogawa CENTUM products. Yokogawa has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-189-02,https://www.us-cert.gov/ics/advisories/ICSA-14-189-02,2014-07-29,2018-09-06,Innominate mGuard Unauthorized Leakage of System Data,1,Innominate," This advisory was originally posted to the US-CERT secure Portal library on July 8, 2014, and is being released to the NCCIC/ICS-CERT web site. The Applied Risk Research team has identified an unauthorized download of system information from Innominate mGuard devices. Innominate has produced a firmware patch that mitigates this vulnerability. This firmware patch has been validated by the Applied Risk Research team, and the original vulnerability research is referenced on at http://www.applied-risk.com as ARA-2014001. This vulnerability could be exploited remotely."
ICSA-14-196-01,https://www.us-cert.gov/ics/advisories/ICSA-14-196-01,2014-07-31,2018-09-06,SubSTATION Server Telegyr 8979 Master Vulnerabilities,1,SUBNET Solutions Inc.," This advisory was originally posted to the US-CERT secure Portal library on July 15, 2014, and is being released to the NCCIC/ICS-CERT web site. Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a Buffer Overflow Vulnerability in the SUBNET Solutions Inc (SUBNET), SubSTATION Server 2, Telegyr 8979 Master application. SUBNET has produced a hot fix that mitigates this and a related vulnerability the vendor found independently. The researchers have tested the new hot fix and validate that it resolves these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-198-01,https://www.us-cert.gov/ics/advisories/ICSA-14-198-01,2014-07-17,2018-09-06,Cogent DataHub Code Injection Vulnerability,1,Cogent Real-Time Systems Inc," NCCIC/ICS-CERT has become aware of a code injection vulnerability affecting the Cogent DataHub application produced by Cogent Real-Time Systems, Inc. (hereafter referred to as Cogent). Security researcher John Leitch reported this vulnerability to the Zero Day Initiative (ZDI), who then reported it directly to Cogent. Successful exploitation of this vulnerability could allow remote execution of arbitrary code. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-198-02,https://www.us-cert.gov/ics/advisories/ICSA-14-198-02,2014-07-17,2018-09-06,Advantech WebAccess Vulnerabilities,1,Advantech," NCCIC/ICS-CERT received a report from the Zero Day Initiative (ZDI) concerning vulnerabilities affecting the Advantech WebAccess application. These vulnerabilities were reported to ZDI by security researchers Dave Weinstein, Tom Gallagher, John Leitch, and others. Advantech has produced an updated software version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-14-198-03G,https://www.us-cert.gov/ics/advisories/ICSA-14-198-03G,2015-02-17,2018-08-29,Siemens OpenSSL Vulnerabilities (Update G),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-14-198-03F Siemens OpenSSL Vulnerabilities that was published October 16, 2014, on the NCCIC/ICS-CERT web site."
ICSA-14-202-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-202-01A,2015-05-21,2018-08-27,OleumTech WIO Family Vulnerabilities (Update A),1,OleumTech," This updated advisory is a follow-up to the original advisory titled ICSA-14-202-01 OleumTech WIO Family Vulnerabilities that was published July 21, 2014, on the NCCIC/ICS-CERT web site."
ICSA-14-203-01,https://www.us-cert.gov/ics/advisories/ICSA-14-203-01,2014-07-22,2019-01-31,Omron NS Series HMI Vulnerabilities,1,Omron," Researcher Joel Sevilleja Febrer of S2 Grupo has identified multiple vulnerabilities in Omron Corporation’s NS series human-machine interface (HMI) terminals. Omron Corporation has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-205-01,https://www.us-cert.gov/ics/advisories/ICSA-14-205-01,2014-07-24,2018-09-06,Morpho Itemiser 3 Hard-Coded Credential,1,Morpho," Independent researchers Billy Rios and Terry McCorkle have identified hard-coded credentials in the Morpho Itemiser 3. Morpho has not produced a patch, update, or new version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-205-02A,https://www.us-cert.gov/ics/advisories/ICSA-14-205-02A,2014-10-07,2018-09-06,Siemens SIMATIC WinCC Vulnerabilities (Update A),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-14-205-02 Siemens SIMATIC WinCC Vulnerabilities that was published July 24, 2014, on the NCCIC/ICS-CERT web site. Researchers Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai of Positive Technologies identified four of five vulnerabilities in the Siemens SIMATIC WinCC application. An anonymous researcher identified the remaining vulnerability. Siemens has produced an update that mitigates these vulnerabilities. All but one of the reported vulnerabilities could be exploited remotely."
ICSA-14-224-01,https://www.us-cert.gov/ics/advisories/ICSA-14-224-01,2014-09-11,2018-09-06,Ecava Integraxor SCADA Server Vulnerabilities,1,Ecava," This advisory was originally posted to the US-CERT secure Portal library on August 12, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi identified an Improper Privilege Management vulnerability within Ecava’s IntegraXor SCADA Server and reported it to Zero Day Initiative (ZDI). ZDI reported the vulnerability to NCCIC/ICS-CERT. Independent researcher Alain Homewood identified three other vulnerabilities in the Ecava’s IntegraXor SCADA Server. Ecava has produced a patch that mitigates these vulnerabilities. Alain Homewood has tested the patch to validate that it resolves the vulnerabilities he has identified. These vulnerabilities could be exploited remotely."
ICSA-14-226-01,https://www.us-cert.gov/ics/advisories/ICSA-14-226-01,2014-08-14,2018-08-22,Siemens SIMATIC S7-1500 CPU Denial of Service,1,Siemens," Arnaud Ebalard from Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) has reported a denial-of-service (DoS) vulnerability in Siemens SIMATIC S7-1500 CPU. Siemens produced a new firmware version that mitigates this vulnerability and then reported it to NCCIC/ICS-CERT. This vulnerability could be exploited remotely."
ICSA-14-238-01,https://www.us-cert.gov/ics/advisories/ICSA-14-238-01,2014-08-26,2018-09-06,CG Automation Improper Input Validation,1,CG Automation," Researchers Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified an improper input validation vulnerability in the CG Automation ePAQ-9410 Substation Gateway DNP3 protocol components. CG Automation has produced an updated software that mitigates this vulnerability. CG Automation has tested the updated software to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-238-02,https://www.us-cert.gov/ics/advisories/ICSA-14-238-02,2014-08-26,2018-08-29,Schneider Electric Wonderware Vulnerabilities,1,Schneider Electric," Timur Yunusov, Ilya Karpov, Sergey Gordeychik, Alexey Osipov, and Dmitry Serebryannikov of the Positive Technologies Research Team have identified four vulnerabilities in the Schneider Electric Wonderware Information Server (WIS). Schneider Electric has produced an update that mitigates these vulnerabilities. Some of these vulnerabilities could be exploited remotely."
ICSA-14-247-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-247-01A,2014-10-28,1900-01-01,Sensys Networks Traffic Sensor Vulnerabilities (Update A),1,Sensys Networks," This updated advisory is a follow-up to the original advisory titled ICSA-14-247-01A Sensys Networks traffic sensor vulnerabilities that was published September 04, 2014, on the NCCIC/ICS-CERT web site. Researcher Cesar Cerrudo of IOActive has identified vulnerabilities in the Sensys Networks VSN240-F and VSN240-T traffic sensors. Sensys Networks has produced updated product versions that mitigate these vulnerabilities."
ICSA-14-254-01,https://www.us-cert.gov/ics/advisories/ICSA-14-254-01,2014-09-11,2018-09-06,Schneider Electric VAMPSET Buffer Overflow,1,Schneider Electric," Aivar Liimets of Martem AS has identified a buffer overflow vulnerability in Schneider Electric’s VAMPSET software product. He reported it directly to Schneider Electric who reported it to NCCIC/ICS-CERT once the problem was fixed. Schneider Electric has produced an update that mitigates this vulnerability. Mr. Liimets has tested the update to validate that it resolves the vulnerability."
ICSA-14-254-02,https://www.us-cert.gov/ics/advisories/ICSA-14-254-02,2014-09-30,2018-09-06,Rockwell Micrologix 1400 DNP3 DOS Vulnerability,1,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on September 11, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Matthew Luallen of CYBATI has identified a denial-of-service (DoS) vulnerability to the DNP3 implementation of the Allen-Bradley MicroLogix 1400 controller platform. Rockwell Automation has produced a firmware revision that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-259-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-259-01A,2014-10-07,2018-09-06,Schneider Electric SCADA Expert ClearSCADA Vulnerabilities (Update A),1,Schneider Electric," This updated advisory is a follow-up to the original advisory titled ICSA-14-259-01 Schneider Electric SCADA Expert ClearSCADA Vulnerabilities that was published September 16, 2014, on the NCCIC/ICS-CERT web site. Independent researcher Aditya Sood has identified a weak hashing algorithm and cross-site scripting vulnerability in Schneider Electric’s StruxureWare SCADA Expert ClearSCADA. Schneider Electric has identified an additional vulnerability in its StruxureWare SCADA Expert ClearSCADA product line. Schneider Electric is in the process of producing a patch that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-260-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-260-01A,2014-12-02,2018-09-05,Yokogawa CENTUM and Exaopc Vulnerability (Update A),1,Yokogawa," This updated advisory is a follow-up to the original advisory titled ICSA-14-260-01 Yokogawa CENTUM and Exaopc Vulnerability that was published September 17, 2014, on the NCCIC/ICS-CERT web site. Tod Beardsley of Rapid7 Inc. and Jim Denaro of CipherLaw have identified an authentication vulnerability and released proof-of-concept (exploit) code for the Yokogawa CENTUM CS 3000 series and Exaopc products. JPCERT and Yokogawa have mitigated this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-14-261-01,https://www.us-cert.gov/ics/advisories/ICSA-14-261-01,2014-09-18,2018-09-06,Advantech WebAccess Vulnerabilities,1,Advantech," Researcher Ricardo Narvaja of Core Security Technologies has identified several buffer overflow vulnerabilities in Advantech’s WebAccess application. Advantech has produced a patch that mitigates these vulnerabilities. The researcher has tested the patch to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-269-01 (Supplement),https://www.us-cert.gov/ics/advisories/ICSA-14-269-01-Supplement,2014-10-15,2014-11-12,Bash Command Injection Vulnerability (Supplement),0,Other,NULL
ICSA-14-269-01A,https://www.us-cert.gov/ics/advisories/ICSA-14-269-01A,2014-10-15,2018-09-06,Bash Command Injection Vulnerability (Update A),1,Other," This updated advisory is a follow-up to the original advisory titled ICSA-14-269-01 Bash Command Injection Vulnerability that was published September 26, 2014, on the NCCIC/ICS-CERT web site. A command injection vulnerability has been reported in the Bourne again shell (bash). Bash is the common command-line used in most Linux/Unix-based operating systems and Apple’s Mac OS X. The flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system. Industrial control systems running embedded versions of Linux may not be field upgradeable are of particular concern and may require alternate mitigation. Patches have been released to fix this vulnerability by major Linux vendors for affected versions. Solutions for CVE-2014-6271 do not completely resolve the vulnerability. It is advised to install existing patches and pay attention for updated patches to address CVE-2014-7169. Exploits that target this vulnerability are publicly available. As bash is a third-party component, asset owners, operators, and SCADA product developers are encouraged to investigate the use of the affected versions of bash in their environments. ICS-CERT encourages any asset owners/operators, developers, or vendors to coordinate known implementations of the affected products directly with ICS-CERT."
ICSA-14-269-02,https://www.us-cert.gov/ics/advisories/ICSA-14-269-02,2014-10-16,2018-09-06,Fox DataDiode Proxy Server CSRF Vulnerability,1,Fox-IT," This advisory was originally posted to the US-CERT secure Portal library on September 26, 2014, and is being released to the ICS-CERT web site. Tudor Enache of HelpAG identified a Cross-Site Request Forgery (CSRF) in the proxy server web administration interface for the Fox DataDiode Appliance Proxy Server. Fox-IT has produced Release 1.7.2 that resolves this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-273-01,https://www.us-cert.gov/ics/advisories/ICSA-14-273-01,2014-09-30,2018-09-06,SchneiderWEB Server Directory Traversal Vulnerability,1,Schneider Electric," Independent researcher Billy Rios has identified a directory traversal vulnerability in Schneider Electric’s SchneiderWEB, a web HMI. Schneider Electric has produced a firmware update that mitigates this vulnerability. Billy Rios has tested the update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-275-01,https://www.us-cert.gov/ics/advisories/ICSA-14-275-01,2014-10-30,2018-09-06,Meinberg Radio Clocks LANTIME M-Series XSS,1,Meinberg," This advisory was originally posted to the US-CERT secure Portal library on October 2, 2014, and is being released to the ICS-CERT web site. Martem Telecontrol Systems security researcher Aivar Liimets has identified a reflected cross-site scripting vulnerability in the Meinberg Radio Clocks GmbH & Co. KG LANTIME M400 web interface. Meinberg has produced a firmware update that mitigates this vulnerability in all LANTIME M-Series. Aivar Liimets has tested the firmware update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-275-02,https://www.us-cert.gov/ics/advisories/ICSA-14-275-02,2014-10-30,2018-09-06,Accuenergy Acuvim II Authentication Vulnerabilities,1,Accuenergy," This advisory was originally posted to the US-CERT secure Portal library on October 2, 2014, and is being released to the ICS-CERT web site. Independent researcher Laisvis Lingvevicius has identified two authentication vulnerabilities within the Accuenergy AXM-NET Ethernet module’s web server. The AXM-NET Ethernet module is an accessory for the Acuvim II. Accuenergy has produced a firmware upgrade that mitigates these vulnerabilities. The researcher has tested the firmware to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-287-01,https://www.us-cert.gov/ics/advisories/ICSA-14-287-01,2015-01-13,2018-08-29,GE Proficy HMI/SCADA DNP3 Driver Input Validation,1,"Catapult Software, GE"," This advisory was originally posted to the US-CERT secure Portal library on October 14, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Adam Crain of Automatak has identified an improper input validation in the DNP3 driver provided by Catapult Software. Catapult and GE have produced a patch that mitigates this vulnerability. GE has tested the patch to validate that it resolves the vulnerability in affected GE Proficy HMI/SCADA products. This vulnerability could be exploited remotely."
ICSA-14-288-01,https://www.us-cert.gov/ics/advisories/ICSA-14-288-01,2014-10-15,1900-01-01,CareFusion Pyxis SupplyStation System Vulnerabilities,1,CareFusion," Independent researcher Billy Rios identified authentication vulnerabilities in CareFusion’s Pyxis SupplyStation system. CareFusion has implemented additional controls to mitigate some of these vulnerabilities in the SupplyStation system. Some of the reported vulnerabilities could be exploited remotely. These vulnerabilities could be exploited if the network and/or physical security of healthcare facilities using the SupplyStation system are also compromised. "
ICSA-14-289-01,https://www.us-cert.gov/ics/advisories/ICSA-14-289-01,2014-10-16,2018-08-22,IOServer Resource Exhaustion Vulnerability,1,IOServer," Chris Sistrunk of Mandiant and Adam Crain of Automatak have identified an out of bound read vulnerability in the IOServer application. IOServer has produced a new version that mitigates this vulnerability. Adam Crain has tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-14-289-02,https://www.us-cert.gov/ics/advisories/ICSA-14-289-02,2015-01-15,2018-08-29,GE Proficy HMI/SCADA CIMPLICITY CimView Memory Access Violation,0,GE," This advisory was originally posted to the NCCIC/US-CERT secure Portal library on October 16, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Said Arfi has identified a memory access violation vulnerability in GE’s CIMPLICITY CimView application. GE has produced an update that mitigates this vulnerability."
ICSA-14-294-01,https://www.us-cert.gov/ics/advisories/ICSA-14-294-01,2014-11-11,2018-09-06,Rockwell Automation Connected Components Workbench ActiveX Component Vulnerabilities,0,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on November 6, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi working through ZDI has identified two custom ActiveX Component vulnerabilities in Rockwell Automation’s Connected Components Workbench (CCW) application. Rockwell Automation has produced, tested, and released a new software version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-303-01,https://www.us-cert.gov/ics/advisories/ICSA-14-303-01,2014-10-30,2018-09-06,Nordex NC2 XSS Vulnerability,1,Nordex," This advisory is a follow-up to the alert titled ICS-ALERT-13-304-01 Nordex NC2 – Cross-Site Scripting Vulnerability that was published October 31, 2013, on the NCCIC/ICS-CERT web site. Independent researcher Darius Freamon identified a cross-site scripting vulnerability in the Nordex Control 2 (NC2) application and released proof-of-concept (exploit) code without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. This vulnerability could be exploited remotely. Exploits that target this vulnerability are publicly available."
ICSA-14-303-02,https://www.us-cert.gov/ics/advisories/ICSA-14-303-02,2014-12-02,2018-09-05,Elipse SCADA DNP3 Denial of Service,1,Elipse," This advisory was originally posted to the US-CERT secure Portal library on October 30, 2014, and is being released to the NCCIC/ICS-CERT web site Independent researchers Adam Crain and Chris Sistrunk have identified a DNP3 denial-of-service vulnerability in the Elipse SCADA application. Elipse has produced a new version of the DNP3 driver that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-308-01,https://www.us-cert.gov/ics/advisories/ICSA-14-308-01,2014-11-04,2018-09-06,ABB RobotStudio and Test Signal Viewer DLL Hijack Vulnerability,1,ABB," Ivan Sanchez of WiseSecurity Team has identified a dll hijack vulnerability in the ABB RobotStudio and Test Signal Viewer applications. ABB has produced new versions that mitigate this vulnerability. Mr. Sanchez has tested the new version to validate that it resolves the vulnerability."
ICSA-14-324-01,https://www.us-cert.gov/ics/advisories/ICSA-14-324-01,2014-11-20,2018-09-05,Advantech WebAccess Stack-based Buffer Overflow,1,Advantech," Ricardo Narvaja from Core Security Consulting Services discovered and disclosed information regarding a buffer overflow vulnerabilitya in Advantech WebAccess. Joaquín Rodríguez Varela from the Core Advisories Team reported this to NCCIC/ICS-CERT, who coordinated with Advantech. Advantech has produced a new version of WebAccess that does not have this vulnerability when installed on a machine that did not have a previous version of WebAccess."
ICSA-14-329-01,https://www.us-cert.gov/ics/advisories/ICSA-14-329-01,2014-11-25,2018-09-05,MatrikonOPC for DNP Unhandled C++ Exception,1,MatrikonOPC," Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified an unhandled C++ exception in the MatrikonOPC DNP3 application. MatrikonOPC has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-329-02D,https://www.us-cert.gov/ics/advisories/ICSA-14-329-02D,2015-02-10,2018-08-29,"Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities (Update D)",1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-14-329-02C Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities that was published December 18, 2014, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities within products using the Siemens WinCC application. Siemens has produced a patch that mitigates this vulnerability in the WinCC application and is working on updates for the remaining affected products to address the other vulnerability in the WinCC application. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are potentially available."
ICSA-14-343-01,https://www.us-cert.gov/ics/advisories/ICSA-14-343-01,2014-12-09,2018-09-05,Yokogawa FAST/TOOLS XML External Entity,1,Yokogawa," Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies Inc. have identified an XML external entity processing vulnerability in the Yokogawa FAST/TOOLS application. Yokogawa has produced a service pack that mitigates this vulnerability."
ICSA-14-343-02,https://www.us-cert.gov/ics/advisories/ICSA-14-343-02,2014-12-09,2018-08-23,Trihedral Engineering Limited VTScada Integer Overflow Vulnerability,1,Trihedral Engineering Limited," An anonymous researcher working with HP’s Zero Day Initiative has identified an integer overflow vulnerability in Trihedral Engineering Ltd’s VTScada application. Trihedral Engineering Limited has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-345-01,https://www.us-cert.gov/ics/advisories/ICSA-14-345-01,2015-01-15,2018-08-29,Arbiter Systems 1094B GPS Clock Spoofing Vulnerability,1,Arbiter Systems," This advisory was originally posted to the US-CERT secure Portal library on December 11, 2014, and is being released to the NCCIC/ICS-CERT web site. Arbiter Systems has identified a GPS clock spoofing vulnerability in its 1094B clock. Arbiter Systems has produced a new product that is not vulnerable to this type of attack. This vulnerability could be exploited remotely."
ICSA-14-350-01,https://www.us-cert.gov/ics/advisories/ICSA-14-350-01,2014-12-16,2018-09-05,Schneider Electric ProClima Command Injection Vulnerabilities,1,Schneider Electric," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning command injection vulnerabilities in Schneider Electric’s ProClima software package. These vulnerabilities were reported to ZDI by security researchers Ariele Caltabiano, Andrea Micalizzi, and Brian Gorenc. Schneider Electric has produced an update version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-350-02,https://www.us-cert.gov/ics/advisories/ICSA-14-350-02,2015-03-17,2018-08-27,Johnson Controls Metasys Vulnerabilities,1,Johnson Controls," This advisory was originally posted to the US-CERT secure Portal library on December 16, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent security researcher Billy Rios has identified two vulnerabilities in Johnson Controls Metasys building management system. Johnson Controls has produced patches for each affected release that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-352-01,https://www.us-cert.gov/ics/advisories/ICSA-14-352-01,2014-12-18,2019-04-10,Honeywell Experion PKS Vulnerabilities,1,Honeywell," Alexander Tlyapov, Gleb Gritsai, Kirill Nesterov, Artem Chaykin and Ilya Karpov of the Positive Technologies Research Team and Security Lab have identified vulnerabilities in Honeywell’s Experion Process Knowledge System (EPKS) application. Honeywell has produced several patch updates (R400.6, R410.6 and 430.6) that resolve these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-14-352-02,https://www.us-cert.gov/ics/advisories/ICSA-14-352-02,2014-12-18,2018-09-05,Innominate mGuard Privilege Escalation Vulnerability,0,Innominate," Innominate Security Technologies has identified a privilege escalation vulnerability affecting all mGuard devices. Innominate has produced a firmware patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-14-353-01-SupplementA,https://www.us-cert.gov/ics/advisories/ICSA-14-353-01-SupplementA,2015-03-05,1900-01-01,Network Time Protocol Vulnerabilities (Supplement Update A),1,Other,
ICSA-14-353-01C,https://www.us-cert.gov/ics/advisories/ICSA-14-353-01C,2015-02-05,2018-08-29,Network Time Protocol Vulnerabilities (Update C),1,Other," This updated advisory is a follow-up to the updated advisory titled ICSA-14-353-01B Network Time Protocol Vulnerabilities that was published February 4, 2015, on the NCCIC/ICS-CERT web site. Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple vulnerabilities with CERT/CC concerning the Network Time Protocol (NTP). As NTP is widely used within operational industrial control systems deployments, ICS-CERT is providing this information for US critical infrastructure asset owners and operators for awareness and to identify mitigations for affected devices. ICS-CERT may release updates as additional information becomes available. These vulnerabilities could be exploited remotely. Products using NTP service prior to ntp-4.2.8p1 are affected. This is an open source protocol."
ICSA-15-006-01,https://www.us-cert.gov/ics/advisories/ICSA-15-006-01,2015-07-16,2018-08-27,Eaton’s Cooper Power Series Form 6 Control and Idea/IdeaPlus Relays with Ethernet Vulnerability,1,Eaton's Cooper Power Systems," This advisory was originally posted to the US-CERT secure Portal library on January 6, 2015, and is now being released to the NCCIC/ICS-CERT web site. Dr. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech National Electric Energy Testing Research and Applications Center (NEETRAC), have identified a predictable TCP sequence vulnerability in Eaton’s Cooper Power Systems Form 6 controls and Idea/IdeaPLUS relays with Ethernet application. Eaton’s Cooper Power Systems has produced a patch to mitigate this vulnerability. These researchers have tested the patch to validate that it resolves the vulnerability.This vulnerability could be exploited remotely."
ICSA-15-008-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-008-01A,2015-01-09,2018-08-29,Emerson HART DTM Vulnerability (Update A),1,Emerson," This updated advisory is a follow-up to the original advisory titled ICSA-15-008-01 Emerson HART DTM Vulnerability that was published January 8, 2015, on the NCCIC/ICS-CERT web site. Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights HART Device Type Manager (DTM) library utilized in Emerson’s HART DTM. CodeWrights has addressed the vulnerability with a new library, which Emerson has begun to integrate. Emerson has tested the new library to validate that it resolves the vulnerability."
ICSA-15-008-02,https://www.us-cert.gov/ics/advisories/ICSA-15-008-02,2015-01-08,2018-08-27,Schneider Electric Wonderware InTouch Access Anywhere Server Buffer Overflow Vulnerability,1,Schneider Electric," Schneider Electric Wonderware has identified a stack-based buffer overflow vulnerability in the Wonderware InTouch Access Anywhere Server product. Schneider Electric has produced a security update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-012-01C,https://www.us-cert.gov/ics/advisories/ICSA-15-012-01C,2015-02-05,2018-08-29,CodeWrights GmbH HART Device DTM Vulnerability (Update C),1,CodeWrights GmbH," This updated advisory is a follow-up to the updated advisory titled ICSA-15-012-01B CodeWrights GmbH HART DTM Vulnerability that was published January 27, 2015, on the NCCIC/ICS-CERT web site. Alexander Bolshev of Digital Security has identified an improper input validation vulnerability in CodeWrights GmbH HART Device Type Manager (DTM) libraries. CodeWrights GmbH produces DTM libraries for vendors of HART Device DTM products. CodeWrights GmbH has updated the libraries that mitigate this vulnerability. Using CodeWrights GmbH’s updated library for HART Device DTM, Emerson has tested the new library to validate that it resolves the vulnerability."
ICSA-15-013-01,https://www.us-cert.gov/ics/advisories/ICSA-15-013-01,2015-01-13,2018-08-29,Siemens SIMATIC WinCC Sm@rtClient iOS Application Authentication Vulnerabilities,1,Siemens," Siemens has identified authentication vulnerabilities in the SIMATIC WinCC Sm@rt Client application. These vulnerabilities were reported directly to Siemens by Kim Schlyter, Seyton Bradford, and Richard Warren from FortConsult (NCC Group). Siemens has produced an update that mitigates these vulnerabilities."
ICSA-15-013-02,https://www.us-cert.gov/ics/advisories/ICSA-15-013-02,2015-01-13,2018-08-29,Clorius Controls A/S ISC SCADA Insecure Java Client Web Authentication,1,Clorius Controls A/S," Independent researcher Aditya Sood has identified an insecure Java client web authentication vulnerability in the Clorius Controls A/S ISC SCADA server. Clorius Controls A/S has produced an update that mitigates this vulnerability. Aditya Sood has tested the update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-013-03,https://www.us-cert.gov/ics/advisories/ICSA-15-013-03,2015-01-13,2019-01-24,Phoenix Contact Software ProConOs and MultiProg Authentication Vulnerability,1,PHOENIX CONTACT," Reid Wightman of Digital Bond has identified an authentication vulnerability in Phoenix Contact Software’s ProConOs and MultiProg applications. KW-Software originally wrote these applications without authentication intentionally. This vulnerability could be exploited remotely."
ICSA-15-013-04A,https://www.us-cert.gov/ics/advisories/ICSA-15-013-04A,2015-01-13,2015-08-04,GE Multilink Switch Vulnerabilities (Update A),1,GE," This updated advisory is a follow-up to the original advisory titled ICSA-15-013-04 GE MultiLink Switch Vulnerabilities that was published January 13, 2015, on the NCCIC/ICS-CERT web site."
ICSA-15-020-01,https://www.us-cert.gov/ics/advisories/ICSA-15-020-01,2015-01-20,2018-08-29,Siemens SCALANCE X-300/X408 Switch Family DOS Vulnerabilities,1,Siemens," Siemens has identified denial-of-service (DoS) vulnerabilities in the SCALANCE X-300/X408 switch family. These vulnerabilities were reported directly to Siemens by Déjà vu Security. Siemens has produced a firmware update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-020-02,https://www.us-cert.gov/ics/advisories/ICSA-15-020-02,2015-01-20,2018-08-29,Schneider Electric ETG3000 FactoryCast HMI Gateway Vulnerabilities,1,Schneider Electric," Narendra Shinde of Qualys Security has identified multiple vulnerabilities in Schneider Electric’s ETG3000 FactoryCast HMI Gateway. Schneider Electric has produced a firmware update that mitigates part of these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-022-01,https://www.us-cert.gov/ics/advisories/ICSA-15-022-01,2015-01-22,2018-08-29,Siemens SIMATIC S7-1200 CPU Web Vulnerability,1,Siemens," Siemens has identified an open redirect vulnerability in the SIMATIC S7-1200 CPU family. This vulnerability was reported directly to Siemens by Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training. Siemens has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-027-01,https://www.us-cert.gov/ics/advisories/ICSA-15-027-01,2015-01-27,2018-08-29,Magnetrol HART DTM Vulnerability,1,Magnetrol," Alexander Bolshev of Digital Security has identified an improper input validation vulnerability in the CodeWrights GmbH HART Device Type Manager (DTM) library extension utilized by some Magnetrol products. CodeWrights GmbH has updated its software library to mitigate this vulnerability. Magnetrol has integrated this update and released its revised library extensions."
ICSA-15-027-02,https://www.us-cert.gov/ics/advisories/ICSA-15-027-02,2015-01-27,2018-08-29,Schneider Electric Multiple Products Buffer Overflow Vulnerability,1,Schneider Electric," NCCIC/ICS-CERT received a report from Ariele Caltabiano (kimiya) with HP’s Zero Day Initiative (ZDI) concerning a buffer overflow vulnerability in Schneider Electric’s SoMove Lite software package. While addressing this vulnerability, Schneider Electric identified multiple vulnerable Schneider Electric products. Schneider Electric has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-029-01,https://www.us-cert.gov/ics/advisories/ICSA-15-029-01,2015-01-29,2018-08-29,Honeywell HART DTM Vulnerability,1,Honeywell," Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager (DTM) library used in Honeywell’s HART DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which Honeywell validated and released for the impacted products."
ICSA-15-034-01,https://www.us-cert.gov/ics/advisories/ICSA-15-034-01,2015-02-03,2018-08-29,Siemens SCALANCE X-200IRT Switch Family User Impersonation Vulnerability,1,Siemens," Siemens has identified a user impersonation vulnerability in its SCALANCE X-200IRT Switch Family. Siemens has produced a firmware update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-034-02,https://www.us-cert.gov/ics/advisories/ICSA-15-034-02,2015-02-03,2018-08-29,Siemens Ruggedcom WIN Vulnerability,1,Siemens," IOActive has coordinated with Siemens regarding multiple vulnerabilities in the Ruggedcom WIN firmware. Siemens has produced firmware updates that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely if there is network access to the affected service."
ICSA-15-036-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-036-01A,2015-03-24,2018-08-27,GE and MACTek HART Device DTM Vulnerability (Update A),1,"GE, MACTek"," This updated advisory is a follow-up to the original advisory titled ICSA-15-036-01 GE and MACTek HART Device DTM Vulnerability that was published February 5, 2015, on the NCCIC/ICS-CERT web site. Alexander Bolshev and Svetlana Cherkasova of Digital Security have identified an improper input vulnerability in the HART Device Type Manager (DTM) library utilized in GE and MACTek’s HART Device DTM. GE has addressed the vulnerability with a new library, which both companies have begun to integrate. GE has tested the new library to validate that it resolves the vulnerability."
ICSA-15-036-02,https://www.us-cert.gov/ics/advisories/ICSA-15-036-02,2015-02-05,2018-10-30,Pepperl+Fuchs Hart Device DTM Vulnerability,0,PEPPERL+FUCHS," Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager (DTM) library utilized in PEPPERL+FUCHS HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which Pepperl+Fuchs has begun to integrate."
ICSA-15-041-01,https://www.us-cert.gov/ics/advisories/ICSA-15-041-01,2015-02-10,2018-08-29,Advantech EKI-1200 Buffer Overflow,1,Advantech," Enrique Nissim and Pablo Lorenzzato from Core Security Engineering Team have identified a buffer overflow vulnerability in Advantech EKI-1200 product line. Advantech has produced a patch that mitigates this vulnerability. CORE Security has tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-041-02,https://www.us-cert.gov/ics/advisories/ICSA-15-041-02,2015-03-10,2018-08-27,GE Hydran M2 Predictable TCP Initial Sequence Vulnerability,0,GE," This advisory was originally posted to the US-CERT secure Portal library on February 10, 2015, and is being released to the NCCIC/ICS-CERT web site. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech National Electric Energy Testing Research and Applications Center, identified a predictable TCP sequence vulnerability in GE Digital Energy’s Hydran M2 device, containing the 17046 Ethernet option. The vulnerability has been eliminated from products released after October 2014. This vulnerability could be exploited remotely."
ICSA-15-048-01,https://www.us-cert.gov/ics/advisories/ICSA-15-048-01,2015-02-17,2018-08-29,Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities,1,Siemens," Aleksandr Timorin from Positive Technologies has identified authentication vulnerabilities in the Siemens SIMATIC STEP 7 TIA Portal application. Siemens has produced a service pack that mitigates these vulnerabilities."
ICSA-15-048-02,https://www.us-cert.gov/ics/advisories/ICSA-15-048-02,2015-02-17,2018-08-29,Siemens SIMATIC WinCC TIA Portal Vulnerabilities,1,Siemens," Gleb Gritsai, Roman Ilin, Aleksandr Tlyapov, and Sergey Gordeychik from Positive Technologies have identified authentication vulnerabilities in the Siemens SIMATIC WinCC TIA Portal application. Siemens has produced a service pack that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-048-03,https://www.us-cert.gov/ics/advisories/ICSA-15-048-03,2015-02-17,2018-08-27,Yokogawa HART Device DTM Vulnerability,1,Yokogawa," Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager (DTM) library utilized in Yokogawa’s HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which both companies have begun to integrate."
ICSA-15-050-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-050-01A,2015-02-19,2018-08-27,Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities (Update A),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-15-050-01 Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities that was published February 19, 2015, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities in its SIMATIC STEP 7 (TIA Portal). Siemens has produced a patch that mitigates these vulnerabilities. These vulnerabilities were initially disclosed to Siemens by the Quarkslab team and Dmitry Sklyarov with PT-Security. One of the vulnerabilities is remotely exploitable."
ICSA-15-055-01,https://www.us-cert.gov/ics/advisories/ICSA-15-055-01,2015-02-24,2018-08-27,Software Toolbox Top Server Resource Exhaustion Vulnerability,1,Software Toolbox," Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a resource exhaustion vulnerability in the Software Toolbox Top Server application. Software Toolbox has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-055-02,https://www.us-cert.gov/ics/advisories/ICSA-15-055-02,2015-02-24,2018-08-29,Kepware Resource Exhaustion Vulnerability,1,Kepware Technologies," Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a resource exhaustion vulnerability in the Kepware Technologies’ DNP Master Driver for the KEPServerEX Communications Platform. Kepware Technologies has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-055-03,https://www.us-cert.gov/ics/advisories/ICSA-15-055-03,2015-02-24,2018-08-29,Schneider Electric Invensys Positioner Buffer Overflow Vulnerability,1,Schneider Electric," Ivan Sanchez from Nullcode Team has identified a buffer overflow security vulnerability in the DTM (Device Type Manager) software for Schneider Electric’s Invensys SRD Control Valve Positioner product line. Schneider Electric has produced a new version that mitigates this vulnerability."
ICSA-15-057-01,https://www.us-cert.gov/ics/advisories/ICSA-15-057-01,2015-02-26,2018-08-29,Network Vision IntraVue Code Injection Vulnerability,1,Network Vision," Researcher Jürgen Bilberger from Daimler TSS GmbH has identified a code injection vulnerability in Network Vision’s IntraVue software. Network Vision has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-062-01,https://www.us-cert.gov/ics/advisories/ICSA-15-062-01,2015-03-03,2018-08-27,MICROSYS PROMOTIC Stack Buffer Overflow,1,MICROSYS," An anonymous researcher working with HP’s Zero Day Initiative has identified a stack-based buffer overflow vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application. MICROSYS, spol. s r.o. has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-062-02,https://www.us-cert.gov/ics/advisories/ICSA-15-062-02,2015-03-19,2018-08-27,Rockwell Automation FactoryTalk DLL Hijacking Vulnerabilities,1,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on March 3, 2015, and is being released to the NCCIC/ICS-CERT web site. Ivan Sanchez of NullCode & Evilcode Team has identified multiple DLL Hijacking vulnerabilities in a software component included with Rockwell Automation’s FactoryTalk View Studio product. Rockwell Automation determined a similar vulnerability also affects the FactoryTalk Services Platform used with other FactoryTalk-branded software. Rockwell Automation has produced a patch that mitigates the vulnerabilities in the affected products."
ICSA-15-064-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-064-01A,2015-04-23,2018-08-27,"Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability (Update A)",1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-15-064-01 Siemens SIMATIC HMI Basic, SINUMERIK, and Ruggedcom APE GHOST Vulnerability that was published March 5, 2015, on the NCCIC/ICS-CERT web site. The “GHOST”a vulnerability in the glibc library affects the Siemens SINUMERIK and SIMATIC HMI Basic applications. Siemens has produced an update for SINUMERIK that mitigates this vulnerability."
ICSA-15-064-02A,https://www.us-cert.gov/ics/advisories/ICSA-15-064-02A,2015-04-23,2018-08-27,"Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths (Update A)",1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-15-064-02 Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths that was published March 5, 2015, on the NCCIC/ICS-CERT web site. Ivan Sanchez from WiseSecurity Team has identified a search path vulnerability in the Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER applications. Siemens has produced updates for each of these products that mitigates this vulnerability."
ICSA-15-064-03,https://www.us-cert.gov/ics/advisories/ICSA-15-064-03,2015-03-05,2018-08-27,Siemens SPC Controller Series Denial-of-Service Vulnerability,1,Siemens," Davide Peruzzi of GoSecure! has identified a denial-of-service (DoS) vulnerability in the Siemens SPC Controllers. Siemens has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-064-04,https://www.us-cert.gov/ics/advisories/ICSA-15-064-04,2015-03-05,2018-08-22,Siemens SIMATIC S7-300 CPU Denial-of-Service Vulnerability,1,Siemens," Johannes Klick, Christian Pfahl, Martin Gebert, and Lucas Jacob from Freie Universität Berlin’s work team SCADACS have identified a Denial-of-Service (DoS) vulnerability in Siemens SIMATIC S7-300 CPUs. Siemens has developed mitigations for this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-064-05,https://www.us-cert.gov/ics/advisories/ICSA-15-064-05,2015-03-05,2018-08-27,Siemens SPCanywhere App Vulnerabilities,1,Siemens," Karsten Sohr, Bernhard Berger, and Kai Hillmann from the TZI-Bremen, Kim Schlyter, Seyton Bradford, and Richard Warren from FortConsult, and Stefan Schuhmann have identified vulnerabilities in the Siemens SPCanywhere mobile application. Siemens has produced a new mobile application called SPC Connect that mitigates this vulnerability. Some of these vulnerabilities could be exploited remotely; others require local access."
ICSA-15-069-01,https://www.us-cert.gov/ics/advisories/ICSA-15-069-01,2015-03-10,2018-08-27,Cimon CmnView DLL Hijacking Vulnerability,1,"CIMON, Inc."," Ivan Sanchez of Wise Security has identified a DLL Hijacking vulnerability in the CIMON CmnView.exe application. CIMON, Inc. has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely with social engineering and requires local user input."
ICSA-15-069-02,https://www.us-cert.gov/ics/advisories/ICSA-15-069-02,2015-03-10,2018-08-27,ABB HART Device DTM Vulnerability,1,ABB," Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager (DTM) library used in ABB’s HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which ABB have begun to integrate."
ICSA-15-069-03,https://www.us-cert.gov/ics/advisories/ICSA-15-069-03,2015-03-10,2018-08-27,SCADA Engine BACnet OPC Server Vulnerabilities,1,SCADA Engine," Independent researcher Josep Pi Rodriguez has identified three vulnerabilities in the SCADA Engine BACnet OPC Server application. SCADA Engine has produced a new software version that mitigates these vulnerabilities. Josep Pi Rodriguez has tested the new software version to validate that it resolves all three vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-069-04A,https://www.us-cert.gov/ics/advisories/ICSA-15-069-04A,2015-03-11,2018-08-27,Elipse E3 Process Control Vulnerability (Update A),1,Elipse," This updated advisory is a follow-up to the original advisory titled ICSA-15-069-04 Elipse E3 Process Control Vulnerability that was published March 10, 2015, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a process control vulnerability in the Elipse E3 application. The process control vulnerability is a result of a third-party DLL, developed by Telerik, which is used in the Elipse E3 application. Elipse has released a new version that mitigates this vulnerability. The researcher has tested Elipse’s new version to validate that it resolves the vulnerability."
ICSA-15-071-01,https://www.us-cert.gov/ics/advisories/ICSA-15-071-01,2015-03-12,2018-08-27,Schneider Electric Pelco DS-NVs Buffer Overflow Vulnerability,1,Schneider Electric," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning a buffer overflow vulnerability in Schneider Electric’s Pelco DS-NVs software package. This vulnerability was reported to ZDI by security researchers Ariele Caltabiano and Andrea Micalizzi. Schneider Electric has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-076-01,https://www.us-cert.gov/ics/advisories/ICSA-15-076-01,2015-03-17,2018-08-27,XZERES 442SR Wind Turbine Vulnerability,1,XZERES," Independent researcher Maxim Rupp has identified a cross-site request forgery (CSRF) vulnerability in XZERES’s 442SR turbine generator operating system (OS). XZERES has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-076-02,https://www.us-cert.gov/ics/advisories/ICSA-15-076-02,2015-03-17,2018-08-27,Honeywell XL Web Controller Directory Traversal Vulnerability,1,Honeywell," Martin Jartelius of Outpost24 has identified a directory traversal vulnerability in Honeywell’s XL Web Controller. Honeywell has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-085-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-085-01A,2015-03-31,2018-08-27,Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A),1,Schneider Electric," This updated advisory is a follow-up to the original advisory titled ICSA-15-085-01 Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities, that was published March 26, 2015, to the NCCIC/ICS-CERT web site. Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies Security Lab and independent researcher Alisa Esage Shevchenko have identified vulnerabilities in the Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014. Schneider Electric has released new patches that mitigate these vulnerabilities. Public exploits that target these vulnerabilities may exist."
ICSA-15-090-01,https://www.us-cert.gov/ics/advisories/ICSA-15-090-01,2015-03-31,2018-08-27,Inductive Automation Ignition Vulnerabilities,1,Inductive Automation," Evgeny Druzhinin, Alexey Osipov, Ilya Karpov, and Gleb Gritsai of Positive Technologies have identified several vulnerabilities in Inductive Automation’s Ignition Software. Inductive Automation has produced a patch that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-090-02,https://www.us-cert.gov/ics/advisories/ICSA-15-090-02,2015-03-31,2018-08-27,Ecava IntegraXor DLL Vulnerabilities,1,Ecava," Security researcher Praveen Darshanam has identified two DLL loading vulnerabilities in Ecava’s IntegraXor SCADA Server. Ecava has produced a patch that mitigates these vulnerabilities. Praveen Darshanam has tested the patch to validate that it resolves the vulnerabilities."
ICSA-15-090-03,https://www.us-cert.gov/ics/advisories/ICSA-15-090-03,2015-03-31,2018-08-23,Hospira MedNet Vulnerabilities,1,Hospira," Independent researcher Billy Rios has identified four vulnerabilities in Hospira’s MedNet server software. Hospira has released a new version of the MedNet software and provided mitigation recommendations that mitigate the reported vulnerabilities. Three of the four vulnerabilities could be exploited remotely."
ICSA-15-092-01,https://www.us-cert.gov/ics/advisories/ICSA-15-092-01,2015-04-02,2018-08-27,Schneider Electric VAMPSET Software Buffer Overflow Vulnerability,1,Schneider Electric," Schneider Electric has notified NCCIS/ICS-CERT of a buffer overflow vulnerability in the Schneider Electric VAMPSET software product. Ricardo Narvaja and Joaquín Rodríguez of Core Security reported this vulnerability directly to Schneider Electric. Schneider Electric has published a security notification,a which tells how to mitigate this vulnerability."
ICSA-15-097-01,https://www.us-cert.gov/ics/advisories/ICSA-15-097-01,2015-04-07,2018-08-27,Moxa VPort ActiveX SDK Plus Stack-Based Buffer Overflow Vulnerability,1,Moxa," HP’s Zero Day Initiative (ZDI) reports that independent researcher Ariele Caltabiano has identified a stack-based buffer overflow vulnerability in the Moxa VPort ActiveX SDK Plus application. Moxa has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-099-01E,https://www.us-cert.gov/ics/advisories/ICSA-15-099-01E,2015-04-23,2018-08-27,Siemens SIMATIC HMI Devices Vulnerabilities (Update E),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-15-099-01D Siemens SIMATIC HMI Devices Vulnerabilities that was published September 10, 2015, on the NCCIC/ICS-CERT web site. Siemens has identified three vulnerabilities in its SIMATIC HMI devices. These vulnerabilities were reported directly to Siemens by the Quarkslab team and Ilya Karpov from Positive Technologies. Siemens has produced updates that mitigate these vulnerabilities in all the affected products. These vulnerabilities could be exploited remotely."
ICSA-15-111-01,https://www.us-cert.gov/ics/advisories/ICSA-15-111-01,2015-05-21,2018-08-27,Emerson AMS Device Manager SQL Injection Vulnerability,1,Emerson," This advisory was originally posted to the US-CERT secure Portal library on April 21, 2015, and is being released to the NCCIC/ICS-CERT web site. Emerson Process Management has identified an SQL injection vulnerability in its AMS Device Manager application. Emerson has produced a patch that mitigates this vulnerability."
ICSA-15-111-02,https://www.us-cert.gov/ics/advisories/ICSA-15-111-02,2015-05-07,2018-08-27,Rockwell Automation RSLinx Classic Vulnerability,1,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on April 21, 2015, and is being released to the NCCIC/ICS-CERT web site. Ivan Sanchez of WiseSecurity Team has identified a stack-based buffer overflow vulnerability in Rockwell Automation’s OPCTest.exe, which is a test client for RSLinx Classic’s support of the OPC-DA protocol. Rockwell Automation has produced a new version that mitigates this vulnerability."
ICSA-15-120-01,https://www.us-cert.gov/ics/advisories/ICSA-15-120-01,2015-04-30,2018-10-18,Opto 22 Multiple Product Vulnerabilities,1,Opto 22," Ivan Sanchez from Nullcode Team has identified two buffer overflow vulnerabilities that are present in Opto 22’s PAC Project Professional, PAC Project Basic, OptoOPCServer, OptoDataLink, PAC Display Basic, and PAC Display Professional products. Opto 22 has released new versions that mitigate these vulnerabilities. Ivan Sanchez has tested the new versions to validate that they resolve the vulnerabilities. One of the two vulnerabilities could be exploited remotely."
ICSA-15-125-01B,https://www.us-cert.gov/ics/advisories/ICSA-15-125-01B,2015-06-10,2018-08-23,Hospira LifeCare PCA Infusion System Vulnerabilities (Update B),1,Hospira," This updated advisory is a follow-up to the updated advisory titled ICSA-15-125-01A Hospira LifeCare PCA Infusion System Vulnerabilities that was published May 13, 2015, on the NCCIC/ICS-CERT web site."
ICSA-15-132-01,https://www.us-cert.gov/ics/advisories/ICSA-15-132-01,2015-05-12,2018-08-27,OSIsoft PI AF Incorrect Default Permissions Vulnerability,1,OSIsoft," OSIsoft has identified and reported to NCCIC/ICS-CERT a default permissions vulnerability in PI AF product. OSIsoft has produced a mitigation plan to remove this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-132-02,https://www.us-cert.gov/ics/advisories/ICSA-15-132-02,2015-05-26,2018-08-27,Rockwell Automation RSView32 Weak Encryption Algorithm on Passwords,1,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on May 12, 2015, and is being released to the NCCIC/ICS-CERT web site. Rockwell Automation has produced a patch to mitigate a password encryption vulnerability in RSView32. Information Security Analysts Vladimir Dashchenko and Dmitry Dementjev of the Ural Security System Center (USSC) reported this vulnerability directly to Rockwell Automation."
ICSA-15-141-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-141-01A,2015-05-21,2015-07-14,Schneider Electric OFS Server Vulnerability (Update A),1,Schneider Electric,
ICSA-15-146-01,https://www.us-cert.gov/ics/advisories/ICSA-15-146-01,2015-09-29,2018-08-27,Mitsubishi Electric MELSEC FX-Series Controllers Denial of Service,1,Mitsubishi Electric Automation," This advisory was originally posted to the US-CERT secure Portal library on May 26, 2015, and is being released to the NCCIC/ICS-CERT web site. Ralf Spenneberg of OpenSource Security has identified a denial of service (DoS) vulnerability in the Mitsubishi Electric Automation, Inc., (Mitsubishi Electric) MELSEC FX-series controllers. Mitsubishi Electric has produced a new version that is not vulnerable to this issue. This vulnerability could be exploited remotely."
ICSA-15-148-01,https://www.us-cert.gov/ics/advisories/ICSA-15-148-01,2015-05-28,2018-08-27,IDS RTU 850 Directory Traversal Vulnerability,1,IDS," Independent researchers Benjamin Kahler and Sebastian Kraemer of HSASec have identified a directory traversal vulnerability in IDS RTU 850C. IDS has produced a new module that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-153-01,https://www.us-cert.gov/ics/advisories/ICSA-15-153-01,2015-06-02,2018-08-27,Beckwith Electric TCP Initial Sequence Vulnerability,1,Beckwith Electric," Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech National Electric Energy Testing Research and Applications Center, have identified a TCP initial sequence numbers vulnerability in two of Beckwith Electric’s digital voltage regulator controllers. In response to the reported vulnerability, Beckwith Electric assessed its other products for this vulnerability and identified four similarly affected devices. Beckwith Electric has released firmware upgrades that mitigate this vulnerability in five of the six affected products. Beckwith Electric is offering a specific mitigation for the sixth affected product. The researcher has tested the upgrades for the M-6200 and the M-6200A devices and has validated that they resolve the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-153-02,https://www.us-cert.gov/ics/advisories/ICSA-15-153-02,2015-06-02,2018-08-27,Moxa SoftCMS Buffer Overflow Vulnerability,1,Moxa," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning a buffer overflow vulnerability in Moxa’s SoftCMS software package. This vulnerability was reported to ZDI by security researcher Ariele Caltabiano. Moxa has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-155-01,https://www.us-cert.gov/ics/advisories/ICSA-15-155-01,2015-06-04,2018-08-27,XZERES 442SR Wind Turbine CSRF Vulnerability,1,XZERES," Independent researcher Maxim Rupp has identified a cross-site request forgery (CSRF) vulnerability in XZERES’s 442SR turbine generator operating system (OS). XZERES has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-160-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-160-01,2015-06-09,2018-08-27,N-Tron 702W Hard-Coded SSH and HTTPS Encryption Keys (Update A),1,N-Tron," This updated advisory is a follow-up to the original advisory titled ICSA-15-160-01 N-Tron 702W Hard-Coded SSH and HTTPS Encryption Keys that was published June 9, 2015, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified hard-coded SSH and HTTPS encryption keys in N-Tron’s 702-W Industrial Wireless Access Point device. This vulnerability could allow an attacker to compromise communications and compromise the integrity of the device."
ICSA-15-160-02,https://www.us-cert.gov/ics/advisories/ICSA-15-160-02,2015-06-09,2018-08-27,Sinapsi eSolar Light Plaintext Passwords Vulnerability,1,Sinapsi," Independent researcher Maxim Rupp has identified plain text passwords in Sinapsi’s eSolar Light application. Sinapsi has produced a new version to mitigate this vulnerability."
ICSA-15-161-01,https://www.us-cert.gov/ics/advisories/ICSA-15-161-01,2015-06-10,2018-08-23,Hospira Plum A+ and Symbiq Infusion Systems Vulnerabilities,1,Hospira," Independent researcher Billy Rios has identified vulnerabilities in Hospira’s Plum A+ Infusion System that are similar to vulnerabilities identified in Hospira’s LifeCare PCA Infusion System discussed in advisory, ICSA-15-125-01B Hospira LifeCare PCA Infusion System Vulnerabilities. Hospira identified vulnerabilities in the Symbiq Infusion System. Kyle Kamke of Ramparts, LLC has identified an uncontrolled resource consumption vulnerability in Hospira’s Symbiq Infusion System. NCCIC/ICS-CERT is reporting on these vulnerabilities to notify healthcare providers of a coordinated disclosure of vulnerability information and to provide additional defensive measures to help mitigate risks associated with these vulnerabilities. Hospira is releasing the Plum 360 Infusion System, a new version of Plum A+. These vulnerabilities could be exploited remotely. Exploits that target some of these vulnerabilities are known to be publicly available."
ICSA-15-162-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-162-01A,2015-06-11,2018-08-27,RLE Nova-Wind Turbine HMI Unsecure Credentials Vulnerability (Update A),1,RLE Nova-Wind," This updated advisory is a follow-up to the original advisory titled ICSA-15-162-01 RLE Nova-Wind Turbine HMI Unsecure Credentials Vulnerability that was published June 11, 2015, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified an unsecure credential vulnerability in the RLE International GmbH Nova-Wind Turbine HMI. RLE has been unresponsive in validating or addressing the alleged vulnerability. ICS-CERT is releasing this advisory to warn and protect critical asset owners of this serious issue. This vulnerability could be exploited remotely."
ICSA-15-167-01,https://www.us-cert.gov/ics/advisories/ICSA-15-167-01,2015-06-16,2018-08-27,GarrettCom Magnum Series Devices Vulnerabilities,1,GarrettCom," Ashish Kamble of Qualys Security and Eireann Leverett have identified authentication, denial of service, and cross-site scripting vulnerabilities in GarrettCom’s Magnum 6k and Magnum 10k product lines. GarrettCom has produced new firmware versions to mitigate these vulnerabilities. Ashish Kamble has tested the newest version to validate that it resolves the vulnerabilities he reported. These vulnerabilities could be exploited remotely."
ICSA-15-169-01B,https://www.us-cert.gov/ics/advisories/ICSA-15-169-01,2015-06-18,2016-02-04,Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B),1,Wind River," This updated advisory is a follow-up to the updated advisory titled ICSA-15-169-01A Wind River VxWorks TCP Predictability Vulnerability in ICS Devices that was published November 5, 2015, on the NCCIC/ICS-CERT web site. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech National Electric Energy Testing Research and Applications Center, have identified a TCP predictability vulnerability that exists in Wind River’s VxWorks embedded software. Wind River has produced patches for several versions of VxWorks that mitigates this vulnerability. The researchers have verified that Schneider Electric’s SAGE RTU patch, which uses Wind River’s VxWorks Version 6.9.4.4, resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-169-02,https://www.us-cert.gov/ics/advisories/ICSA-15-169-02,2015-06-18,1900-01-01,Schneider Electric Wonderware System Platform Vulnerabilities,1,Schneider Electric," Ivan Sanchez of WiseSecurity Team has identified a fixed search path vulnerability in Schneider Electric’s Wonderware InTouch, Application Server, Historian, and SuiteLink applications, which are part of the Wonderware System Platform suite. Schneider Electric has produced a patch that mitigates this vulnerability. Ivan Sanchez has tested the patch to validate that it resolves the vulnerability."
ICSA-15-174-01,https://www.us-cert.gov/ics/advisories/ICSA-15-174-01,2015-07-21,2018-08-27,Hospira Symbiq Infusion System Vulnerability,1,Hospira," This advisory was originally posted to the US-CERT secure Portal library on June 23, 2015, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Billy Rios identified a vulnerability in Hospira’s Symbiq Infusion System, which can be exploited to remotely control the device, in conjunction with previously identified vulnerabilities.a Kyle Kamke of Ramparts LLC assisted in the development of the proof-of-exploit. Hospira has verified that this vulnerability only exists in the Symbiq Infusion System. Hospira has provided compensating measures to help mitigate risks associated with this vulnerability. As previously announced by Hospira in 2013, the Symbiq Infusion System would be retired on May 31, 2015, and will be fully removed from the market by December 2015. This vulnerability could be exploited remotely."
ICSA-15-176-01,https://www.us-cert.gov/ics/advisories/ICSA-15-176-01,2015-06-25,2018-08-27,Siemens Climatix BACnet/IP Communication Module Cross-site Scripting Vulnerability,1,Siemens," Siemens has identified a cross-site scripting (XSS) vulnerability in its Climatix BACnet/IP communication module. This vulnerability was reported directly to Siemens by Juan Francisco Bolivar Hernandez. Siemens has produced a new firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-176-02,https://www.us-cert.gov/ics/advisories/ICSA-15-176-02,2015-06-25,2018-08-27,PACTware Exceptional Conditions Vulnerability,0,PACTware Consortium," Ivan Sanchez from Nullcode Team has identified a handling of exceptional conditions vulnerability in PACTware Consortium’s PACTware application. PACTware Consortium has produced a new service pack that mitigates this vulnerability. Ivan Sanchez has tested the new version to validate that it resolves the vulnerability."
ICSA-15-181-01,https://www.us-cert.gov/ics/advisories/ICSA-15-181-01,2015-09-29,1900-01-01,Baxter SIGMA Spectrum Infusion System Vulnerabilities,1,Baxter," This advisory was originally posted to the US-CERT secure Portal library on June 30, 2015, and is being released to the NCCIC/ICS-CERT web site. Researcher Jared Bird with Allina IS Security identified four vulnerabilities in Baxter’s SIGMA Spectrum Infusion System. Baxter has released a new version of the SIGMA Spectrum Infusion System, Version 8 that incorporates hardware and software changes, which do not contain three of the four identified vulnerabilities. Three of the four vulnerabilities are remotely exploitable."
ICSA-15-181-02A,https://www.us-cert.gov/ics/advisories/ICSA-15-181-02A,2015-09-03,2018-08-27,SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability (Update A),1,SMA Solar Technology AG," This updated advisory is a follow-up to the advisory titled ICSA-15-181-02 SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability that was published September 3, 2015, on the NCCIC/ICS-CERT web site. Aleksandr Timorin of PT Security has identified a hard-coded account vulnerability in SMA Solar Technology AG’s Sunny WebBox product. SMA is planning to discontinue the sale of this product, and there is no plan to fix old versions. They have reached out to WebBox users with compensating security recommendations. This vulnerability could be exploited remotely."
ICSA-15-195-01,https://www.us-cert.gov/ics/advisories/ICSA-15-195-01,2015-07-14,2018-08-27,Siemens SICAM MIC Authentication Bypass Vulnerability,1,Siemens," Siemens has identified an authentication bypass vulnerability in its SICAM MIC telecontrol device. This vulnerability was reported directly to Siemens by Philippe Oechslin from Objectif Sécurité. Siemens has produced a new firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-202-01,https://www.us-cert.gov/ics/advisories/ICSA-15-202-01,2015-07-21,2018-08-27,Siemens SIPROTEC Denial-of-Service Vulnerability,1,Siemens," Siemens has identified a denial-of-service vulnerability in the SIPROTEC 4 and SIPROTEC Compact devices. This vulnerability was reported directly to Siemens by Victor Nikitin from i-Grids LLC Russia. Siemens has produced a new firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-202-02,https://www.us-cert.gov/ics/advisories/ICSA-15-202-02,2015-07-21,2018-08-27,Siemens Sm@rtClient Password Storage Vulnerability,1,Siemens," Siemens has identified a password storage vulnerability in its Sm@rtClient Android application. This vulnerability was reported directly to Siemens by Karsten Sohr from Universität Bremen and Stephan Huber from Fraunhofer SIT. Siemens has produced a new version to mitigate this vulnerability. This vulnerability can only be exploited locally."
ICSA-15-202-03B,https://www.us-cert.gov/ics/advisories/ICSA-15-202-03B,2015-07-21,2018-08-27,Siemens RUGGEDCOM ROS and ROX-based Devices TLS POODLE Vulnerability (Update B),1,Siemens," This updated advisory is a follow-up to the advisory titled ICSA-15-202-03A Siemens RUGGEDCOM ROS and ROX Based Devices TLS POODLE Vulnerability that was published July 25, 2015, on the NCCIC/ICS-CERT web site. Siemens has reported to ICS-CERT that a Transport Layer Security (TLS) Padding Oracle On Downgraded Legacy Encryption (POODLE) vulnerability exists in the web interface of Siemens RUGGEDCOM ROS and ROX-based devices. Siemens has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-211-01,https://www.us-cert.gov/ics/advisories/ICSA-15-211-01,2015-07-30,2018-08-27,Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Password Storage Vulnerability,1,Schneider Electric," Gleb Gritsai, Alisa Esage Shevchenko, Ilya Karpov, and the team from Positive Technologies Security have found sensitive information stored in clear text in the Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 products. Schneider Electric has released new patches to mitigate this vulnerability."
ICSA-15-223-01,https://www.us-cert.gov/ics/advisories/ICSA-15-223-01,2015-08-11,2018-08-27,Schneider Electric IMT25 DTM Vulnerability,1,Schneider Electric," Alexander Bolshev, Gleb Cherbov, and Svetlana Cherkasova of Digital Security have identified a memory corruption vulnerability in Schneider Electric IMT25 DTM component. Schneider Electric has produced a patch that mitigates this vulnerability. Digital Security has tested this patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-225-01,https://www.us-cert.gov/ics/advisories/ICSA-15-225-01,2015-08-13,1900-01-01,OSIsoft PI Data Archive Server Vulnerabilities,1,OSIsoft," OSIsoft has identified 56 vulnerabilities in its own PI System software. OSIsoft has produced a new version of Data Archive (Version 3.4.395.64) to mitigate these issues. Some of these vulnerabilities could be exploited remotely."
ICSA-15-232-01,https://www.us-cert.gov/ics/advisories/ICSA-15-232-01,2015-09-22,2018-08-27,Everest Software PeakHMI Pointer Dereference Vulnerabilities,1,Everest Software LLC," This advisory was originally posted to the US-CERT secure Portal library on August 20, 2015, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Josep Pi Rodriguez has identified two-pointer dereference vulnerabilities in the Everest Software LLC PeakHMI application. Everest Software LLC has produced a new version to mitigate these vulnerabilities. Josep Pi Rodriguez has tested the new version to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-237-01,https://www.us-cert.gov/ics/advisories/ICSA-15-237-01,2015-08-25,2018-08-27,Endress+Hauser HART Device DTM Vulnerability,1,Endress+Hauser," Alexander Bolshev and Svetlana Cherkasova of Digital Security have identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager (DTM) library used in Endress+Hauser HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which Endress+Hauser has begun to integrate."
ICSA-15-237-02,https://www.us-cert.gov/ics/advisories/ICSA-15-237-02,2015-09-24,2018-08-27,EasyIO-30P-SF Hard-Coded Credential Vulnerability,1,EasyIO," This advisory was originally posted to the US-CERT secure Portal library on August 25, 2015, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified a hard-coded credential vulnerability in the EasyIO-30P-SF controller. EasyIO has produced a patch to mitigate this vulnerability. Maxim Rupp has tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-237-02-Supplement,https://www.us-cert.gov/ics/advisories/ICSA-15-237-02-Supplement,2015-09-24,1900-01-01,Supplement to ICSA-15-237-02 EasyIO-30P-SF Hard-Coded Credential Vulnerability,1,Other," This advisory supplement was originally posted to the US-CERT secure Portal library on August 25, 2015, and is being released to the NCCIC/ICS-CERT web site. This advisory supplement is to accompany the ICS-CERT advisory titled ICSA-15-237-02 EasyIO-30PF-SF Hard-Coded Credential Vulnerability that was published September 24, 2015, on the ICS-CERT web site.a Please refer to this advisory for all the details of the vulnerability. This advisory supplement documents which products are affected by this vulnerability and suggests how users of these products may mitigate the effects of this vulnerability. This document will be updated as needed."
ICSA-15-239-01,https://www.us-cert.gov/ics/advisories/ICSA-15-239-01,2015-08-27,2018-08-27,Moxa SoftCMS Buffer Overflow Vulnerabilities,1,Moxa," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning buffer overflow vulnerabilities in Moxa’s SoftCMS software package. These vulnerabilities were reported to ZDI by security researcher Carsten Eiram of Risk Based Security, who identified seven vulnerabilities, and Fritz Sands, who discovered two vulnerabilities. Moxa has released a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-239-02,https://www.us-cert.gov/ics/advisories/ICSA-15-239-02,2015-08-27,2018-08-27,Siemens SIMATIC S7-1200 CSRF Vulnerability,1,Siemens," Siemens has identified an CSRF (Cross-Site Request Forgery) vulnerability in the SIMATIC S7-1200 CPUs. This vulnerability was reported directly to Siemens by Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training. Siemens has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-239-03,https://www.us-cert.gov/ics/advisories/ICSA-15-239-03,2015-08-27,1900-01-01,Innominate mGuard VPN Vulnerability,0,Innominate," Innominate mGuard has self identified a denial-of-service (DoS) vulnerability in the Innominate mGuard device. Inominate has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-244-01,https://www.us-cert.gov/ics/advisories/ICSA-15-244-01,2015-09-01,2018-08-27,Siemens RUGGEDCOM ROS IP Forwarding Vulnerability,1,Siemens," Stephen Craven of the Tennessee Valley Authority (TVA) has identified an IP forwarding vulnerability in older versions of Siemens RUGGEDCOM ROS. Siemens recommends updating to the latest version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-246-01,https://www.us-cert.gov/ics/advisories/ICSA-15-246-01,2015-09-03,2018-08-27,Cogent DataHub Code Injection Vulnerability,1,Cogent Real-Time Systems Inc," NCCIC/ICS-CERT has become aware of a code injection vulnerability affecting the Cogent DataHub application produced by Cogent Real-Time Systems, Inc. An anonymous security researcher reported this vulnerability to HP’s Zero Day Initiative (ZDI). A patch to mitigate this issue was released on September 2, 2015. This vulnerability could be exploited remotely."
ICSA-15-246-02,https://www.us-cert.gov/ics/advisories/ICSA-15-246-02,2015-09-03,2018-08-27,Schneider Electric Modicon PLC Vulnerabilities,1,Schneider Electric," This advisory is a follow-up to the alert titled ICS-ALERT-15-224-02 Schneider Electric Modicon M340 PLC Station P34 Module Vulnerabilitiesa that was published August 12, 2015, to the NCCIC/ICS-CERT web site. Independent researcher Aditya K. Sood reported these vulnerabilities to ICS-CERT 2 weeks before his public presentation of these vulnerabilities at DEF CON on August 08, 2015. Schneider Electric was already working on resolving these vulnerabilities, because they had been reported earlier by independent researcher Juan Francisco Bolivar. Schneider Electric has released a firmware patch to mitigate these vulnerabilities. Exploits that target these vulnerabilities are publicly available."
ICSA-15-246-03,https://www.us-cert.gov/ics/advisories/ICSA-15-246-03,2015-09-03,2018-08-27,Moxa Industrial Managed Switch Vulnerabilities,1,Moxa," Erwin Paternotte of Applied Riska has identified vulnerabilities in the Moxa EDS-405A/EDS-408A series managed Ethernet switches. Moxa has produced a firmware update to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-251-01A,https://www.us-cert.gov/ics/advisories/ICSA-15-251-01A,2015-09-08,2018-08-27,Advantech WebAccess Buffer Overflow Vulnerability (Update A),1,Advantech," This updated advisory is a follow-up to the original advisory titled ICSA-15-251-01 Advantech WebAccess Buffer Overflow Vulnerability that was published September 8, 2015, on the NCCIC/ICS-CERT web site. Security researcher Praveen Darshanam reported a stack-based overflow vulnerability in Advantech’s WebAccess application."
ICSA-15-253-01,https://www.us-cert.gov/ics/advisories/ICSA-15-253-01,2015-09-10,1900-01-01,Yokogawa Multiple Products Buffer Overflow Vulnerabilities,1,Yokogawa," Yokogawa Electric Corporation has notified NCCIC/ICS-CERT of stack-based buffer overflow vulnerabilities in multiple Yokogawa products. Yokogawa has released product revisions that mitigate the vulnerabilities for many of the vulnerable products. These vulnerabilities could be exploited remotely."
ICSA-15-258-01,https://www.us-cert.gov/ics/advisories/ICSA-15-258-01,2015-09-15,2018-08-27,Schneider Electric StruxureWare Building Expert Plaintext Credentials Vulnerability,1,Schneider Electric," Independent researcher Artyom Kurbatov has identified a cleartext transmission vulnerability in Schneider Electric’s StruxureWare Building Expert product. Schneider Electric has produced a new firmware version that mitigates this vulnerability. Artyom Kurbatov has tested the new firmware version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-258-02,https://www.us-cert.gov/ics/advisories/ICSA-15-258-02,2015-09-15,2018-08-27,3S CODESYS Gateway Server Buffer Overflow Vulnerability,1,3S-Smart Software Solutions," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning a heap-based buffer overflow vulnerability in 3S-Smart Software Solutions GmbH’s CODESYS Gateway Server. This vulnerability was reported to ZDI by security researcher Josep Pi Rodriguez. 3S-Smart Software Solutions GmbH has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-258-03,https://www.us-cert.gov/ics/advisories/ICSA-15-258-03,2015-09-15,2018-08-27,GE MDS PulseNET Vulnerabilities,0,GE," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning two vulnerabilities in GE’s MDS PulseNET and MDS PulseNET Enterprise Network Management Software. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi. GE has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-258-04,https://www.us-cert.gov/ics/advisories/ICSA-15-258-04,2015-09-15,2018-08-27,Advantech WebAccess Stack-Based Buffer Overflow Vulnerability,1,Advantech," Ivan Sanchez from Nullcode Team has identified a stack-based buffer overflow vulnerability in Advantech’s WebAccess application. Advantech has produced a new version to mitigate this vulnerability. Ivan Sanchez has tested the new version to validate that it resolves the vulnerability."
ICSA-15-260-01,https://www.us-cert.gov/ics/advisories/ICSA-15-260-01,2015-09-17,2018-08-27,Harman-Kardon Uconnect Vulnerability,1,"Harman-Kardon, Fiat-Chrysler Automobile US LLC"," This advisory is a follow-up to the ICS-ALERT titled ICS-ALERT-15-203-01 FCA Uconnect Vulnerabilitya that was published July 22, 2015, on the NCCIC/ICS-CERT web site. Chris Valasek of IOActive and Dr. Charlie Miller of Twitter discovered an unauthorized remote access to Fiat-Chrysler Automobile US (FCA US) LLC Uconnect telematics infotainment system manufactured by Harman-Kardon. They had been coordinating with FCA US LLC for nearly 9 months before releasing information about this remote exploit publicly. FCA US LLC released a security notice and a firmware patch to owners of vehicles with the Uconnect feature on July 16, 2015. Subsequently, FCA US LLC launched two recall campaigns on July 23, 2015, and on September 5 where owners of vehicles were mailed USB sticks containing the updated software. The details of the exploit were released several weeks later at BlackHat 2015 and DefCon23 conventions held in early August in Las Vegas, Nevada. Chris Valasek and Dr. Charlie Miller confirmed a missing authorization vulnerability in FCA Uconnect RA3/RA4 radio manufactured by Harman-Kardon. FCA US LLC has produced a patch that mitigates this vulnerability and worked with Sprint, the network provider to disable access to the vulnerable port. Prior to the Blackhat conference, the researchers have tested the patch to confirm that it mitigates the vulnerability."
ICSA-15-265-01,https://www.us-cert.gov/ics/advisories/ICSA-15-265-01,2015-09-22,2018-08-27,Resource Data Management Privilege Escalation Vulnerability,1,Resource Data Management," Independent researcher Maxim Rupp has identified two vulnerabilities in Resource Data Management’s Data Manager application. Resource Data Management has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-265-02,https://www.us-cert.gov/ics/advisories/ICSA-15-265-02,2015-09-22,2018-08-27,IBC Solar ServeMaster Source Code Vulnerability,1,IBC Solar," Independent researcher Maxim Rupp has identified three vulnerabilities in IBC Solar products. The vulnerabilities are disclosure of applications source code, plain text passwords, and cross site scripting. IBC Solar has not produced a patch to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-265-03,https://www.us-cert.gov/ics/advisories/ICSA-15-265-03,2015-10-22,2018-08-27,Janitza UMG Power Quality Measuring Products Vulnerabilities,1,Janitza," This advisory was originally posted to the US-CERT secure Portal library on September 22, 2015, and is being released to the NCCIC/ICS-CERT web site. Mattijs van Ommeren of Applied Risk has identified several vulnerabilities in the Janitza UMG power quality measuring products. Janitza has produced new firmware and new documentation to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-267-01,https://www.us-cert.gov/ics/advisories/ICSA-15-267-01,2015-09-24,2018-08-27,Endress+Hauser Fieldcare/CodeWrights HART Comm DTM XML Injection Vulnerability,1,"Endress+Hauser, CodeWrights GmbH"," Alexander Bolshev of Digital Security has identified a vulnerability within Endress+Hauser HART DTM software libraries. The vulnerability is in handling of the HART longtag response field in Endress+Hauser’s Fieldcare and CodeWrights HART Comm DTM. Endress+Hauser Process Solutions AG and CodeWrights have produced new versions of the software that in combination mitigates the vulnerability. Alexander Bolshev has tested the updated versions to validate that it resolves the vulnerability. This vulnerability could be exploited from an adjacent network receiving HART DTM packets."
ICSA-15-272-01,https://www.us-cert.gov/ics/advisories/ICSA-15-272-01,2015-09-29,2018-08-27,Honeywell Experion PKS Directory Traversal Vulnerability,1,Honeywell," Independent researcher Joel Langill identified a directory traversal vulnerability in Honeywell’s Experion PKS application. This vulnerability exists in all unsupported phased out versions of the application that is still in use by some customers. Honeywell has recommended users of the vulnerable versions upgrade to supported versions of the software, which have patches available. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-15-274-01,https://www.us-cert.gov/ics/advisories/ICSA-15-274-01,2015-10-01,2019-01-31,Omron Multiple Product Vulnerabilities,1,Omron," Air Force Institute of Technology researcher Stephen Dunlap has identified vulnerabilities in Omron Corporation’s CX-Programmer software, CJ2M series programmable logic controller (PLC), and CJ2H series PLC. Omron Corporation has produced new versions that mitigate these vulnerabilities. One of the three vulnerabilities could be exploited remotely."
ICSA-15-274-02A,https://www.us-cert.gov/ics/advisories/ICSA-15-274-02A,2015-11-12,2018-08-23,Unitronics VisiLogic OPLC IDE Vulnerabilities (Update A),1,Unitronics," This updated advisory is a follow-up to the original advisory titled ICSA-15-274-02 Unitronics VisiLogic OPLC IDE Vulnerabilities that was published November 12, 2015, on the NCCIC/ICS-CERT web site. HP’s Zero Day Initiative (ZDI) reported to ICS-CERT that Steven Seeley of Source Incite, Fritz Sands of ZDI, and Andrea Micalizzi discovered vulnerabilities in Unitronics VisiLogic OPLC IDE. Unitronics has produced an updated package to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-286-01,https://www.us-cert.gov/ics/advisories/ICSA-15-286-01,2015-10-13,2018-08-27,Nordex NC2 XSS Vulnerability,1,Nordex," Independent researcher Karn Ganeshen has identified a cross-site scripting vulnerability in Nordex’s NC2 Wind Farm Portal application. Nordex has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-288-01,https://www.us-cert.gov/ics/advisories/ICSA-15-288-01,2015-10-15,2018-08-27,3S CODESYS Runtime Toolkit Null Pointer Dereference Vulnerability,1,3S-Smart Software Solutions," Nicholas Miles of Tenable Network Security has identified a NULL pointer dereference vulnerability in 3S-Smart Software Solutions GmbH’s CODESYS Runtime Toolkit. 3S has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-293-01,https://www.us-cert.gov/ics/advisories/ICSA-15-293-01,2015-10-20,2018-08-27,IniNet Solutions embeddedWebServer Cleartext Storage Vulnerability,1,IniNet Solutions GmbH," Aleksandr Timorin of Positive Technologies has identified a cleartext storage of sensitive information vulnerability in IniNet Solutions GmbH’s embeddedWebServer (eWebServer). IniNet Solutions GmbH has produced a new version that mitigates this vulnerability."
ICSA-15-293-02,https://www.us-cert.gov/ics/advisories/ICSA-15-293-02,2015-10-20,2018-08-27,IniNet Solutions SCADA Web Server Vulnerabilities,1,IniNet Solutions GmbH," Kirill Nesterov and Aleksandr Timorin of Positive Technologies have identified three vulnerabilities in IniNet Solutions GmbH’s SCADA Web Server. IniNet Solutions GmbH has produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-293-03,https://www.us-cert.gov/ics/advisories/ICSA-15-293-03,2015-10-20,2018-08-27,3S CODESYS Gateway Null Pointer Exception Vulnerability,1,3S-Smart Software Solutions," Ashish Kamble of Qualys, Inc has identified a null pointer exception vulnerability in 3S-Smart Software Solutions GmbH’s CODESYS Gateway Server. 3S-Smart Software Solutions GmbH has produced a new version to mitigate this vulnerability. Ashish Kamble has tested the new version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-295-01,https://www.us-cert.gov/ics/advisories/ICSA-15-295-01,2015-11-24,2018-08-27,Eaton's Cooper Devices Improper Ethernet Frame Padding Vulnerability,1,Eaton's Cooper Power Systems," This advisory was originally posted to the US-CERT secure Portal library on October 22, 2015, and is being released to the ICS-CERT web site. David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers (IEEE) conformance issue involving improper frame padding in an earlier version of Eaton’s Cooper Power Systems Form 6 controls and Idea/IdeaPLUS relays equipped with Ethernet. Eaton’s Cooper Power Systems has already released a revision that eliminates this vulnerability (see ICSA-15-006-01 Eaton’s Cooper Power Series Form 6 Control and Idea/IdeaPlus Relays with Ethernet Vulnerabilitya). This advisory serves as a notification of a new vulnerability in the previous software version. The researchers have tested the revision to validate that it resolves the reported vulnerability."
ICSA-15-300-01,https://www.us-cert.gov/ics/advisories/ICSA-15-300-01,2015-10-27,2018-08-27,Siemens RuggedCom Improper Ethernet Frame Padding Vulnerability,1,Siemens," David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers (IEEE) conformance issue involving improper frame padding in Siemens RuggedCom ROS-based devices. Siemens has already released a revision that eliminates this vulnerability. This advisory serves as a notification of a new vulnerability in the previous software version. The researchers have tested the revision to validate that it resolves the reported vulnerability."
ICSA-15-300-02A,https://www.us-cert.gov/ics/advisories/ICSA-15-300-02A,2015-10-27,2018-08-27,Infinite Automation Systems Mango Automation Vulnerabilities (Update A),1,Infinite Automation Systems," This updated advisory is a follow-up to the original advisory titled ISCA-15-300-02 Infinite Automation Systems Mango Automation Vulnerabilities that was published October 27, 2015, on the NCCIC/ICS-CERT web site. Steven Seeley of Source Incite and Gjoko Krstic of Zero Science Lab have independently identified vulnerabilities in the Infinite Automation Systems Mango Automation application."
ICSA-15-300-03A,https://www.us-cert.gov/ics/advisories/ICSA-15-300-03A,2015-10-27,2018-08-27,Rockwell Automation Micrologix 1100 and 1400 PLC Systems Vulnerabilities (Update A),1,Rockwell Automation," This updated advisory is a follow-up to the original advisory titled ICSA-15-300-03 Rockwell Automation MicroLogix 1100 and 1400 PLC Systems Vulnerabilities that was published October 27, 2015, on the NCCIC/ICS-CERT web site. Ilya Karpov of Positive Technologies, David Atch of CyberX, and independent researcher Aditya Sood independently identified vulnerabilities in Rockwell Automation’s Allen-Bradley MicroLogix 1100 and 1400 programmable logic controller (PLC) systems."
ICSA-15-309-01,https://www.us-cert.gov/ics/advisories/ICSA-15-309-01,2015-11-05,2018-08-27,Advantech EKI Hard-coded SSH Keys Vulnerability,1,Advantech," Independent researcher Neil Smith has identified a hard-coded SSH key vulnerability in Advantech’s EKI-122X series products. Advantech has produced new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-309-02,https://www.us-cert.gov/ics/advisories/ICSA-15-309-02,2015-12-03,2018-08-27,Honeywell Midas Gas Detector Vulnerabilities,1,Honeywell," This advisory was originally posted to the US-CERT secure Portal library on November 5, 2015, and is being released to the ICS-CERT web site. Independent researcher Maxim Rupp has identified two vulnerabilities in Honeywell’s Midas gas detector. Honeywell has produced firmware versions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-321-01,https://www.us-cert.gov/ics/advisories/ICSA-15-321-01,2015-11-17,2018-08-27,Exemys Web Server Bypass Vulnerability,1,Exemys," Independent researcher Maxim Rupp has identified a login bypass in the Exemys Telemetry Web Server. Exemys has not produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-323-01,https://www.us-cert.gov/ics/advisories/ICSA-15-323-01,2015-11-19,2018-08-27,Tibbo AggreGate Platform Vulnerabilities,0,Tibbo," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning two vulnerabilities in Tibbo’s AggreGate SCADA/HMI package, which is part of the AggreGate Platform. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi (rgod). Tibbo has produced a new version to mitigate these vulnerabilities. One of the vulnerabilities could be exploited remotely."
ICSA-15-328-01,https://www.us-cert.gov/ics/advisories/ICSA-15-328-01,2015-11-24,2018-08-27,Moxa OnCell Central Manager Vulnerabilities,0,Moxa," NCCIC/ICS-CERT received a report from HP’s Zero Day Initiative (ZDI) concerning hardcoded credentials and authentication bypass vulnerabilities in Moxa’s OnCell Central Manager Software. These vulnerabilities were reported to ZDI by security researcher Andrea Micalizzi. Moxa has released a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-335-01,https://www.us-cert.gov/ics/advisories/ICSA-15-335-01,2015-12-01,2018-08-27,Saia Burgess Controls PCD Controller Hard-coded Password Vulnerability,1,Saia Burgess Controls," Independent researcher Artyom Kurbatov has identified a hard-coded password vulnerability in Saia Burgess Controls’s family of PCD controllers. Saia Burgess Controls has produced a new firmware version to mitigate this vulnerability. Artyom Kurbatov has tested the new firmware version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-15-335-02,https://www.us-cert.gov/ics/advisories/ICSA-15-335-02,2015-12-01,2018-08-27,Schneider Electric ProClima ActiveX Control Vulnerabilities,1,Schneider Electric," Ariele Caltabiano, working with HP’s Zero Day Initiative, has identified 11 remote code execution vulnerabilities in Schneider Electric’s ProClima F1 Bookview ActiveX control application. Schneider Electric has produced an update to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-335-03B,https://www.us-cert.gov/ics/advisories/ICSA-15-335-03A,2015-12-01,2016-05-03,Siemens SIMATIC Communication Processor Vulnerability (Update B),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-15-335-03A Siemens SIMATIC Communication Processor Vulnerability that was published February 2, 2016, on the NCCIC/ICS-CERT web site. Siemens has identified an authentication bypass vulnerability in Siemens’ SIMATIC Communication Processor devices CP 343-1, TIM 3V-IE, TIM 4R-IE, and CP 443-1. The vulnerability was reported directly to Siemens by Lei ChengLin (Z-0ne) from the Fengtai Technologies’ Security Research Team."
ICSA-15-337-01,https://www.us-cert.gov/ics/advisories/ICSA-15-337-01,2015-12-03,2018-08-27,SearchBlox File Exfiltration Vulnerability,1,SearchBlox," Oana Murarasu of Ixia has identified a file exfiltration vulnerability in SearchBlox’s web-based proprietary search engine application. SearchBlox has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-337-02,https://www.us-cert.gov/ics/advisories/ICSA-15-337-02,2016-01-21,2016-02-04,Hospira Multiple Products Buffer Overflow Vulnerability,1,Hospira," This advisory was originally posted to the US-CERT secure Portal library on December 3, 2015, and is being released to the NCCIC/ICS-CERT web site. Jeremy Richards of SAINT Corporation has identified a buffer overflow vulnerability in Hospira’s LifeCare PCA Infusion System. Hospira has determined that LifeCare PCA Infusion Systems released prior to July 2009 that are running Communication Engine (CE) Version 1.0 or earlier are vulnerable. In response to Jeremy Richards’ reported vulnerability, Hospira has assessed other products and determined that Plum A+/A+3 Infusion Systems, released prior to March 2009 and running CE Version 1.0 or earlier versions, also contain the identified vulnerability. Hospira has confirmed that LifeCare PCA and Plum A+/A+3 Infusion Systems, running CE Version 1.2 or later versions, sold after the aforementioned dates, are not vulnerable. This vulnerability could be exploited remotely."
ICSA-15-337-03,https://www.us-cert.gov/ics/advisories/ICSA-15-337-03,2015-12-08,2018-08-27,Pacom 1000 CCU GMS System Cryptographic Implementation Vulnerabilities,0,Pacom," This advisory was originally posted to the US-CERT secure Portal library on December 3, 2015, and is being released to the ICS-CERT web site. Swedish companies XPD and Assured found several crypto implementation flaws in the Pacom GMS system. Pacom has not produced a patch to mitigate these vulnerabilities, but has fixed the new EMCS system. These vulnerabilities could be exploited remotely. The researchers are planning to publicly disclose these vulnerabilities next week."
ICSA-15-342-01C,https://www.us-cert.gov/ics/advisories/ICSA-15-342-01,2015-12-08,2017-02-21,XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability (Update C),1,XZERES," This updated advisory is a follow-up to the updated advisory titled ICSA-15-342-01B XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability that was published March 21, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update C Part 1 of 2 -------- Independent researchers Karn Ganeshen and Tim Thurlings have identified a cross-site scripting vulnerability in XZERES’s 442SR turbine generator operating system (OS). XZERES has produced a patch to mitigate this vulnerability. --------- End Update C Part 1 of 2 -------- This vulnerability could be exploited remotely."
ICSA-15-342-02,https://www.us-cert.gov/ics/advisories/ICSA-15-342-02,2015-12-08,2018-08-27,LOYTEC Router Information Exposure Vulnerability,1,LOYTEC," Independent researcher Maxim Rupp has identified a password file vulnerability in LOYTEC’s LIP-3ECTB routers. LOYTEC has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-344-01B,https://www.us-cert.gov/ics/advisories/ICSA-15-344-01,2015-12-10,2018-08-23,Advantech EKI Vulnerabilities (Update B),1,Advantech," This updated advisory is a follow-up to the updated advisory titled ICSA-15-344-01A Advantech EKI Vulnerabilities that was published December 15, 2015, on the NCCIC/ICS-CERT web site."
ICSA-15-344-02,https://www.us-cert.gov/ics/advisories/ICSA-15-344-02,2015-12-10,2018-08-27,Open Automation Software OPC Systems NET DLL Hijacking Vulnerability,1,Open Automation Software," Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in Open Automation Software’s OPC Systems.NET application. Open Automation Software has reviewed the vulnerability and determined not to patch the issue at this time. This vulnerability could be exploited remotely with social engineering."
ICSA-15-349-01,https://www.us-cert.gov/ics/advisories/ICSA-15-349-01,2015-12-15,2018-08-27,Adcon Telemetry A840 Vulnerabilities,1,Adcon Telemetry," Independent researcher Aditya K. Sood has identified vulnerabilities in Adcon Telemetry’s A840 Telemetry Gateway Base Station. Adcon Telemetry has stated that the A840 is an obsolete product and is no longer supported. No patches or updates will be created for this product. Adcon Telemetry sent a message to all known customers to offer to upgrade to a more secure and stable version. These vulnerabilities could be exploited remotely."
ICSA-15-351-01,https://www.us-cert.gov/ics/advisories/ICSA-15-351-01,2015-12-17,2018-08-27,Schneider Electric Modicon M340 Buffer Overflow Vulnerability,1,Schneider Electric," David Atch of CyberX has identified a buffer overflow vulnerability in Schneider Electric’s Modicon M340 PLC product line. Schneider Electric has produced a new firmware patch to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-15-351-02,https://www.us-cert.gov/ics/advisories/ICSA-15-351-02,2015-12-17,2018-08-27,Motorola MOSCAD SCADA IP Gateway Vulnerabilities,1,Motorola Solutions," Independent researcher Aditya K. Sood has identified Remote File Inclusion (RFI) and Cross-Site Request Forgery (CSRF) vulnerabilities in Motorola Solutions’ MOSCAD IP Gateway. Motorola Solutions has confirmed this product was cancelled at the end of 2012 and no longer offer software updates. These vulnerabilities could be exploited remotely."
ICSA-15-351-03,https://www.us-cert.gov/ics/advisories/ICSA-15-351-03,2015-12-17,2018-08-27,eWON Vulnerabilities,1,eWON sa," Independent researcher Karn Ganeshen has identified several vulnerabilities in the eWON sa industrial router. eWON sa has produced an updated firmware to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-15-356-01,https://www.us-cert.gov/ics/advisories/ICSA-15-356-01,2015-12-22,2018-08-27,Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities,1,Siemens," Siemens has reported to NCCIC/ICS-CERT that NTP daemon vulnerabilities exist in the Siemens RUGGEDCOM ROX-based devices. Siemens has produced firmware updates to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-014-01,https://www.us-cert.gov/ics/advisories/ICSA-16-014-01,2016-01-14,2018-08-23,Advantech WebAccess Vulnerabilities,1,Advantech," Ilya Karpov of Positive Technologies, Ivan Sanchez, Andrea Micalizzi, Ariele Caltabiano, Fritz Sands, Steven Seeley, and an anonymous researcher have identified multiple vulnerabilities in Advantech WebAccess application. Many of these vulnerabilities were reported through the Zero Day Initiative (ZDI) and iDefense. Advantech has produced a new version to mitigate these vulnerabilities. Ivan Sanchez has tested the new version to validate that it resolves the vulnerabilities which he reported. These vulnerabilities could be exploited remotely."
ICSA-16-019-01,https://www.us-cert.gov/ics/advisories/ICSA-16-019-01,2016-01-19,2018-08-23,Siemens OZW672 and OZW772 XSS Vulnerability,1,Siemens," Independent researcher Aditya Sood has identified a cross-site scripting vulnerability in Siemens OZW672 and OZW772 devices. Siemens has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-021-01,https://www.us-cert.gov/ics/advisories/ICSA-16-021-01,2016-01-21,2018-08-23,CAREL PlantVisor Enhanced Authentication Bypass Vulnerability,1,CAREL," Independent researcher Maxim Rupp has identified an authorization bypass vulnerability in CAREL’s PlantVisor application. CAREL has confirmed that this vulnerability refers to the phased-out CAREL product PlantVisorEnhanced and is no longer supported. This vulnerability could be exploited remotely."
ICSA-16-026-01,https://www.us-cert.gov/ics/advisories/ICSA-16-026-01,2016-01-26,2018-08-23,MICROSYS PROMOTIC Memory Corruption Vulnerability,1,MICROSYS," Security researcher Praveen Darshanam of Versa Networks has identified a memory corruption vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application. MICROSYS has produced a new version to mitigate this vulnerability. The researcher has tested the new version to validate that it resolves the vulnerability."
ICSA-16-026-02,https://www.us-cert.gov/ics/advisories/ICSA-16-026-02,2016-01-26,2018-08-23,Rockwell Automation MicroLogix 1100 PLC Overflow Vulnerability,1,Rockwell Automation," David Atch of CyberX has identified a stack-based buffer overflow vulnerability in Rockwell Automation’s Allen-Bradley MicroLogix 1100 programmable logic controller (PLC) systems. Rockwell Automation has produced a new firmware version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-028-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-028-01,2016-01-28,2018-08-23,Westermo Industrial Switch Hard-coded Certificate Vulnerability (Update A),1,Westermo," This updated advisory is a follow-up to the original advisory titled ICSA-16-028-01 Westermo Industrial Switch Hard-Coded Certificate Vulnerability that was published January 28, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Neil Smith has identified a hard-coded certificate vulnerability in Westermo’s industrial switches. Westermo has developed an update to allow the web interface certificate to be changed. Neil Smith has tested the update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely after a successful man-in-the-middle attack."
ICSA-16-033-01,https://www.us-cert.gov/ics/advisories/ICSA-16-033-01,2016-02-02,2018-08-23,Sauter moduWeb Vision Vulnerabilities,1,Sauter," Martin Jartelius and John Stock of Outpost24 have identified three vulnerabilities in Sauter’s moduWeb Vision application. Sauter has produced a new firmware version to mitigate these vulnerabilities. The researchers have tested the new firmware version to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-033-02,https://www.us-cert.gov/ics/advisories/ICSA-16-033-02,2016-02-02,2018-08-23,GE SNMP/Web Interface Vulnerabilities,0,GE," Independent researcher Karn Ganeshen has identified two vulnerabilities in the GE SNMP/Web Interface adapter. GE has produced a new firmware version to mitigate the identified vulnerabilities in later model devices. Earlier model SNMP/Web Interface adapters may need to be upgraded to accommodate the new firmware version to address the identified vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-040-01,https://www.us-cert.gov/ics/advisories/ICSA-16-040-01,2016-02-09,2018-08-23,Tollgrade SmartGrid Sensor Management System Software Vulnerabilities,0,"Tollgrade Communications, Inc."," Independent researcher Maxim Rupp has identified vulnerabilities in Tollgrade Communications, Inc.’s SmartGrid LightHouse Sensor Management System (SMS) Software EMS. Tollgrade Communications, Inc. has produced an update to mitigate these vulnerabilities. Maxim Rupp has tested the update to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-040-02,https://www.us-cert.gov/ics/advisories/ICSA-16-040-02,2016-02-09,2018-08-23,Siemens SIMATIC S7-1500 CPU Vulnerabilities,1,Siemens," Siemens has identified two vulnerabilities in the Siemens SIMATIC S7-1500 CPU family. Siemens has produced a firmware update to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-042-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-042-01,2016-05-17,2016-12-22,Moxa EDR-G903 Secure Router Vulnerabilities (Update A),1,Moxa," This updated advisory is a follow-up to the original advisory titled ICSA-16-042-01 Moxa EDR-G903 Secure Router Vulnerabilities that was published May 17, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Moxa’s EDR-G903 secure routers. Moxa has produced a new firmware version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-049-01,https://www.us-cert.gov/ics/advisories/ICSA-16-049-01,2016-02-18,2018-08-23,B+B SmartWorx VESP211 Authentication Bypass Vulnerability,1,B+B SmartWorx," Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in B+B SmartWorx’s VESP211 serial servers. B+B SmartWorx has produced an implementation plan to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-049-02A,https://www.us-cert.gov/ics/advisories/ICSA-16-049-02,2016-02-18,2017-03-02,AMX Multiple Products Credential Management Vulnerabilities (Update A),1,Harman," This updated advisory is a follow-up to the original advisory titled ICSA-16-049-02 AMX Multiple Products Credential Management Vulnerabilities that was published February 18, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- ICS-CERT has become aware of public reporting of credential management vulnerabilities in multiple AMX multimedia devices. AMX has confirmed the existence of hard-coded passwords in multiple products. AMX has produced patches and new product versions to mitigate the vulnerabilities in the affected products. AMX has released new product versions to mitigate the remaining credential management vulnerability in their affected products. --------- End Update A Part 1 of 2 ---------- These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-16-056-01,https://www.us-cert.gov/ics/advisories/ICSA-16-056-01,2016-04-05,2018-08-23,Rockwell Automation Integrated Architecture Builder Access Violation Memory Error,1,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on February 25, 2016, and is being released to the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified an access violation memory error in Rockwell Automation’s Integrated Architecture Builder (IAB) application. Rockwell Automation has produced a software update to mitigate this vulnerability."
ICSA-16-061-01,https://www.us-cert.gov/ics/advisories/ICSA-16-061-01,2016-03-01,2018-08-23,Schneider Electric Building Operation Automation Server Vulnerability,1,Schneider Electric," Independent researcher Karn Ganeshen has identified a vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software. Schneider Electric has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-061-02,https://www.us-cert.gov/ics/advisories/ICSA-16-061-02,2016-03-01,2018-10-30,Rockwell Automation Allen-Bradley CompactLogix Reflective Cross-Site Scripting Vulnerability (Update A),1,Rockwell Automation,NULL
ICSA-16-061-03,https://www.us-cert.gov/ics/advisories/ICSA-16-061-03,2016-04-05,2018-08-23,Eaton Lighting Systems EG2 Web Control Authentication Bypass Vulnerabilities,1,Eaton," This advisory was originally posted to the US-CERT secure Portal library on March 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified vulnerabilities in Eaton Lighting Systems’ EG2 Web Control application. Eaton Lighting Systems has produced a firmware patch to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-063-01,https://www.us-cert.gov/ics/advisories/ICSA-16-063-01,2016-03-03,2018-08-23,Moxa ioLogik E2200 Series Weak Authentication Practices,0,Moxa," This advisory is a follow-up to the alert titled ICS-ALERT-15-224-04 Moxa ioLogik E2210 Vulnerabilitiesa that was published August 12, 2015, on the NCCIC/ICS-CERT web site. Independent researcher Aditya Sood reported weak authentication vulnerabilities in Moxa ioLogik E2200 Ethernet Micro RTU controllers. Moxa has produced a network security enhancement to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available."
ICSA-16-070-01,https://www.us-cert.gov/ics/advisories/ICSA-16-070-01,2016-03-10,2018-08-23,Schneider Electric Telvent RTU Improper Ethernet Frame Padding Vulnerability,1,Schneider Electric," David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers (IEEE) conformance issue involving improper frame padding in Schneider Electric’s Telvent SAGE 2300 and 2400 remote terminal units (RTUs). Schneider Electric has already released a revision that eliminates this vulnerability. This advisory serves as a notification of a new vulnerability in the previous software version. The researchers have tested the revision to validate that it resolves the reported vulnerability."
ICSA-16-070-02A,https://www.us-cert.gov/ics/advisories/ICSA-16-070-02,2016-04-12,2018-08-23,Honeywell Uniformance PHD Denial Of Service (Update A),1,Honeywell," This updated advisory is a follow-up to the original advisory titled ICSA-16-070-02 Honeywell Uniformance PHD Denial of Service that was published April 12, 2016, on the NCCIC/ICS-CERT web site."
ICSA-16-075-01,https://www.us-cert.gov/ics/advisories/ICSA-16-075-01,2016-03-15,2018-08-23,Siemens SIMATIC S7-1200 CPU Protection Mechanism Failure,1,Siemens," Siemens has identified a protection mechanism failure vulnerability in old firmware versions of SIMATIC S7-1200. Maik Brüggemann and Ralf Spenneberg from Open Source Training reported this issue directly to Siemens. Siemens provides SIMATIC S7-1200 CPU product, release V4.0 or newer, to mitigate this vulnerability and recommends keeping the firmware up to date. This vulnerability could be exploited remotely."
ICSA-16-077-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-077-01,2016-03-17,2018-08-23,ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A),1,ABB," This updated advisory is a follow-up to the original advisory titled ICSA-16-077-01 ABB Panel Builder 800 DLL Hijacking Vulnerability that was published March 17, 2016, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified a DLL Hijacking vulnerability in the ABB Panel Builder 800 Version 5.1 application."
ICSA-16-082-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-082-01,2016-03-22,2017-02-14,Siemens APOGEE Insight Incorrect File Permissions Vulnerability (Update A),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-16-082-01 Siemens APOGEE Insight Incorrect File Permissions Vulnerability that was published March 22, 2016, on the NCCIC/ICS-CERT web site."
ICSA-16-084-01,https://www.us-cert.gov/ics/advisories/ICSA-16-084-01,2016-03-24,2018-08-23,Cogent DataHub Elevation of Privilege Vulnerability,1,Cogent Real-Time Systems Inc," Steven Seeley of Source Incite has identified a privilege elevation vulnerability in the Cogent DataHub application produced by Cogent Real-Time Systems, Inc. Cogent has produced a new version to mitigate this vulnerability. Steven Seeley has tested the new version to validate that it resolves the vulnerability."
ICSA-16-091-01,https://www.us-cert.gov/ics/advisories/ICSA-16-091-01,2016-03-31,2018-08-23,ICONICS WebHMI Directory Traversal Vulnerability,1,ICONICS," Independent researcher Maxim Rupp has identified a directory traversal vulnerability in the ICONICS WebHMI V9 application. ICONICS has produced recommendations to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-096-01,https://www.us-cert.gov/ics/advisories/ICSA-16-096-01,2016-04-05,2018-08-23,Pro-face GP-Pro EX HMI Vulnerabilities,1,"Pro-face, Schneider Electric"," ZDI (Zero Day Initiative) has identified one information disclosure and two buffer overflow vulnerabilities, and independent researcher Jeremy Brown has identified hard-coded credentials in Pro-face’s GP-Pro EX HMI software. Pro-face has produced a module to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely, and some can be exploited without user interaction."
ICSA-16-103-01C,https://www.us-cert.gov/ics/advisories/ICSA-16-103-01,2016-04-12,2018-08-23,Siemens Industrial Products glibc Library Vulnerability (Update C),1,Siemens," This updated advisory is a follow-up to the advisory update titled ICSA-16-103-01B Siemens Industrial Products glibc Library Vulnerability that was published July 14, 2016, on the NCCIC/ICS-CERT web site. Siemens reports that a buffer overflow vulnerability in the glibc library could affect several of its industrial products."
ICSA-16-103-02,https://www.us-cert.gov/ics/advisories/ICSA-16-103-02,2016-04-12,2018-08-23,Siemens SCALANCE S613 Denial-of-Service Vulnerability,1,Siemens," Siemens has identified a resource exhaustion vulnerability that causes a denial-of-service condition in the Siemens SCALANCE S613 device. Siemens recommends that customers contact Siemens customer support in order to obtain advice on a solution for the customer’s specific environment. This vulnerability could be exploited remotely."
ICSA-16-103-03C,https://www.us-cert.gov/ics/advisories/ICSA-16-103-03,2016-04-12,2017-11-28,Siemens Industrial Products DROWN Vulnerability (Update C),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-16-103-03B Siemens Industrial Products DROWN Vulnerability that was published June 15, 2017, on the NCCIC/ICS-CERT web site. Siemens has found that a DROWNa (Decrypting RSA with Obsolete and Weakened eNcryption) attack can affect some Siemens industrial products under certain conditions. Siemens recommends specific countermeasures until patches are available. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-16-105-01,https://www.us-cert.gov/ics/advisories/ICSA-16-105-01,2016-04-14,2018-08-23,Sierra Wireless ACEmanager Information Exposure Vulnerability,1,Sierra Wireless," Independent researcher Maxim Rupp has identified an exposure of sensitive information vulnerability in the Sierra Wireless ACEmanager application. Sierra Wireless has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-105-02,https://www.us-cert.gov/ics/advisories/ICSA-16-105-02,2016-04-14,2018-08-23,Accuenergy Acuvim II Series AXM-NET Module Vulnerabilities,1,Accuenergy," Independent researcher Maxim Rupp has identified authentication bypass vulnerabilities in Accuenergy’s Acuvim II Series AXM-NET module. Accuenergy has produced guidelines to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-105-03,https://www.us-cert.gov/ics/advisories/ICSA-16-105-03,2016-04-14,2018-08-23,Ecava IntegraXor Vulnerabilities,1,Ecava," Independent security researcher Marcus Richerson and Steven Seeley of Source Incite, working with Trend Micro’s Zero Day Initiative, independently identified vulnerabilities in Ecava’s IntegraXor application. Ecava has produced a new version to mitigate these vulnerabilities. Marcus Richerson has tested the new version to validate that it resolves all the vulnerabilities, except for one incomplete fix, which Ecava plans to fully address in an upcoming release. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-16-126-01,https://www.us-cert.gov/ics/advisories/ICSA-16-126-01,2016-06-07,2018-08-23,KMC Controls Conquest BACnet Router Vulnerabilities,1,KMC Controls," This advisory was originally posted to the US-CERT secure Portal library on May 5, 2016, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified authentication and cross-site request forgery (CSRF) vulnerabilities in KMC Controls’ Conquest BACnet routers through its web interface. KMC Controls has produced new firmware to mitigate these vulnerabilities. Maxim Rupp has tested the new firmware to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-131-01,https://www.us-cert.gov/ics/advisories/ICSA-16-131-01,2016-05-10,2018-08-23,Panasonic FPWIN Pro Vulnerabilities,0,"Panasonic, Panasonic Electric Works Europe AG"," NCCIC/ICS-CERT received a report from Trend Micro’s Zero Day Initiative (ZDI) concerning buffer overflow vulnerabilities in Panasonic FPWIN Pro software. These vulnerabilities were reported to ZDI by security researcher Steven Seeley. Panasonic has produced a new version to mitigate these vulnerabilities."
ICSA-16-133-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-133-01,2016-05-12,2018-08-23,Meteocontrol WEB'log Vulnerabilities (Update A),1,Meteocontrol," This updated advisory is a follow-up to the original advisory titled ICSA-16-133-01 Meteocontrol WEB'log Vulnerabilities that was published May 12, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified one authentication and two information exposure vulnerabilities in Meteocontrol’s WEB’log application. Meteocontrol has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-138-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-138-01,2016-05-17,2016-12-22,IRZ RUH2 3G Firmware Overwrite Vulnerability (Update A),1,iRZ," This updated advisory is a follow-up to the original advisory titled ICSA-16-138-01 iRZ RUH2 3G Firmware Overwrite Vulnerability that was published May 17, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT has identified a firmware overwrite vulnerability in iRZ’s RUH2 device. iRZ has discontinued this product and no longer offers support. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-16-140-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-140-01,2016-05-19,2016-12-22,Resource Data Management Intuitive 650 TDB Controller Vulnerabilities (Update A),1,Resource Data Management," This updated advisory is a follow-up to the original advisory titled ICSA-16-140-01 Resource Data Management Intuitive 650 TBD Controller Vulnerabilities that was published May 19, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified a privilege escalation vulnerability and a cross-site request forgery (CSRF) vulnerability in Resource Data Management’s Intuitive 650 TDB Controller. Resource Data Management has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-140-02,https://www.us-cert.gov/ics/advisories/ICSA-16-140-02,2016-05-19,2018-05-17,Siemens SIPROTEC Information Disclosure Vulnerabilities (Update B),1,Siemens,NULL
ICSA-16-145-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-145-01,2016-05-24,2018-08-23,Moxa MiiNePort Vulnerabilities (Update A),1,Moxa," This updated advisory is a follow-up to the original advisory titled ICSA-16-145-01 Moxa MiiNePort Vulnerabilities that was published May 24, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified weak credential management, sensitive information not protected, and cross-site request forgery vulnerabilities in Moxa’s MiiNePort serial device server module series. Moxa will produce a beta patch firmware in late May 2016 to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-147-01B,https://www.us-cert.gov/ics/advisories/ICSA-16-147-01,2016-05-26,2016-12-22,Environmental Systems Corporation Data Controllers Vulnerabilities (Update B),1,Environmental Systems Corporation," This updated advisory is a follow-up to the updated advisory titled ICSA-16-147-01A Environmental Systems Corporation Data Controllers Vulnerabilities that was published June 2, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified data controller vulnerabilities in the Environmental Systems Corporation (ESC) 8832 Data Controller. ESC acknowledged that Balazs Makany reported these vulnerabilities on February 18, 2015. ESC has stated the ESC 8832 Data Controller has no available code space to make any additional security patches; so, a firmware update is not possible. ESC has released an advisory that identifies compensating controls to reduce risk of exploitation of the reported vulnerabilities. These vulnerabilities could be exploited remotely. An exploit that targets these vulnerabilities is publicly available. A Metasploit module has been released that allows an attacker to hijack a valid session that is in progress by a legitimate user."
ICSA-16-147-02,https://www.us-cert.gov/ics/advisories/ICSA-16-147-02,2016-05-26,2018-08-23,Sixnet BT Series Hard-coded Credentials Vulnerability,1,Sixnet," Independent researcher Neil Smith has identified a hard-coded credential vulnerability in Sixnet’s BT series routers. Sixnet has produced patches and new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-16-147-03,https://www.us-cert.gov/ics/advisories/ICSA-16-147-03,2016-05-26,2018-08-23,Black Box AlertWerks ServSensor Credential Management Vulnerability,1,Black Box," Independent researcher Lee Ryman has identified a credential management vulnerability in Black Box’s AlertWerks ServSensor devices. ICS-CERT and CERT Australia have coordinated with Black Box that has produced a new firmware version to mitigate this vulnerability. Lee Ryman has tested the new firmware version to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-16-152-01,https://www.us-cert.gov/ics/advisories/ICSA-16-152-01,2016-05-31,2018-08-23,Moxa UC 7408-LX-Plus Firmware Overwrite Vulnerability,0,Moxa," NCCIC/ICS-CERT has received information from a third party that identified a firmware overwrite vulnerability in Moxa’s UC 7408-LX-Plus device. Moxa has produced instructions to reduce exposure to this vulnerability. The Moxa UC 7408-LX-Plus device has been discontinued. This vulnerability could be exploited remotely."
ICSA-16-152-02,https://www.us-cert.gov/ics/advisories/ICSA-16-152-02,2016-05-31,2018-08-23,ABB PCM600 Vulnerabilities,1,ABB," ABB has identified one use of password hash with insufficient computational effort and three insufficiently protected credentials vulnerabilities in ABB’s PCM600. These vulnerabilities were reported directly to ABB by Ilya Karpov from Positive Technologies. ABB has produced a new version to mitigate these vulnerabilities."
ICSA-16-154-01,https://www.us-cert.gov/ics/advisories/ICSA-16-154-01,2016-06-02,2018-08-23,GE MultiLink Series Hard-coded Credential Vulnerability,0,GE," GE has identified a hard-coded credential vulnerability in GE’s MultiLink series managed switches. GE has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-159-01,https://www.us-cert.gov/ics/advisories/ICSA-16-159-01,2016-06-07,2018-08-23,Trihedral Engineering Limited VTScada Vulnerabilities,1,Trihedral Engineering Limited," An anonymous researcher has identified several vulnerabilities in Trihedral Engineering Ltd.’s Trihedral VTScada and reported them to Zero Day Initiative (ZDI), which reported them to NCCIC/ICS-CERT. Trihedral Engineering Ltd. has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-161-01,https://www.us-cert.gov/ics/advisories/ICSA-16-161-01,2016-06-09,2018-08-23,Siemens SIMATIC S7-300 Denial-of-Service Vulnerability,1,Siemens," Siemens has identified a denial-of-service vulnerability in the SIMATIC S7-300 CPU family. The vulnerability was reported directly to Siemens by Mate J. Csorba of DNV GL, Marine Cybernetics Services, and Amund Sole of Norwegian University of Science and Technology. Siemens has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-161-02,https://www.us-cert.gov/ics/advisories/ICSA-16-161-02,2016-06-09,2018-08-23,Siemens SIMATIC WinCC Flexible Weakly Protected Credentials Vulnerability,1,Siemens," Siemens has identified a weakly protected credentials vulnerability in SIMATIC WinCC flexible. Gleb Gritsai and Roman Ilin from Positive Technologies reported this issue directly to Siemens. Siemens has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-166-01,https://www.us-cert.gov/ics/advisories/ICSA-16-166-01,2016-06-14,2018-08-23,OSIsoft PI SQL Data Access Server Input Validation Vulnerability,1,OSIsoft," OSIsoft has identified an input validation vulnerability in its own PI SQL Data Access Server. OSIsoft has produced a new version of PI SQL Data Access Server (OLE DB) 2016 (1.5) to address this issue. This vulnerability could be exploited remotely."
ICSA-16-166-02,https://www.us-cert.gov/ics/advisories/ICSA-16-166-02,2016-06-14,2018-08-23,OSIsoft PI AF Server Input Validation Vulnerability,1,OSIsoft," OSIsoft has identified an input validation vulnerability in its own PI AF Server. OSIsoft has produced a new version of PI AF Server 2016 to address this issue. This vulnerability could be exploited remotely."
ICSA-16-168-01,https://www.us-cert.gov/ics/advisories/ICSA-16-168-01,2016-06-16,2018-08-23,Moxa PT-7728 Series Switch Improper Authorization Vulnerability,0,Moxa," Researcher Can Demirel of Biznet Bilisim has identified an improper authorization vulnerability in Moxa’s Industrial Ethernet Switch PT-7728 series. Moxa has produced an update to mitigate this vulnerability. Can Demirel has tested the update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-16-173-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-173-01,2016-06-21,2018-08-23,Advantech WebAccess ActiveX Vulnerabilities (Update A),1,Advantech," This updated advisory is a follow-up to the original advisory titled ICSA-16-173-01 Advantech WebAccess ActiveX Vulnerabilities that was published June 21, 2016, on the NCCIC/ICS-CERT web site."
ICSA-16-173-02,https://www.us-cert.gov/ics/advisories/ICSA-16-173-02,2016-06-21,2018-08-23,Schneider Electric PowerLogic PM8ECC Cross-site Scripting Vulnerability,1,Schneider Electric," Schneider Electric has notified NCCIC/ICS-CERT of a Cross-site Scripting (XSS) vulnerability in Schneider Electric’s PowerLogic PM8ECC communications add-on module for the Series 800 PowerMeter. Schneider Electric has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-173-03,https://www.us-cert.gov/ics/advisories/ICSA-16-173-03,2016-07-26,2018-08-23,Rockwell Automation FactoryTalk EnergyMetrix Vulnerabilities,1,Rockwell Automation," This advisory was originally posted to the US-CERT secure Portal library on June 21, 2016, and is being released to the NCCIC/ICS-CERT web site. Rockwell Automation has identified authentication vulnerabilities in the FactoryTalk EnergyMetrix application. Rockwell Automation has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-175-01,https://www.us-cert.gov/ics/advisories/ICSA-16-175-01,2016-06-23,2018-08-23,Rockwell Automation Allen-Bradley Stratix 5400 and 5410 Packet Corruption Vulnerability,1,Rockwell Automation," Rockwell Automation has identified a resource management vulnerability in Rockwell Automation’s Allen-Bradley Stratix 5400 and Allen-Bradley Stratix 5410 industrial networking switches. Rockwell Automation has produced a new firmware version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-175-02,https://www.us-cert.gov/ics/advisories/ICSA-16-175-02,2016-06-23,2018-08-23,Unitronics VisiLogic OPLC IDE vlp File Parsing Stack Buffer Overflow Vulnerability,1,Unitronics," ZDI has identified a buffer overflow vulnerability discovered by Steven Seeley of Source Incite in Unitronics VisiLogic. Unitronics has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-175-03,https://www.us-cert.gov/ics/advisories/ICSA-16-175-03,2016-06-23,2018-08-23,Meinberg NTP Time Server Vulnerabilities,1,Meinberg," Independent researcher Ryan Wincey has identified a stack buffer overflow vulnerability and a privilege escalation vulnerability in Meinberg’s NTP Time Servers Interface. Meinberg has produced a new Version 6.20.004 to mitigate these vulnerabilities. The researcher has validated the firmware update. He confirms the update fixes these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-182-01,https://www.us-cert.gov/ics/advisories/ICSA-16-182-01,2016-06-30,2018-08-23,Eaton ELCSoft Programming Software Memory Vulnerabilities,1,Eaton," Ariele Calgaviano working with Zero Day Initiative has identified a heap-based memory corruption vulnerability and a stack buffer overflow vulnerability in Eaton’s ELCSoft programming software. Eaton has released a revision to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-182-02B,https://www.us-cert.gov/ics/advisories/ICSA-16-182-02,2016-06-30,2016-12-01,Siemens SICAM PAS Information Disclosure Vulnerabilities (Update B),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-16-182-02A Siemens SICAM PAS Vulnerabilities that was published November 29, 2016, on the NCCIC/ICS-CERT web site. Positive Technologies’ Ilya Karpov and Dmitry Sklyarov have identified two vulnerabilities in the Siemens SICAM PAS (Power Automation System). Siemens has produced a new version and mitigation instructions to address these vulnerabilities."
ICSA-16-187-01,https://www.us-cert.gov/ics/advisories/ICSA-16-187-01,2016-07-05,2016-07-06,Rexroth Bosch BLADEcontrol-WebVIS Vulnerabilities,1,Rexroth Bosch," Independent researcher Maxim Rupp has identified a SQL injection vulnerability and a cross-site scripting vulnerability in the Rexroth Bosch BLADEcontrol-WebVIS. Rexroth Bosch has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-189-01,https://www.us-cert.gov/ics/advisories/ICSA-16-189-01,2016-07-07,2018-08-23,WECON LeviStudio Buffer Overflow Vulnerabilities,1,WECON," Independent security researchers Rocco Calvi and Brian Gorenc, working with Trend Micro’s Zero Day Initiative, have identified buffer overflow vulnerabilities in WECON’s LeviStudio software. WECON has not released a product fix to addresses the buffer overflow vulnerabilities in the LeviStudio software."
ICSA-16-189-02,https://www.us-cert.gov/ics/advisories/ICSA-16-189-02,2016-07-07,2018-08-23,Moxa Device Server Web Console Authorization Bypass Vulnerability,0,Moxa," Independent researcher Maxim Rupp has identified an authorization bypass vulnerability in Moxa’s Device Server Web Console. Moxa has indicated the NPort 5232-N was discontinued in 2012 and has produced recommendations to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-194-01,https://www.us-cert.gov/ics/advisories/ICSA-16-194-01,2016-07-12,2018-08-23,Tollgrade Smart Grid EMS LightHouse Vulnerabilities,0,"Tollgrade Communications, Inc."," Ashish Kamble of Qualys, Inc. has identified vulnerabilities in Tollgrade Communications, Inc.’s Smart Grid LightHouse Sensor Management System (SMS) Software EMS. Tollgrade has produced a new version to mitigate these vulnerabilities. Ashish Kamble has tested the new version to validate that it resolves these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-194-02,https://www.us-cert.gov/ics/advisories/ICSA-16-194-02,2016-07-12,2018-08-23,GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability,0,GE," Zhou Yu of Acorn Network Security identified an improper privilege management vulnerability and recently released exploit code for the GE Proficy HMI/SCADA CIMPLICITY application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. GE produced a new version to mitigate this vulnerability in August 2014. Exploits that target this vulnerability are known to be publicly available."
ICSA-16-196-01,https://www.us-cert.gov/ics/advisories/ICSA-16-196-01,2016-07-14,2018-08-23,Schneider Electric Pelco Digital Sentry Video Management System Vulnerability,1,Schneider Electric," Schneider Electric has identified a hard-coded credential vulnerability in Schneider Electric’s Pelco Digital Sentry Video Management System. Schneider Electric has produced a new firmware version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-196-02,https://www.us-cert.gov/ics/advisories/ICSA-16-196-02,2016-07-14,2018-08-23,Moxa MGate Authentication Bypass Vulnerability,0,Moxa," Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in Moxa’s MGate products. Moxa has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-196-03,https://www.us-cert.gov/ics/advisories/ICSA-16-196-03,2016-07-14,2018-08-23,Schneider Electric SoMachine HVAC Unsafe ActiveX Control Vulnerability,1,Schneider Electric," Andrea Micalizzi discovered an unsafe ActiveX control vulnerability in Schneider Electric’s SoMachine software. He reported this vulnerability to ZDI who then reported it to NCCIC/ICS-CERT. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-208-01C,https://www.us-cert.gov/ics/advisories/ICSA-16-208-01,2016-07-26,2016-11-08,"Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities (Update C)",1,Siemens," This updated advisory is a follow-up to the advisory update titled ICSA-16-208-01B Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities that was published October 4, 2016, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities in SIMATIC WinCC, PCS 7, and WinCC Runtime Professional. Sergey Temnikov and Vladimir Dashchenko from Kaspersky Lab reported these issues directly to Siemens. Siemens has produced updates to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-208-02,https://www.us-cert.gov/ics/advisories/ICSA-16-208-02,2016-07-26,2018-08-23,Siemens SIMATIC NET PC-Software Denial-of-Service Vulnerability,1,Siemens," Siemens has identified a denial-of-service vulnerability in SIMATIC NET PC-Software. Vladimir Dashchenko and Sergey Temnikov from Kaspersky Labs reported this issue directly to Siemens. Siemens has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-208-03,https://www.us-cert.gov/ics/advisories/ICSA-16-208-03,2016-07-26,2018-08-23,Siemens SINEMA Remote Connect Server Cross-site Scripting Vulnerability,1,Siemens," Researchers Antonio Morales Maldonado of INNOTEC SYSTEM, and Alexander Van Maele and Tijl Deneut of Howest have identified a cross-site scripting (XSS) vulnerability in the Siemens SINEMA Remote Connect Server application. Siemens has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-215-01,https://www.us-cert.gov/ics/advisories/ICSA-16-215-01,2016-08-02,2018-08-23,Moxa SoftCMS SQL Injection Vulnerability,0,Moxa," Zhou Yu of Acorn Network Security has identified a SQL injection vulnerability in Moxa's SoftCMS. ZDI reported this vulnerability to ICS-CERT. Moxa has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-215-02A,https://www.us-cert.gov/ics/advisories/ICSA-16-215-02,2016-08-02,2016-10-13,Siemens SINEMA Server Privilege Escalation Vulnerability (Update A),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-16-215-02 Siemens SINEMA Server Privilege Escalation Vulnerability that was published August 2, 2016, on the NCCIC/ICS-CERT web site."
ICSA-16-224-01,https://www.us-cert.gov/ics/advisories/ICSA-16-224-01,2016-08-11,2018-08-23,Rockwell Automation MicroLogix 1400 SNMP Credentials Vulnerability,1,Rockwell Automation," Cisco Talos, Cisco Systems, Inc.'s security intelligence and research group reported to Rockwell Automation that an undocumented and privileged Simple Network Management Protocol (SNMP) community string exists in MicroLogix 1400 programmable logic controllers (PLC). Rockwell Automation has released mitigation strategies to protect against this threat. This vulnerability could be exploited remotely."
ICSA-16-224-02A,https://www.us-cert.gov/ics/advisories/ICSA-16-224-02,2016-09-15,2018-08-22,Rockwell Automation RSLogix 500 and RSLogix Micro File Parser Buffer Overflow Vulnerability (Update A),1,Rockwell Automation," This updated advisory is a follow-up to the original advisory titled ICSA-16-224-02 Rockwell Automation RSLogix 500 and RSLogix Micro File Parser Buffer Overflow Vulnerability that was published September 15, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 3 -------- Ariele Caltabiano (kimiya) working with Trend Micro’s Zero Day Initiative has identified a parser buffer overflow vulnerability in Rockwell Automation’s RSLogix Starter Lite. Rockwell Automation investigated the matter and found that it also affected RSLogix 500 and other versions of RSLogix Micro. Rockwell Automation has released a new version of software, v11.00.00, which resolves the vulnerability. --------- End Update A Part 1 of 3 ----------"
ICSA-16-231-01,https://www.us-cert.gov/ics/advisories/ICSA-16-231-01-0,2016-12-06,1900-01-01,Locus Energy LGate Command Injection Vulnerability,1,Locus Energy," This advisory is a follow-up to the original alert, titled ICS-ALERT-16-230-01 Navis WebAccess SQL Injection Vulnerability,a published August 17, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of an SQL Injection vulnerability with proof-of-concept (PoC) exploit code affecting the Navis WebAccess application. This report was released by “bRpsd” without coordination with either the vendor or ICS-CERT. ICS-CERT has reached out to Navis who has validated the reported vulnerability. Navis has produced custom patches to mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available."
ICSA-16-236-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-236-01,2016-08-30,2018-08-23,Moxa OnCell Vulnerabilities (Update A),1,Moxa," This updated advisory is a follow-up to the original advisory titled ICSA-16-236-01 Moxa OnCell Vulnerabilities that was published August 23, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified several vulnerabilities in Moxa’s OnCell products. Moxa has produced new firmware to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-250-01,https://www.us-cert.gov/ics/advisories/ICSA-16-250-01,2016-09-06,2018-08-23,Siemens SIPROTEC 4 and SIPROTEC Compact Vulnerabilities,1,Siemens," Siemens reports that they have released a firmware update for SIPROTEC 4 and SIPROTEC Compact devices to mitigate authentication bypass and resource exhaustion vulnerabilities. Kirill Nesterov and Anatoly Katushin from Kaspersky Lab reported some of these vulnerabilities directly to Siemens. These vulnerabilities could be exploited remotely."
ICSA-16-252-01,https://www.us-cert.gov/ics/advisories/ICSA-16-252-01,2016-10-06,1900-01-01,GE Bently Nevada 3500/22M Improper Authorization Vulnerability,1,GE," This advisory was originally posted to the US-CERT secure Portal library on September 8, 2016, and is being released to the NCCIC/ICS-CERT web site. GE has identified an improper authorization vulnerability in the GE Bently Nevada 3500/22M monitoring system. GE has produced a new firmware version to mitigate this vulnerability in the USB version of the GE Bently Nevada 3500/22M monitoring system. This vulnerability could be exploited remotely."
ICSA-16-259-01,https://www.us-cert.gov/ics/advisories/ICSA-16-259-01,2016-09-15,2018-08-22,Yokogawa STARDOM Authentication Bypass Vulnerability,1,Yokogawa," NCCIC/ICS-CERT received a report from Yokogawa and JPCERT/CCa about an authentication bypass vulnerability in the Yokogawa STARDOM controller. Yokogawa has produced a new release to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-259-02,https://www.us-cert.gov/ics/advisories/ICSA-16-259-02,2016-09-15,2018-08-22,ABB DataManagerPro Credential Management Vulnerability,1,ABB," NCCIC/ICS-CERT received a report from Trend Micro’s Zero Day Initiative (ZDI) concerning a credential management vulnerability in ABB’s DataManagerPro application. Security researcher Andrea Micalizzi reported this vulnerability to ZDI. ABB has produced a new version to mitigate this vulnerability."
ICSA-16-259-03,https://www.us-cert.gov/ics/advisories/ICSA-16-259-03,2016-09-15,2018-08-22,Trane Tracer SC Sensitive Information Exposure Vulnerability,0,Trane U.S. Inc.," Independent researcher Maxim Rupp has identified an information exposure vulnerability in Trane U.S. Inc.’s Tracer SC field panel. Trane U.S. Inc. has produced an update to mitigate this vulnerability. Maxim Rupp has tested the update to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-16-264-01,https://www.us-cert.gov/ics/advisories/ICSA-16-264-01,2016-09-20,2018-08-22,Moxa Active OPC Server Unquoted Service Path Escalation Vulnerability,1,Moxa," Independent researcher Zhou Yu has identified an unquoted service path escalation vulnerability in Moxa’s Active OPC Server application. Moxa has produced a new version to mitigate this vulnerability. Zhou Yu has tested the new version to validate that it resolves the vulnerability."
ICSA-16-271-01,https://www.us-cert.gov/ics/advisories/ICSA-16-271-01,2016-09-27,2018-08-22,Siemens SCALANCE M-800/S615 Web Vulnerability,1,Siemens," Siemens has identified a web security vulnerability in Siemen’s SCALANCE M-800 and S615 modules. This vulnerability was reported directly to Siemens by Alexander Van Maele and Tijl Deneut from HOWEST. Siemens has produced a new firmware version to mitigate this vulnerability."
ICSA-16-273-01,https://www.us-cert.gov/ics/advisories/ICSA-16-273-01-0,2016-09-29,1900-01-01,American Auto-Matrix Front-End Solutions Vulnerabilities,1,American Auto-Matrix," Independent researcher Maxim Rupp has identified a local file inclusion and a plain text storage of password vulnerabilities in American Auto-Matrix’s Building Automation Front-End Solutions application. The Aspect-Matrix hardware platform was made end of life in 2015 and will no longer receive further updates. American Auto-Matrix has produced an update that fixes these vulnerabilities in the Aspect-Nexus platform. These vulnerabilities could be exploited remotely."
ICSA-16-278-01,https://www.us-cert.gov/ics/advisories/ICSA-16-278-01,2016-10-04,1900-01-01,INDAS Web SCADA Path Traversal Vulnerability,1,INDAS," Independent researcher Ehab Hussein of IOActive has identified a path traversal vulnerability in the INDAS Web SCADA application. INDAS has produced new software to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-278-02,https://www.us-cert.gov/ics/advisories/ICSA-16-278-02,2016-10-04,2017-01-05,Beckhoff Embedded PC Images and TwinCAT Components Vulnerabilities,1,Beckhoff," Gregor Bonney from FH Aachen University of Applied Sciences has identified vulnerabilities in Beckhoff’s Embedded PC Images and TwinCAT Components. He published them and reported them to Beckhoff afterward. In 2014, Beckhoff produced a new build and security advisories with instructions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-287-01,https://www.us-cert.gov/ics/advisories/ICSA-16-287-01,2016-10-13,1900-01-01,OSIsoft PI Web API 2015 R2 Service Account Permissions Vulnerability,1,OSIsoft," OSIsoft has identified a permissions vulnerability in its own PI Web API. OSIsoft has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-287-02,https://www.us-cert.gov/ics/advisories/ICSA-16-287-02,2016-10-13,1900-01-01,Siemens Automation License Manager Vulnerabilities,1,Siemens," Siemens has identified vulnerabilities in Siemen’s Automation License Manager (ALM). These vulnerabilities were reported directly to Siemens by Sergey Temnikov and Vladimir Dashchenko from Critical Infrastructure Defence Team, Kaspersky Lab. Siemens has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-287-03,https://www.us-cert.gov/ics/advisories/ICSA-16-287-03,2016-10-13,1900-01-01,Siemens SIMATIC STEP 7 (TIA Portal) Information Disclosure Vulnerabilities,1,Siemens," Siemens has released a new version of SIMATIC STEP 7 (TIA Portal) to mitigate information disclosure vulnerabilities. These vulnerabilities were reported directly to Siemens by Dmitry Sklyarov and Gleb Gritsai from Positive Technologies. Siemens has produced a new version to mitigate these vulnerabilities."
ICSA-16-287-04,https://www.us-cert.gov/ics/advisories/ICSA-16-287-04,2016-10-13,1900-01-01,Rockwell Automation Stratix Denial-of-Service and Memory Leak Vulnerabilities,1,Rockwell Automation," Rockwell Automation reports that several of the vulnerabilities contained in Cisco’s semi-annual Cisco IOS and IOS XE Software Security Advisory Bundled Publicationa could also affect Rockwell Automation’s Allen-Bradley Stratix industrial switches. Rockwell Automation has produced new versions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-287-05A,https://www.us-cert.gov/ics/advisories/ICSA-16-287-05,2016-10-13,2017-01-31,Moxa ioLogik E1200 Series Vulnerabilities (Update A),1,Moxa," This updated advisory is a follow-up to the original advisory titled ICSA-16-287-05 Moxa ioLogik E1200 Series Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site."
ICSA-16-287-06,https://www.us-cert.gov/ics/advisories/ICSA-16-287-06,2016-10-13,2017-03-21,Fatek Automation Designer Memory Corruption Vulnerabilities,1,Fatek," Ariele Caltabiano (kimiya) working with Trend Micro’s Zero Day Initiative (ZDI) has identified a heap memory corruption and two stack buffer overflow vulnerabilities in Fatek’s Automation PM and FV Designer applications. Fatek has not produced an update to mitigate these vulnerabilities. ZDI has coordinated with NCCIC/ICS-CERT. ZDI has published the PM Designer vulnerability. These vulnerabilities could be exploited remotely."
ICSA-16-287-07A,https://www.us-cert.gov/ics/advisories/ICSA-16-287-07,2016-10-13,2017-11-07,Kabona AB WDC Vulnerabilities (Update A),1,Kabona AB," This updated advisory is a follow-up to the original advisory titled ICSA-17-287-07 Kabona AB WDC Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. Martin Jartelius and John Stock of Outpost 24 have identified vulnerabilities in Kabona AB’s WebDatorCentral (WDC) application. Kabona AB has produced an update to mitigate these vulnerabilities. Martin Jartelius has tested the update to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-292-01,https://www.us-cert.gov/ics/advisories/ICSA-16-292-01,2016-10-18,1900-01-01,Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability,1,Schneider Electric," Independent researcher He Congwen has identified a hard-coded password vulnerability in Schneider Electric’s PowerLogic PM8ECC device. Schneider Electric has produced a patch to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-294-01,https://www.us-cert.gov/ics/advisories/ICSA-16-294-01,2016-10-20,1900-01-01,Moxa EDR-810 Industrial Secure Router Privilege Escalation Vulnerability,1,Moxa," Independent researcher Maxim Rupp has identified a privilege escalation vulnerability in Moxa’s EDR-810 Industrial Secure Router. Moxa has produced firmware to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-299-01,https://www.us-cert.gov/ics/advisories/ICSA-16-299-01,2016-10-25,2016-11-07,Siemens SICAM RTU Devices Denial-of-Service Vulnerability,1,Siemens," Stephan Beirer, Markus Mahrla, Toralf Gimpel, and Sebastian Krause, from GAI NetConsult GmbH, and Adam Crain of Automatak LLC have identified a denial-of-service vulnerability in Siemens SICAM products. Siemens has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-301-01,https://www.us-cert.gov/ics/advisories/ICSA-16-301-01,2016-10-27,1900-01-01,Honeywell Experion PKS Improper Input Validation Vulnerability,1,Honeywell," Honeywell reported a denial-of-service condition caused by an improper input validation vulnerability in Honeywell’s Experion Process Knowledge System (PKS) platform. Honeywell has produced patches to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-306-01,https://www.us-cert.gov/ics/advisories/ICSA-16-306-01,2016-11-01,2016-11-10,Schneider Electric ConneXium Buffer Overflow Vulnerability,1,Schneider Electric," Security researcher George Lashenko of CyberX has identified a buffer overflow vulnerability in Schneider Electric’s ConneXium firewall product. Schneider Electric is developing a firmware update to mitigate this vulnerability. This vulnerability is remotely exploitable."
ICSA-16-306-02,https://www.us-cert.gov/ics/advisories/ICSA-16-306-02,2016-11-01,1900-01-01,IBHsoftec S7-SoftPLC CPX43 Heap-based Buffer Overflow Vulnerability,1,IBHsoftec GmbH," Ariele Caltabiano (kimiya) working with Trend Micro’s Zero Day Initiative has identified a buffer overflow vulnerability in IBHsoftec’s S7-SoftPLC. IBHsoftec has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-306-03,https://www.us-cert.gov/ics/advisories/ICSA-16-306-03,2016-11-01,1900-01-01,Schneider Electric Unity PRO Control Flow Management Vulnerability,1,Schneider Electric," Avihay Kain and Mille Gandelsman of Indegy have identified a vulnerability in Schneider Electric Unity PRO Software product. Schneider Electric has released a security notification with instructions to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-308-01,https://www.us-cert.gov/ics/advisories/ICSA-16-308-01,2016-11-03,1900-01-01,Moxa OnCell Security Vulnerabilities,1,Moxa," Independent researcher Maxim Rupp has identified authorization bypass and disclosed OS commanding vulnerabilities in Moxa’s OnCell Security Software. Moxa has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-308-02B,https://www.us-cert.gov/ics/advisories/ICSA-16-308-02,2016-11-03,2017-07-27,Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B),1,Schneider Electric," This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption vulnerabilities affecting Schneider Electric’s Magelis human-machine interface (HMI) products. The researcher Eran Goldstein, in collaboration with Check Point Software Technologies and CRITIFENCE, released vulnerability information after coordination with the vendor and ICS-CERT. --------- Begin Update B Part 1 of 2 -------- Schneider Electric has released a new software version that removes the vulnerable web-server component. --------- End Update B Part 1 of 2 ---------- These vulnerabilities could be exploited remotely. Detailed vulnerability information is publicly available that could be used to develop an exploit that targets these vulnerabilities."
ICSA-16-308-03,https://www.us-cert.gov/ics/advisories/ICSA-16-308-03,2016-11-03,1900-01-01,Schneider Electric IONXXXX Series Power Meter Vulnerabilities,1,Schneider Electric," This advisory is a follow-up to the alert titled ICS-ALERT-16-256-02 Schneider Electric ION Power Meter CSRF Vulnerability that was published September 12, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified a cross-site request forgery (CSRF) and no access control vulnerabilities in Schneider Electric’s IONXXXX series power meters. Schneider Electric has produced instructions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-313-01,https://www.us-cert.gov/ics/advisories/ICSA-313-01,2016-11-08,2019-01-24,Phoenix Contact ILC PLC Authentication Vulnerabilities,1,PHOENIX CONTACT," Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC (inline controller) PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-313-02,https://www.us-cert.gov/ics/advisories/ICSA-16-313-02,2016-11-08,2018-06-14,Siemens Industrial Products Local Privilege Escalation Vulnerability (Update H),1,Siemens,NULL
ICSA-16-313-03,https://www.us-cert.gov/ics/advisories/ICS-VU-313-03,2016-11-08,1900-01-01,OSIsoft PI System Incomplete Model of Endpoint Features Vulnerability,1,OSIsoft," OSIsoft has identified an incomplete model of endpoint features vulnerability in OSIsoft’s PI System software. OSIsoft has produced new versions to mitigate this vulnerability."
ICSA-16-315-01B,https://www.us-cert.gov/ics/advisories/ICSA-16-315-01,2016-11-10,2017-01-03,CA Unified Infrastructure Management Directory Traversal Vulnerability (Update B),1,CA Technologies," This updated advisory is a follow-up to the original advisory titled ICSA-16-315-01A CA Unified Infrastructure Management Directory Traversal Vulnerability that was published November 15, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi, working with Zero Day Initiative, has identified a directory traversal vulnerability in CA Technologies’ Unified Infrastructure Management application. CA Technologies has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-320-01,https://www.us-cert.gov/ics/advisories/ICSA-16-320-01,2016-11-15,1900-01-01,Lynxspring JENEsys BAS Bridge Vulnerabilities,1,Lynxspring," Independent researcher Maxim Rupp has identified several vulnerabilities in Lynxspring’s JENEsys BAS Bridge application. Lynxspring has discontinued the BAS Bridge application and recommends that users upgrade to the Onyxx Bridge product. These vulnerabilities could be exploited remotely."
ICSA-16-322-01,https://www.us-cert.gov/ics/advisories/ICSA-16-322-01,2016-11-17,1900-01-01,Vanderbilt Industries Siemens IP CCTV Cameras Vulnerability,1,Siemens," Siemens reports that there is a vulnerability in Siemens-branded IP cameras from Vanderbilt Industries. Vanderbilt has released updates to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-322-02,https://www.us-cert.gov/ics/advisories/ICSA-16-322-02,2016-11-17,1900-01-01,Moxa SoftCMS Vulnerabilities,1,Moxa," Zhou Yu working with Trend Micro’s Zero Day Initiative and Gu Ziqiang from Huawei Weiran Labs have identified vulnerabilities in Moxa’s SoftCMS Webserver Application. Moxa has produced an update to mitigate these vulnerabilities. Both researchers have tested the update to validate that it resolves these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-327-01,https://www.us-cert.gov/ics/advisories/ICSA-16-327-01,2016-11-22,1900-01-01,Siemens SIMATIC CP 1543-1 Vulnerabilities,1,Siemens," Siemens has released an advisory to inform its users how to mitigate vulnerabilities that affect SIMATIC CP 1543-1. These vulnerabilities were coordinated directly with Siemens by SOGETI and Agence nationale de la sécurité des systèmes d’information (ANSSI). Siemens has produced a firmware to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-327-02A,https://www.us-cert.gov/ics/advisories/ICSA-16-327-02,2016-11-22,2017-03-21,Siemens SIMATIC CP 343-1/CP 443-1 Modules and SIMATIC S7-300/S7-400 CPUs Vulnerabilities (Update A),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-16-327-02 Siemens SIMATIC CP 343-1CP 443-1 Modules and SIMATIC S7-300S7-400 CPUs Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. Siemens has released an advisory regarding vulnerabilities affecting SIMATIC CP 343-1 Advanced/CP-443-1 Advanced devices and SIMATIC S7-300/S7-400 CPUs. Inverse Path auditors and the Airbus ICT Industrial Security team reported these vulnerabilities directly to Siemens. Siemens has made new firmware versions available for several products and a temporary fix for the remaining affected products to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-334-01,https://www.us-cert.gov/ics/advisories/ICSA-16-334-01,2016-11-29,2016-11-30,Emerson Liebert SiteScan XML External Entity Vulnerability,1,Emerson," Researcher Evgeny Ermakov from Kaspersky Lab has identified an XML External Entity (XXE) vulnerability affecting Emerson’s Liebert SiteScan application. Emerson has produced patches to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-334-02,https://www.us-cert.gov/ics/advisories/ICSA-16-334-02,2016-11-29,1900-01-01,Emerson DeltaV Easy Security Management Application Vulnerability,1,Emerson," Emerson has released a publication to inform its users of a vulnerability that affects DeltaV Easy Security Management. Emerson is terminating support for the DeltaV Easy Security Management application and highly recommends all users uninstall it from all DeltaV and non-DeltaV workstations."
ICSA-16-334-03,https://www.us-cert.gov/ics/advisories/ICSA-16-334-03,2016-11-29,2016-11-30,Emerson DeltaV Wireless I/O Card Open SSH Port Vulnerability,1,Emerson," Emerson has identified an open SSH port vulnerability in the DeltaV Wireless I/O Card. Emerson has produced a firmware patch that disables the SSH port. This vulnerability could be exploited remotely."
ICSA-16-336-01A,https://www.us-cert.gov/ics/advisories/ICSA-16-336-01,2016-12-01,2017-06-15,Siemens SICAM PAS Vulnerabilities (Update A),1,Siemens," This updated advisory is a follow-up to the original advisory titled ICSA-16-336-01 Siemens SICAM PAS Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Siemens has released an advisory to inform its users on how to mitigate vulnerabilities that affect SICAM PAS. Ilya Karpov and Dmitry Sklyarov of Positive Technologies and Sergey Temnikov and Vladimir Dashchenko of Kaspersky Lab coordinated these vulnerabilities directly with Siemens. Siemens has produced an update to mitigate some of these vulnerabilities. Some of these vulnerabilities could be exploited remotely."
ICSA-16-336-02A,https://www.us-cert.gov/ics/advisories/ICSA-16-336-02,2016-12-01,2017-03-21,Moxa NPort Device Vulnerabilities (Update A),1,Moxa," This updated advisory is a follow-up to the original advisory titled ICSA-16-336-02 Moxa NPort Device Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Security researchers Reid Wightman of RevICS Security, Mikael Vingaard, and Maxim Rupp have identified vulnerabilities in Moxa’s NPort serial device servers. Moxa has produced new firmware versions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-336-03,https://www.us-cert.gov/ics/advisories/ICSA-16-336-03,2016-12-01,1900-01-01,Mitsubishi Electric MELSEC-Q Series Ethernet Interface Module Vulnerabilities,1,Mitsubishi Electric Automation," Security researcher Vladimir Dashchenko of Critical Infrastructure Defense Team, Kaspersky Lab has identified vulnerabilities in the Mitsubishi Electric Automation, Inc. (Mitsubishi Electric) MELSEC-Q series Ethernet interface modules. NCCIC/ICS-CERT and JPCERT have coordinated the reported vulnerabilities with Mitsubishi Electric. Mitsubishi Electric has created a product revision for newer devices that incorporates a compensating control to reduce the risk of exploitation for one of the identified vulnerabilities. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSA-16-336-04,https://www.us-cert.gov/ics/advisories/ICSA-16-336-04,2016-12-01,1900-01-01,Advantech SUSIAccess Server Vulnerabilities,1,Advantech," Researcher rgod working with Zero Day Initiative (ZDI) has identified an information disclosure, a directory traversal, and a privilege escalation vulnerability in Advantech’s SUSIAccess Server. Advantech has produced new software to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-336-05B,https://www.us-cert.gov/ics/advisories/ICSA-16-336-05B,2017-01-17,2017-05-18,"GE Proficy HMI/SCADA iFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability (Update B)",1,GE," This updated advisory is a follow-up to the updated advisory titled ICSA-16-336-05A GE Proficy HMI/SCADA IFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability that was published January 24, 2017, on the NCCIC/ICS-CERT web site. GE has reported an insufficiently protected credentials vulnerability in Proficy Human-Machine Interface/Supervisory Control and Data Acquisition (HMI/SCADA) iFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian software. This vulnerability was identified by Ilya Karpov of Positive Technologies. GE has produced new versions to mitigate this vulnerability."
ICSA-16-336-06,https://www.us-cert.gov/ics/advisories/ICSA-16-336-06,2017-01-05,1900-01-01,Rockwell Automation MicroLogix 1100 and 1400 Vulnerabilities,1,Rockwell Automation," This advisory was originally posted to the NCCIC Portal library on December 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Alexey Osipov and Ilya Karpov of Positive Technologies have identified vulnerabilities in Rockwell Automation’s Allen-Bradley MicroLogix 1100 and 1400 programmable logic controller (PLC) systems. Rockwell Automation has produced new firmware versions to mitigate some of the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-341-01,https://www.us-cert.gov/ics/advisories/ICSA-16-341-01,2016-12-06,1900-01-01,Tesla Gateway ECU Vulnerability,0,Tesla," Tencent’s Keen Security Lab has identified a Gateway ECU vulnerability in Tesla Motors Inc.’s (Tesla) Model S automobile. Tesla has produced an over-the-air firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-343-01,https://www.us-cert.gov/ics/advisories/ICSA-16-343-01,2016-12-08,1900-01-01,Moxa MiiNePort Session Hijack Vulnerabilities,1,Moxa," Independent researcher Aditya Sood has identified vulnerabilities in Moxa’s MiiNePort. Moxa has produced new firmware editions to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-343-02,https://www.us-cert.gov/ics/advisories/ICSA-16-343-02,2016-12-08,1900-01-01,Sauter NovaWeb Web HMI Authentication Bypass Vulnerability,1,Sauter," Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in Sauter’s NovaWeb web HMI application. Sauter has not produced a mitigation for this vulnerability. This product was discontinued in 2013 and is no longer supported. This vulnerability could be exploited remotely."
ICSA-16-343-03,https://www.us-cert.gov/ics/advisories/ICSA-16-343-03,2016-12-08,1900-01-01,Adcon Telemetry A850 Telemetry Gateway Base Station Vulnerabilities,1,Adcon Telemetry," Independent researcher Aditya K. Sood has identified a cross-site scripting vulnerability in Adcon Telemetry’s A850 Telemetry Gateway Base Station. Adcon Telemetry has produced a new firmware version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-343-04,https://www.us-cert.gov/ics/advisories/ICSA-16-343-04,2016-12-08,1900-01-01,INTERSCHALT VDR G4e Path Traversal Vulnerability,1,INTERSCHALT," Independent researcher Maxim Rupp has identified a path traversal vulnerability in INTERSCHALT Maritime Systems’s (INTERSCHALT) VDR G4e application. INTERSCHALT has produced a patch to mitigate this vulnerability. Maxim Rupp has tested the patch to validate that it resolves the vulnerability. This vulnerability could be exploited remotely."
ICSA-16-343-05,https://www.us-cert.gov/ics/advisories/ICSA-16-343-05,2017-01-05,2018-09-18,Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability (Update B),1,Rockwell Automation,NULL
ICSA-16-348-01,https://www.us-cert.gov/ics/advisories/ICSA-16-348-01,2016-12-13,1900-01-01,Visonic PowerLink2 Vulnerabilities,1,Visonic," Independent researcher Aditya K. Sood has identified cross-site scripting and source code disclosure vulnerabilities in Visonic’s PowerLink2 module. Visonic has produced an updated version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-348-02,https://www.us-cert.gov/ics/advisories/ICSA-16-348-02,2016-12-13,1900-01-01,Moxa DACenter Vulnerabilities,1,Moxa," Independent researcher Zhou Yu has identified denial-of-service and unquoted service path privilege escalation vulnerabilities in Moxa’s DACenter application. Moxa has produced a patch to mitigate these vulnerabilities. Zhou Yu has tested the patch to validate that it resolves the vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-348-03,https://www.us-cert.gov/ics/advisories/ICSA-16-348-03,2016-12-13,1900-01-01,"Delta Electronics WPLSoft, ISPSoft, and PMSoft Vulnerabilities",1,Delta Electronics," Researchers axt and Ariele Caltabiano each working with Trend Micro's Zero Day Initiative (ZDI) have identified vulnerabilities in Delta Electronics’ WPLSoft, ISPSoft, and PMSoft software applications. Delta Electronics has produced new software versions to mitigate these vulnerabilities."
ICSA-16-348-04,https://www.us-cert.gov/ics/advisories/ICSA-16-348-04,2016-12-13,1900-01-01,Siemens SIMATIC WinCC and SIMATIC PCS 7 ActiveX Vulnerability,1,Siemens," Mingzheng Li from Acorn Network Security Lab has identified an ActiveX vulnerability in Siemens’ SIMATIC WinCC and SIMATIC PCS 7. Siemens has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-348-05D,https://www.us-cert.gov/ics/advisories/ICSA-16-348-05,2016-12-13,2018-01-25,Siemens S7-300/400 PLC Vulnerabilities (Update D),1,Siemens," This updated advisory is a follow-up to the updated advisory titled ICSA-16-348-05C Siemens S7-300/400 PLC Vulnerabilities that was published November 28, 2017, on the NCCIC/ICS-CERT web site. Zhu WenZhe from Beijing Acorn Network Technology has identified password leak and denial-of-service (DoS) vulnerabilities in Siemens’ S7-300 and S7-400 programmable logic controllers (PLCs). Siemens has released Security Advisory SSA-731239 with advice to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-350-01,https://www.us-cert.gov/ics/advisories/ICSA-16-350-01,2016-12-15,1900-01-01,Fatek Automation PLC WinProladder Stack-Based Buffer Overflow Vulnerability,1,Fatek," A researcher working with Trend Micro’s Zero Day Initiative (ZDI) has identified a stack-based buffer overflow vulnerability in Fatek Automation’s PLC WinProladder application. Fatek Automation (Fatek) has not produced an update to mitigate this vulnerability. ZDI has coordinated with NCCIC/ICS-CERT. ZDI will publish the PLC WinProladder vulnerability. This vulnerability could be exploited remotely."
ICSA-16-350-02,https://www.us-cert.gov/ics/advisories/ICSA-16-350-02,2016-12-15,1900-01-01,OmniMetrix OmniView Vulnerabilities,1,OmniMetrix," Bill Voltmer of Elation Technologies LLC has identified vulnerabilities in OmniMetrix’s OmniView web application. OmniMetrix has produced a new software version for its web interface that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-16-355-01,https://www.us-cert.gov/ics/advisories/ICSA-16-355-01,2016-12-20,1900-01-01,Siemens Desigo PX Web Module Insufficient Entropy Vulnerability,1,Siemens," Siemens has released a firmware update to mitigate an insufficient entropy vulnerability that affects Siemens Desigo PX Web modules. Marcella Hastings, Joshua Fried, and Nadia Heninger from the University of Pennsylvania coordinated this vulnerability directly with Siemens. This vulnerability could be exploited remotely."
ICSA-16-357-01,https://www.us-cert.gov/ics/advisories/ICSA-16-357-01,2016-12-22,1900-01-01,Fidelix FX-20 Series Controllers Path Traversal Vulnerability,1,Fidelix," Researcher Semen Rozhkov of Kaspersky Lab has identified a path traversal vulnerability in Fidelix’s FX-20 series controllers. Fidelix has produced a new software version to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-16-357-02,https://www.us-cert.gov/ics/advisories/ICSA-16-357-02,2016-12-22,1900-01-01,WAGO Ethernet Web-based Management Authentication Bypass Vulnerability,1,WAGO," Independent researcher Maxim Rupp has identified an authentication bypass vulnerability in WAGO’s Ethernet Web-based Management products. WAGO has produced firmware and workarounds to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSA-17- 208-02,https://www.us-cert.gov/ics/advisories/ICSA-17-208-02,2017-07-27,1900-01-01,Mirion Technologies Telemetry Enabled Devices,1,Mirion Technologies,NULL
ICSA-17-010-01A,https://www.us-cert.gov/ics/advisories/ICSA-17-010-01A,2017-01-10,2017-07-11,OSIsoft PI Coresight and PI Web API (Update A),1,OSIsoft,NULL
ICSA-17-012-01,https://www.us-cert.gov/ics/advisories/ICSA-17-012-01,2017-01-12,2017-01-19,Advantech WebAccess,1,Advantech,NULL
ICSA-17-012-02,https://www.us-cert.gov/ics/advisories/ICSA-17-012-02,2017-01-12,2017-01-19,VideoInsight Web Client,1,VideoInsight,NULL
ICSA-17-012-03,https://www.us-cert.gov/ics/advisories/ICSA-17-012-03,2017-01-12,2017-01-19,Carlo Gavazzi VMU-C EM and VMU-C PV,1,Carlo Gavazzi,NULL
ICSA-17-017-01,https://www.us-cert.gov/ics/advisories/ICSA-17-017-01,2017-01-17,2017-09-19,PHOENIX CONTACT mGuard,1,PHOENIX CONTACT,NULL
ICSA-17-019-01A,https://www.us-cert.gov/ics/advisories/ICSA-17-019-01A,2017-01-19,2017-04-13,Schneider Electric homeLYnk Controller (Update A),1,Schneider Electric,NULL
ICSA-17-024-01,https://www.us-cert.gov/ics/advisories/ICSA-17-024-01,2017-01-24,1900-01-01,Schneider Electric Wonderware Historian,1,Schneider Electric,NULL
ICSA-17-026-01,https://www.us-cert.gov/ics/advisories/ICSA-17-026-01,2017-01-26,1900-01-01,Eaton ePDU Path Traversal Vulnerability,1,Eaton," Independent researcher Maxim Rupp has identified a path traversal vulnerability in certain legacy Eaton ePDUs. Although the affected products are past end-of-life (EoL) and is no longer supported, Eaton has provided defense-in-depth mitigation instructions to protect devices that are still in use. This vulnerability could be exploited remotely."
ICSA-17-026-02A,https://www.us-cert.gov/ics/advisories/ICSA-17-026-02A,2017-01-26,2017-04-18,Belden Hirschmann GECKO (Update A),1,Belden,NULL
ICSA-17-031-01A,https://www.us-cert.gov/ics/advisories/ICSA-17-031-01A,2017-01-31,2017-02-07,BINOM3 Electric Power Quality Meter (Update A),1,BINOM3,NULL
ICSA-17-031-02,https://www.us-cert.gov/ics/advisories/ICSA-17-031-02,2017-01-31,2017-02-14,Ecava IntegraXor,1,Ecava,NULL
ICSA-17-033-01,https://www.us-cert.gov/ics/advisories/ICSA-17-033-01,2017-02-02,1900-01-01,Honeywell XL Web II Controller Vulnerabilities,1,Honeywell," Independent researcher Maxim Rupp has identified vulnerabilities in Honeywell’s XL Web II controller application. Honeywell has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSA-17-038-01,https://www.us-cert.gov/ics/advisories/ICSA-17-038-01,2017-02-07,1900-01-01,Sielco Sistemi Winlog SCADA Software,1,Sielco Sistemi,NULL
ICSA-17-040-01,https://www.us-cert.gov/ics/advisories/ICSA-17-040-01,2017-02-09,1900-01-01,Hanwha Techwin Smart Security Manager,1,Hanwha Techwin,NULL
ICSA-17-045-01,https://www.us-cert.gov/ics/advisories/ICSA-17-045-01,2017-02-14,1900-01-01,Advantech WebAccess,1,Advantech,NULL
ICSA-17-045-02,https://www.us-cert.gov/ics/advisories/ICSA-17-045-02,2017-02-14,1900-01-01,Geutebrück IP Cameras,1,Geutebrück,NULL
ICSA-17-045-03,https://www.us-cert.gov/ics/advisories/ICSA-17-045-03,2017-02-14,2018-06-12,Siemens SIMATIC Authentication Bypass (Update D),1,Siemens,NULL
ICSA-17-047-01,https://www.us-cert.gov/ics/advisories/ICSA-17-047-01,2017-03-21,1900-01-01,Rockwell Automation Connected Components Workbench,1,Rockwell Automation,NULL
ICSA-17-047-02,https://www.us-cert.gov/ics/advisories/ICSA-17-047-02,2017-03-21,1900-01-01,Rockwell Automation FactoryTalk Activation,1,Rockwell Automation,NULL
ICSA-17-054-01,https://www.us-cert.gov/ics/advisories/ICSA-17-054-01,2017-02-23,1900-01-01,VIPA Controls WinPLC7,1,VIPA Controls,NULL
ICSA-17-054-02,https://www.us-cert.gov/ics/advisories/ICSA-17-054-02,2017-02-23,2017-03-28,"Red Lion Controls Sixnet-Managed Industrial Switches, AutomationDirect STRIDE-Managed Ethernet Switches Vulnerability",1,"Red Lion Controls, AutomationDirect",NULL
ICSA-17-054-03,https://www.us-cert.gov/ics/advisories/ICSA-17-054-03,2017-02-23,2019-01-10,Schneider Electric Modicon M340 PLC (Update A),1,Schneider Electric,NULL
ICSA-17-059-01,https://www.us-cert.gov/ics/advisories/ICSA-17-059-01,2017-02-28,1900-01-01,Siemens RUGGEDCOM NMS,1,Siemens,NULL
ICSA-17-061-01,https://www.us-cert.gov/ics/advisories/ICSA-17-061-01,2017-03-02,2017-03-13,Eaton xComfort Ethernet Communication Interface,1,Eaton,NULL
ICSA-17-061-02,https://www.us-cert.gov/ics/advisories/ICSA-17-061-02,2017-03-02,1900-01-01,Schneider Electric Conext ComBox,1,Schneider Electric,NULL
ICSA-17-061-03,https://www.us-cert.gov/ics/advisories/ICSA-17-061-03,2017-03-02,1900-01-01,Siemens SINUMERIK Integrate and SINUMERIK Operate,1,Siemens,NULL
ICSA-17-066-01,https://www.us-cert.gov/ics/advisories/ICSA-17-066-01,2017-03-07,1900-01-01,Schneider Electric Wonderware Intelligence,1,Schneider Electric,NULL
ICSA-17-068-01,https://www.us-cert.gov/ics/advisories/ICSA-17-068-01,2017-03-09,1900-01-01,Schneider Electric ClearSCADA,1,Schneider Electric,NULL
ICSA-17-073-01,https://www.us-cert.gov/ics/advisories/ICSA-17-073-01,2017-03-14,1900-01-01,Fatek Automation PLC Ethernet Module,1,Fatek,NULL
ICSA-17-075-01,https://www.us-cert.gov/ics/advisories/ICSA-17-075-01,2017-03-16,2019-01-15,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA,1,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME,NULL
ICSA-17-082-01,https://www.us-cert.gov/ics/advisories/ICSA-17-082-01,2017-03-23,2019-01-15,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA,1,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME,NULL
ICSA-17-087-01,https://www.us-cert.gov/ics/advisories/ICSA-17-087-01,2017-03-28,1900-01-01,Siemens RUGGEDCOM ROX I,1,Siemens,NULL
ICSA-17-087-02,https://www.us-cert.gov/ics/advisories/ICSA-17-087-02,2017-03-28,1900-01-01,3S-Smart Software Solutions GmbH CODESYS Web Server,1,3S-Smart Software Solutions,NULL
ICSA-17-089-01,https://www.us-cert.gov/ics/advisories/ICSA-17-089-01,2017-03-30,1900-01-01,Schneider Electric Wonderware InTouch Access Anywhere,1,Schneider Electric,NULL
ICSA-17-089-02,https://www.us-cert.gov/ics/advisories/ICSA-17-089-02,2017-03-30,1900-01-01,Schneider Electric Modicon PLCs,1,Schneider Electric,NULL
ICSA-17-094-01,https://www.us-cert.gov/ics/advisories/ICSA-17-094-01,2017-04-04,1900-01-01,Schneider Electric Interactive Graphical SCADA System Software,1,Schneider Electric,NULL
ICSA-17-094-02B,https://www.us-cert.gov/ics/advisories/ICSA-17-094-02B,2017-04-04,2017-10-12,Marel Food Processing Systems (Update B),1,Marel,NULL
ICSA-17-094-03,https://www.us-cert.gov/ics/advisories/ICSA-17-094-03,2017-04-04,1900-01-01,Rockwell Automation Allen-Bradley Stratix and Allen-Bradley ArmorStratix,1,Rockwell Automation,NULL
ICSA-17-094-04,https://www.us-cert.gov/ics/advisories/ICSA-17-094-04,2017-05-09,2017-05-10,Rockwell Automation Stratix 5900,1,Rockwell Automation,NULL
ICSA-17-094-05,https://www.us-cert.gov/ics/advisories/ICSA-17-094-05,2017-05-04,1900-01-01,Rockwell Automation ControlLogix 5580 and CompactLogix 5380,1,Rockwell Automation,NULL
ICSA-17-096-01A,https://www.us-cert.gov/ics/advisories/ICSA-17-096-01A,2017-04-06,2017-04-27,Certec EDV GmbH atvise scada (Update A),1,Certec EDV GmbH,NULL
ICSA-17-101-01,https://www.us-cert.gov/ics/advisories/ICSA-17-101-01,2017-04-11,1900-01-01,Schneider Electric Modicon Modbus Protocol,1,Schneider Electric,NULL
ICSA-17-103-01,https://www.us-cert.gov/ics/advisories/ICSA-17-103-01,2017-04-13,2018-04-26,Wecon Technologies LEVI Studio HMI Editor,1,WECON,NULL
ICSA-17-103-02A,https://www.us-cert.gov/ics/advisories/ICSA-17-103-02A,2017-04-13,2017-07-20,Schneider Electric Modicon M221 PLCs and SoMachine Basic (Update A),1,Schneider Electric,NULL
ICSA-17-115-01,https://www.us-cert.gov/ics/advisories/ICSA-17-115-01,2017-04-25,1900-01-01,BLF-Tech LLC VisualView HMI,1,BLF-Tech LLC,NULL
ICSA-17-115-02,https://www.us-cert.gov/ics/advisories/ICSA-17-115-02,2017-04-25,1900-01-01,Sierra Wireless AirLink Raven XE and XT,1,Sierra Wireless,NULL
ICSA-17-115-03,https://www.us-cert.gov/ics/advisories/ICSA-17-115-03,2017-04-25,1900-01-01,Hyundai Motor America Blue Link,1,Hyundai Motor America,NULL
ICSA-17-115-04,https://www.us-cert.gov/ics/advisories/ICSA-17-115-04,2017-05-23,1900-01-01,Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400,1,Rockwell Automation,NULL
ICSA-17-117-01B,https://www.us-cert.gov/ics/advisories/ICSA-17-117-01B,2017-04-27,2017-07-25,"GE Multilin SR, UR, and URplus Protective Relays (Update B)",1,GE,NULL
ICSA-17-122-01,https://www.us-cert.gov/ics/advisories/ICSA-17-122-01,2017-05-02,1900-01-01,Schneider Electric Wonderware Historian Client,1,Schneider Electric,NULL
ICSA-17-122-02,https://www.us-cert.gov/ics/advisories/ICSA-17-122-02,2017-05-02,1900-01-01,CyberVision Kaa IoT Platform,1,CyberVision,NULL
ICSA-17-122-03,https://www.us-cert.gov/ics/advisories/ICSA-17-122-03,2017-05-02,1900-01-01,Advantech B+B SmartWorx MESR901,1,Advantech B+B SmartWorx,NULL
ICSA-17-124-01,https://www.us-cert.gov/ics/advisories/ICSA-17-124-01,2017-05-04,1900-01-01,Hikvision Cameras,1,Hikvision,NULL
ICSA-17-124-02,https://www.us-cert.gov/ics/advisories/ICSA-17-124-02,2017-05-04,1900-01-01,"Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras",1,"Dahua Technology Co., Ltd",NULL
ICSA-17-124-03,https://www.us-cert.gov/ics/advisories/ICSA-17-124-03,2017-05-04,1900-01-01,Advantech WebAccess,1,Advantech,NULL
ICSA-17-129-01,https://www.us-cert.gov/ics/advisories/ICSA-17-129-01,2017-05-09,2019-02-14,Siemens devices using the PROFINET Discovery and Configuration Protocol (Update K),1,Siemens,NULL
ICSA-17-129-02,https://www.us-cert.gov/ics/advisories/ICSA-17-129-02,2017-05-09,2019-02-05,Siemens devices using the PROFINET Discovery and Configuration Protocol (Update O),1,Siemens,NULL
ICSA-17-129-03,https://www.us-cert.gov/ics/advisories/ICSA-17-129-03,2017-05-09,1900-01-01,Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional,1,Siemens,NULL
ICSA-17-131-01,https://www.us-cert.gov/ics/advisories/ICSA-17-131-01,2017-05-11,2017-09-19,PHOENIX CONTACT mGuard,1,PHOENIX CONTACT,NULL
ICSA-17-131-02,https://www.us-cert.gov/ics/advisories/ICSA-17-131-02,2017-05-11,1900-01-01,Satel Iberia SenNet Data Logger and Electricity Meters,1,Satel Iberia,NULL
ICSA-17-136-01,https://www.us-cert.gov/ics/advisories/ICSA-17-136-01,2017-05-16,1900-01-01,Detcon SiteWatch Gateway,1,Detcon,NULL
ICSA-17-136-02,https://www.us-cert.gov/ics/advisories/ICSA-17-136-02,2017-05-16,1900-01-01,Schneider Electric SoMachine HVAC,1,Schneider Electric,NULL
ICSA-17-136-03,https://www.us-cert.gov/ics/advisories/ICSA-17-136-03,2017-05-16,1900-01-01,Hanwha Techwin SRN-4000,1,Hanwha Techwin,NULL
ICSA-17-136-04,https://www.us-cert.gov/ics/advisories/ICSA-17-136-04,2017-05-16,1900-01-01,Schneider Electric VAMPSET,1,Schneider Electric,NULL
ICSA-17-138-01,https://www.us-cert.gov/ics/advisories/ICSA-17-138-01,2017-05-18,1900-01-01,Miele Professional PG 85 Series,1,Miele Professional,NULL
ICSA-17-138-02,https://www.us-cert.gov/ics/advisories/ICSA-17-138-02,2017-05-18,1900-01-01,Schneider Electric Wonderware InduSoft Web Studio,1,Schneider Electric,NULL
ICSA-17-138-03,https://www.us-cert.gov/ics/advisories/ICSA-17-138-03,2017-07-18,1900-01-01,Rockwell Automation MicroLogix 1100 Controllers,1,Rockwell Automation,NULL
ICSA-17-143-01,https://www.us-cert.gov/ics/advisories/ICSA-17-143-01,2017-05-23,1900-01-01,Moxa OnCell,1,Moxa,NULL
ICSA-17-150-01,https://www.us-cert.gov/ics/advisories/ICSA-17-150-01,2017-08-31,1900-01-01,"Automated Logic Corporation ALC WebCTRL, Liebert SiteScan, Carrier i-VU",0,Automated Logic Corporation,NULL
ICSA-17-152-01,https://www.us-cert.gov/ics/advisories/ICSA-17-152-01,2017-06-01,1900-01-01,Phoenix Broadband Technologies LLC PowerAgent SC3 Site Controller,1,Phoenix Broadband Technologies LLC,NULL
ICSA-17-152-02,https://www.us-cert.gov/ics/advisories/ICSA-17-152-02,2017-07-25,1900-01-01,NXP i.MX Product Family,1,NXP,NULL
ICSA-17-157-01,https://www.us-cert.gov/ics/advisories/ICSA-17-157-01,2017-06-06,1900-01-01,Rockwell Automation PanelView Plus 6 700-1500,1,Rockwell Automation,NULL
ICSA-17-157-02,https://www.us-cert.gov/ics/advisories/ICSA-17-157-02,2017-06-06,2017-06-13,Digital Canal Structural Wind Analysis,1,Digital Canal Structural,NULL
ICSA-17-164-01,https://www.us-cert.gov/ics/advisories/ICSA-17-164-01,2017-06-13,2017-10-31,Trihedral Engineering Limited VTScada,1,Trihedral Engineering Limited,NULL
ICSA-17-164-02,https://www.us-cert.gov/ics/advisories/ICSA-17-164-02,2017-06-13,1900-01-01,OSIsoft PI Server 2017,1,OSIsoft,NULL
ICSA-17-164-03,https://www.us-cert.gov/ics/advisories/ICSA-17-164-03,2017-06-13,1900-01-01,OSIsoft PI Web API 2017,1,OSIsoft,NULL
ICSA-17-166-01,https://www.us-cert.gov/ics/advisories/ICSA-17-166-01,2017-06-14,2017-06-15,Cambium Networks ePMP,1,Cambium Networks,NULL
ICSA-17-171-01,https://www.us-cert.gov/ics/advisories/ICSA-17-171-01,2017-06-20,1900-01-01,Ecava IntegraXor,1,Ecava,NULL
ICSA-17-173-01,https://www.us-cert.gov/ics/advisories/ICSA-17-173-01,2017-06-22,1900-01-01,Siemens SIMATIC CP 44x-1 Redundant Network Access Modules,1,Siemens,NULL
ICSA-17-173-02,https://www.us-cert.gov/ics/advisories/ICSA-17-173-02,2017-06-22,1900-01-01,Siemens XHQ,1,Siemens,NULL
ICSA-17-178-01,https://www.us-cert.gov/ics/advisories/ICSA-17-178-01,2017-06-27,1900-01-01,"Newport XPS-Cx, XPS-Qx",1,Newport,NULL
ICSA-17-180-01A,https://www.us-cert.gov/ics/advisories/ICSA-17-180-01A,2017-06-29,2017-07-11,"Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320 (Update A)",1,Siemens,NULL
ICSA-17-180-02,https://www.us-cert.gov/ics/advisories/ICSA-17-180-02,2017-06-29,2019-01-08,Schneider Electric U.motion Builder (Update A),1,Schneider Electric,NULL
ICSA-17-180-03,https://www.us-cert.gov/ics/advisories/ICSA-17-180-03,2017-06-29,1900-01-01,Siemens Viewport for Web Office Portal,1,Siemens,NULL
ICSA-17-187-01,https://www.us-cert.gov/ics/advisories/ICSA-17-187-01,2017-07-06,1900-01-01,Siemens OZW672 and OZW772,1,Siemens,NULL
ICSA-17-187-02,https://www.us-cert.gov/ics/advisories/ICSA-17-187-02,2017-07-06,1900-01-01,Siemens Reyrolle,1,Siemens,NULL
ICSA-17-187-03F,https://www.us-cert.gov/ics/advisories/ICSA-17-187-03F,2017-07-06,2018-03-20,Siemens SIPROTEC 4 and SIPROTEC Compact (Update F),1,Siemens,NULL
ICSA-17-187-04,https://www.us-cert.gov/ics/advisories/ICSA-17-187-04,2017-07-06,1900-01-01,Schneider Electric Wonderware ArchestrA Logger,1,Schneider Electric,NULL
ICSA-17-187-05,https://www.us-cert.gov/ics/advisories/ICSA-17-187-05,2017-07-06,1900-01-01,Schneider Electric Ampla MES,1,Schneider Electric,NULL
ICSA-17-192-01,https://www.us-cert.gov/ics/advisories/ICSA-17-192-01,2017-07-11,1900-01-01,Siemens SIMATIC Logon,1,Siemens,NULL
ICSA-17-192-02,https://www.us-cert.gov/ics/advisories/ICSA-17-192-02,2017-07-11,1900-01-01,Fuji Electric V-Server,1,Fuji Electric,NULL
ICSA-17-192-03,https://www.us-cert.gov/ics/advisories/ICSA-17-192-03,2017-07-11,2017-07-18,ABB VSN300 WiFi Logger Card,1,ABB,NULL
ICSA-17-192-04,https://www.us-cert.gov/ics/advisories/ICSA-17-192-04,2017-07-11,1900-01-01,OSIsoft PI Coresight,1,OSIsoft,NULL
ICSA-17-192-05,https://www.us-cert.gov/ics/advisories/ICSA-17-192-05,2017-07-11,1900-01-01,OSIsoft PI ProcessBook and PI ActiveView,1,OSIsoft,NULL
ICSA-17-192-06,https://www.us-cert.gov/ics/advisories/ICSA-17-192-06,2017-07-11,2018-03-14,"Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622",1,Schweitzer Engineering Laboratories,NULL
ICSA-17-194-01,https://www.us-cert.gov/ics/advisories/ICSA-17-194-01,2017-07-13,1900-01-01,Siemens SiPass integrated,1,Siemens,NULL
ICSA-17-194-03,https://www.us-cert.gov/ics/advisories/ICSA-17-194-03,2017-07-13,1900-01-01,Siemens SIMATIC Sm@rtClient Android App,1,Siemens,NULL
ICSA-17-201-01,https://www.us-cert.gov/ics/advisories/ICSA-17-201-01,2017-07-20,1900-01-01,Schneider Electric PowerSCADA Anywhere and Citect Anywhere,1,Schneider Electric,NULL
ICSA-17-208-01,https://www.us-cert.gov/ics/advisories/ICSA-17-208-01,2017-07-27,1900-01-01,Continental AG Infineon S-Gold 2 (PMB 8876),1,Continental AG,NULL
ICSA-17-208-03,https://www.us-cert.gov/ics/advisories/ICSA-17-208-03,2017-07-27,1900-01-01,"PDQ Manufacturing, Inc. LaserWash, Laser Jet and ProTouch",0,"PDQ Manufacturing, Inc.",NULL
ICSA-17-208-04,https://www.us-cert.gov/ics/advisories/ICSA-17-208-04,2017-08-24,2017-08-28,Rockwell Automation Allen-Bradley Stratix and ArmorStratix,1,Rockwell Automation,NULL
ICSA-17-213-01,https://www.us-cert.gov/ics/advisories/ICSA-17-213-01,2017-08-01,1900-01-01,Mitsubishi Electric Europe B.V. E-Designer,1,Mitsubishi Electric Europe B.V.,NULL
ICSA-17-213-02,https://www.us-cert.gov/ics/advisories/ICSA-17-213-02,2017-08-01,1900-01-01,Schneider Electric Trio TView,1,Schneider Electric,NULL
ICSA-17-215-01,https://www.us-cert.gov/ics/advisories/ICSA-17-215-01,2017-08-03,1900-01-01,Schneider Electric Pro-face GP-Pro EX,1,Schneider Electric,NULL
ICSA-17-220-01,https://www.us-cert.gov/ics/advisories/ICSA-17-220-01,2017-08-08,1900-01-01,OSIsoft PI Integrator,1,OSIsoft,NULL
ICSA-17-220-02,https://www.us-cert.gov/ics/advisories/ICSA-17-220-02,2017-08-08,1900-01-01,Moxa SoftNVR-IA Live Viewer,1,Moxa,NULL
ICSA-17-222-01,https://www.us-cert.gov/ics/advisories/ICSA-17-222-01,2017-08-10,1900-01-01,SIMPlight SCADA Software,1,SIMPlight,NULL
ICSA-17-222-02,https://www.us-cert.gov/ics/advisories/ICSA-17-222-02,2017-08-10,1900-01-01,Solar Controls Heating Control Downloader (HCDownloader),1,Solar Controls,NULL
ICSA-17-222-03,https://www.us-cert.gov/ics/advisories/ICSA-17-222-03,2017-08-10,1900-01-01,Solar Controls WATTConfig M Software,1,Solar Controls,NULL
ICSA-17-222-04,https://www.us-cert.gov/ics/advisories/ICSA-17-222-04,2017-08-10,1900-01-01,Fuji Electric Monitouch V-SFT,1,Fuji Electric,NULL
ICSA-17-222-05,https://www.us-cert.gov/ics/advisories/ICSA-17-222-05,2017-08-10,1900-01-01,ABB SREA-01 and SREA-50,1,ABB,NULL
ICSA-17-227-01,https://www.us-cert.gov/ics/advisories/ICSA-17-227-01,2017-08-15,1900-01-01,Advantech WebOP,1,Advantech,NULL
ICSA-17-234-01,https://www.us-cert.gov/ics/advisories/ICSA-17-234-01,2017-08-22,1900-01-01,"Automated Logic Corporation WebCTRL, i-VU, SiteScan",0,Automated Logic Corporation,NULL
ICSA-17-234-02,https://www.us-cert.gov/ics/advisories/ICSA-17-234-02,2017-08-22,1900-01-01,SpiderControl SCADA MicroBrowser,1,SpiderControl,NULL
ICSA-17-234-03,https://www.us-cert.gov/ics/advisories/ICSA-17-234-03,2017-08-22,1900-01-01,SpiderControl SCADA Web Server,1,SpiderControl,NULL
ICSA-17-234-04,https://www.us-cert.gov/ics/advisories/ICSA-17-234-04,2018-01-09,2018-04-03,General Motors and Shanghai OnStar (SOS) iOS Client,1,"General Motors, Shanghai OnStar",NULL
ICSA-17-234-05,https://www.us-cert.gov/ics/advisories/ICSA-17-234-05,2017-09-21,1900-01-01,Saia Burgess Controls PCD Controllers,1,Saia Burgess Controls,NULL
ICSA-17-236-01,https://www.us-cert.gov/ics/advisories/ICSA-17-236-01,2017-08-24,2017-08-28,"Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455",1,Westermo,NULL
ICSA-17-241-01,https://www.us-cert.gov/ics/advisories/ICSA-17-241-01,2017-08-29,1900-01-01,AzeoTech DAQFactory,1,AzeoTech,NULL
ICSA-17-241-02,https://www.us-cert.gov/ics/advisories/ICSA-17-241-02,2017-08-29,1900-01-01,Advantech WebAccess,1,Advantech,NULL
ICSA-17-243-01,https://www.us-cert.gov/ics/advisories/ICSA-17-243-01-0,2017-10-03,2019-02-05,Siemens Discovery Service of OPC UA Protocol (Update C),1,Siemens,NULL
ICSA-17-243-02,https://www.us-cert.gov/ics/advisories/ICSA-17-243-02,2017-08-31,1900-01-01,Siemens LOGO!,1,Siemens,NULL
ICSA-17-243-03,https://www.us-cert.gov/ics/advisories/ICSA-17-243-03,2017-08-31,2017-09-11,Siemens 7KM PAC Switched Ethernet,1,Siemens,NULL
ICSA-17-243-04,https://www.us-cert.gov/ics/advisories/ICSA-17-243-04,2017-08-31,1900-01-01,OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite,1,OPW Fuel Management Systems,NULL
ICSA-17-243-05,https://www.us-cert.gov/ics/advisories/ICSA-17-243-05,2017-08-31,2017-09-05,Moxa SoftCMS Live Viewer,1,Moxa,NULL
ICSA-17-250-01,https://www.us-cert.gov/ics/advisories/ICSA-17-250-01,2017-09-07,1900-01-01,SpiderControl SCADA Web Server,1,SpiderControl,NULL
ICSA-17-250-02,https://www.us-cert.gov/ics/advisories/ICSA-17-250-02,2017-09-07,1900-01-01,"PHOENIX CONTACT, Innominate Security Technologies mGuard Firmware",0,"PHOENIX CONTACT, Innominate Security Technologies",NULL
ICSA-17-255-01,https://www.us-cert.gov/ics/advisories/ICSA-17-255-01,2017-09-12,1900-01-01,mySCADA myPRO,1,mySCADA,NULL
ICSA-17-257-01,https://www.us-cert.gov/ics/advisories/ICSA-17-257-01,2017-09-14,1900-01-01,LOYTEC LVIS-3ME,1,LOYTEC,NULL
ICSA-17-262-01,https://www.us-cert.gov/ics/advisories/ICSA-17-262-01,2017-09-19,1900-01-01,PHOENIX CONTACT mGuard Device Manager,1,PHOENIX CONTACT,NULL
ICSA-17-264-01,https://www.us-cert.gov/ics/advisories/ICSA-17-264-01,2017-09-21,1900-01-01,"Schneider Electric InduSoft Web Studio, InTouch Machine Edition",1,Schneider Electric,NULL
ICSA-17-264-02,https://www.us-cert.gov/ics/advisories/ICSA-17-264-02,2017-09-21,1900-01-01,"Ctek, Inc. SkyRouter",1,"Ctek, Inc.",NULL
ICSA-17-264-03,https://www.us-cert.gov/ics/advisories/ICSA-17-264-03,2017-09-21,1900-01-01,Digium Asterisk GUI,1,Digium,NULL
ICSA-17-264-04,https://www.us-cert.gov/ics/advisories/ICSA-17-264-04,2017-09-21,1900-01-01,iniNet Solutions GmbH SCADA Webserver,1,iniNet Solutions GmbH,NULL
ICSA-17-271-01B,https://www.us-cert.gov/ics/advisories/ICSA-17-271-01B,2017-09-28,2018-02-27,"Siemens Ruggedcom ROS, SCALANCE (Update B)",1,Siemens,NULL
ICSA-17-278-01A,https://www.us-cert.gov/ics/advisories/ICSA-17-278-01A,2017-10-05,2017-10-10,GE CIMPLICITY (Update A),1,GE,NULL
ICSA-17-278-02,https://www.us-cert.gov/ics/advisories/ICSA-17-278-02,2017-10-05,1900-01-01,Siemens 7KT PAC1200 Data Manager,1,Siemens,NULL
ICSA-17-283-01,https://www.us-cert.gov/ics/advisories/ICSA-17-283-01,2017-10-10,1900-01-01,LAVA Computer MFG Inc. Ether-Serial Link,1,LAVA Computer MFG Inc.,NULL
ICSA-17-283-02,https://www.us-cert.gov/ics/advisories/ICSA-17-283-02,2017-10-10,2017-10-12,JanTek JTC-200,1,JanTek,NULL
ICSA-17-285-01,https://www.us-cert.gov/ics/advisories/ICSA-17-285-01,2017-10-12,1900-01-01,ProMinent MultiFLEX M10a Controller,1,ProMinent,NULL
ICSA-17-285-02,https://www.us-cert.gov/ics/advisories/ICSA-17-285-02,2017-10-12,1900-01-01,"WECON Technology Co., Ltd. LeviStudio HMI Editor",1,WECON,NULL
ICSA-17-285-03,https://www.us-cert.gov/ics/advisories/ICSA-17-285-03,2017-10-12,1900-01-01,Envitech Ltd. EnviDAS Ultimate,1,Envitech Ltd.,NULL
ICSA-17-285-04A,https://www.us-cert.gov/ics/advisories/ICSA-17-285-04A,2017-10-12,2018-02-01,NXP Semiconductors MQX RTOS (Update A),1,NXP Semiconductors,NULL
ICSA-17-285-05,https://www.us-cert.gov/ics/advisories/ICSA-17-285-05,2017-10-12,1900-01-01,Siemens BACnet Field Panels,1,Siemens,NULL
ICSA-17-290-01,https://www.us-cert.gov/ics/advisories/ICSA-17-290-01,2017-10-17,1900-01-01,Progea Movicon SCADA/HMI,1,Progea,NULL
ICSA-17-292-01,https://www.us-cert.gov/ics/advisories/ICSA-17-292-01,2017-10-19,1900-01-01,SpiderControl MicroBrowser,1,SpiderControl,NULL
ICSA-17-299-01,https://www.us-cert.gov/ics/advisories/ICSA-17-299-01,2017-10-26,1900-01-01,Korenix JetNet,1,Korenix,NULL
ICSA-17-299-02,https://www.us-cert.gov/ics/advisories/ICSA-17-299-02,2017-10-26,2018-11-01,Rockwell Automation Stratix 5100 (Update A),1,Rockwell Automation,NULL
ICSA-17-304-01,https://www.us-cert.gov/ics/advisories/ICSA-17-304-01,2017-10-31,1900-01-01,ABB FOX515T,1,ABB,NULL
ICSA-17-304-02,https://www.us-cert.gov/ics/advisories/ICSA-17-304-02,2017-10-31,1900-01-01,Trihedral Engineering Limited VTScada,1,Trihedral Engineering Limited,NULL
ICSA-17-306-01,https://www.us-cert.gov/ics/advisories/ICSA-17-306-01,2017-11-02,2018-06-12,Siemens SIMATIC PCS 7 (Update A),1,Siemens,NULL
ICSA-17-306-02,https://www.us-cert.gov/ics/advisories/ICSA-17-306-02,2017-11-02,1900-01-01,Advantech WebAccess,1,Advantech,NULL
ICSA-17-313-01,https://www.us-cert.gov/ics/advisories/ICSA-17-313-01,2017-11-09,2018-07-24,"AutomationDirect CLICK, C-More, C-More Micro, Do-more Designer, GS Drives, SL-Soft SOLO, DirectSOFT (Update B)",1,AutomationDirect,NULL
ICSA-17-313-02,https://www.us-cert.gov/ics/advisories/ICSA-17-313-02,2017-11-09,1900-01-01,Schneider Electric InduSoft Web Studio and InTouch Machine Edition,1,Schneider Electric,NULL
ICSA-17-318-01,https://www.us-cert.gov/ics/advisories/ICSA-17-318-01,2017-11-14,2019-04-09,"Siemens SCALANCE, SIMATIC, RUGGEDCOM, and SINAMICS Products (Update F)",1,Siemens,NULL
ICSA-17-318-02A,https://www.us-cert.gov/ics/advisories/ICSA-17-318-02A,2017-11-14,2018-02-15,ABB TropOS (Update A),1,ABB,NULL
ICSA-17-320-01,https://www.us-cert.gov/ics/advisories/ICSA-17-320-01,2017-11-16,1900-01-01,"Moxa NPort 5110, 5130, and 5150",1,Moxa,NULL
ICSA-17-320-02,https://www.us-cert.gov/ics/advisories/ICSA-17-320-02,2017-11-16,1900-01-01,Siemens SICAM,1,Siemens,NULL
ICSA-17-325-01,https://www.us-cert.gov/ics/advisories/ICSA-17-325-01,2017-11-21,1900-01-01,PHOENIX CONTACT WLAN Capable Devices using the WPA2 Protocol,1,PHOENIX CONTACT,NULL
ICSA-17-332-01,https://www.us-cert.gov/ics/advisories/ICSA-17-332-01,2017-11-28,2018-05-10,"Siemens SCALANCE W1750D, M800, and S615 (Update B)",1,Siemens,NULL
ICSA-17-334-01,https://www.us-cert.gov/ics/advisories/ICSA-17-334-01,2017-11-30,1900-01-01,Siemens SWT3000,1,Siemens,NULL
ICSA-17-334-02,https://www.us-cert.gov/ics/advisories/ICSA-17-334-02,2017-11-30,2018-10-25,GEOVAP Reliance SCADA,1,GEOVAP,NULL
ICSA-17-339-01,https://www.us-cert.gov/ics/advisories/ICSA-17-339-01,2017-12-05,2019-03-12,Siemens Industrial Products (Update M),1,Siemens,NULL
ICSA-17-341-01,https://www.us-cert.gov/ics/advisories/ICSA-17-341-01,2017-12-07,1900-01-01,Xiongmai Technology IP Cameras and DVRs,1,Xiongmai,NULL
ICSA-17-341-02,https://www.us-cert.gov/ics/advisories/ICSA-17-341-02,2017-12-07,1900-01-01,Rockwell Automation FactoryTalk Alarms and Events,1,Rockwell Automation,NULL
ICSA-17-341-03,https://www.us-cert.gov/ics/advisories/ICSA-17-341-03,2017-12-07,1900-01-01,"PHOENIX CONTACT FL COMSERVER, FL COM SERVER, and PSI-MODEM/ETH",1,PHOENIX CONTACT,NULL
ICSA-17-353-01,https://www.us-cert.gov/ics/advisories/ICSA-17-353-01,2017-12-19,1900-01-01,ABB Ellipse,1,ABB,NULL
ICSA-17-353-02,https://www.us-cert.gov/ics/advisories/ICSA-17-353-02,2017-12-19,1900-01-01,PEPPERL+FUCHS/ecom instruments WLAN Capable Devices using the WPA2 Protocol,1,"PEPPERL+FUCHS, ecom instrument",NULL
ICSA-17-353-03,https://www.us-cert.gov/ics/advisories/ICSA-17-353-03,2017-12-19,1900-01-01,Ecava IntegraXor,1,Ecava,NULL
ICSA-17-353-04,https://www.us-cert.gov/ics/advisories/ICSA-17-353-04,2017-12-19,1900-01-01,Siemens LOGO! Soft Comfort,1,Siemens,NULL
ICSA-17-353-05,https://www.us-cert.gov/ics/advisories/ICSA-17-353-05,2017-12-19,2018-02-20,"WECON Technology Co., Ltd. LeviStudio HMI Editor",1,WECON,NULL
ICSA-17-355-01,https://www.us-cert.gov/ics/advisories/ICSA-17-355-01,2017-12-21,1900-01-01,Moxa NPort W2150A and W2250A,1,Moxa,NULL
ICSA-17-355-02,https://www.us-cert.gov/ics/advisories/ICSA-17-355-02,2017-12-21,1900-01-01,Schneider Electric Pelco VideoXpert Enterprise,1,Schneider Electric,NULL
ICSA-18-004-01,https://www.us-cert.gov/ics/advisories/ICSA-18-004-01,2018-01-04,2018-01-05,Delta Electronics Delta Industrial Automation Screen Editor,1,Delta Electronics,NULL
ICSA-18-004-02A,https://www.us-cert.gov/ics/advisories/ICSA-18-004-02A,2018-01-04,2018-01-11,Advantech WebAccess (Update A),1,Advantech,NULL
ICSA-18-009-01,https://www.us-cert.gov/ics/advisories/ICSA-18-009-01,2018-01-09,1900-01-01,Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers,1,Rockwell Automation,NULL
ICSA-18-011-01,https://www.us-cert.gov/ics/advisories/ICSA-18-011-01,2018-01-11,2018-01-18,"WECON Technology Co., Ltd. LeviStudio HMI Editor",1,WECON,NULL
ICSA-18-011-02,https://www.us-cert.gov/ics/advisories/ICSA-18-011-02,2018-01-11,1900-01-01,Moxa MXview,1,Moxa,NULL
ICSA-18-011-03,https://www.us-cert.gov/ics/advisories/ICSA-18-011-03,2018-01-11,1900-01-01,PHOENIX CONTACT FL SWITCH,1,PHOENIX CONTACT,NULL
ICSA-18-018-01A,https://www.us-cert.gov/ics/advisories/ICSA-18-018-01A,2018-01-18,2018-02-27,Siemens SIMATIC WinCC Add-On (Update A),1,Siemens,NULL
ICSA-18-023-01,https://www.us-cert.gov/ics/advisories/ICSA-18-023-01,2018-01-23,1900-01-01,Advantech WebAccess/SCADA,1,Advantech,NULL
ICSA-18-023-02,https://www.us-cert.gov/ics/advisories/ICSA-18-023-02,2018-01-23,2019-02-12,Siemens Industrial Products (Update A),1,Siemens,NULL
ICSA-18-025-01,https://www.us-cert.gov/ics/advisories/ICSA-18-025-01,2018-01-25,2018-05-03,Nari PCS-9611 (Update A),1,Nari,NULL
ICSA-18-025-02B,https://www.us-cert.gov/ics/advisories/ICSA-18-025-02B,2018-01-25,2019-03-12,Siemens Desigo PXC (Update C),1,Siemens,NULL
ICSA-18-030-01,https://www.us-cert.gov/ics/advisories/ICSA-18-030-01,2018-01-30,1900-01-01,PHOENIX CONTACT mGuard,1,PHOENIX CONTACT,NULL
ICSA-18-030-02,https://www.us-cert.gov/ics/advisories/ICSA-18-030-02,2018-01-30,1900-01-01,Siemens TeleControl Server Basic,1,Siemens,NULL
ICSA-18-032-01,https://www.us-cert.gov/ics/advisories/ICSA-18-032-01,2018-02-01,1900-01-01,Fuji Electric V-Server VPR,1,Fuji Electric,NULL
ICSA-18-032-02,https://www.us-cert.gov/ics/advisories/ICSA-18-032-02,2018-02-01,1900-01-01,3S-Smart Software Solutions GmbH CODESYS Web Server,1,3S-Smart Software Solutions,NULL
ICSA-18-032-03,https://www.us-cert.gov/ics/advisories/ICSA-18-032-03,2018-02-01,2018-02-08,Gemalto Sentinel License Manager,1,Gemalto,NULL
ICSA-18-044-01,https://www.us-cert.gov/ics/advisories/ICSA-18-044-01,2018-02-13,2018-02-15,WAGO PFC200 Series,1,WAGO,NULL
ICSA-18-044-02,https://www.us-cert.gov/ics/advisories/ICSA-18-044-02,2018-02-13,1900-01-01,Schneider Electric IGSS SCADA Software,1,Schneider Electric,NULL
ICSA-18-046-01,https://www.us-cert.gov/ics/advisories/ICSA-18-046-01,2018-02-15,2018-02-19,Nortek Linear eMerge E3 Series,1,Nortek,NULL
ICSA-18-046-02,https://www.us-cert.gov/ics/advisories/ICSA-18-046-02,2018-02-15,1900-01-01,GE D60 Line Distance Relay,1,GE,NULL
ICSA-18-046-03,https://www.us-cert.gov/ics/advisories/ICSA-18-046-03,2018-02-15,1900-01-01,Schneider Electric IGSS Mobile,1,Schneider Electric,NULL
ICSA-18-046-04,https://www.us-cert.gov/ics/advisories/ICSA-18-046-04,2018-02-15,1900-01-01,Schneider Electric StruxureOn Gateway,1,Schneider Electric,NULL
ICSA-18-051-01,https://www.us-cert.gov/ics/advisories/ICSA-18-051-01,2018-02-20,2018-02-22,ABB netCADOPS Web Application,1,ABB,NULL
ICSA-18-058-01A,https://www.us-cert.gov/ics/advisories/ICSA-18-058-01A,2018-02-27,2018-03-20,Siemens SIMATIC Industrial PCs (Update A),1,Siemens,NULL
ICSA-18-058-02,https://www.us-cert.gov/ics/advisories/ICSA-18-058-02,2018-02-27,1900-01-01,Delta Electronics WPLSoft,1,Delta Electronics,NULL
ICSA-18-058-03,https://www.us-cert.gov/ics/advisories/ICSA-18-058-03,2018-02-27,2018-08-22,Emerson ControlWave Micro Process Automation Controller,1,Emerson,NULL
ICSA-18-060-01,https://www.us-cert.gov/ics/advisories/ICSA-18-060-01,2018-03-01,2018-04-19,"Siemens SIMATIC, SIMOTION, and SINUMERIK (Update A)",1,Siemens,NULL
ICSA-18-060-02,https://www.us-cert.gov/ics/advisories/ICSA-18-060-02,2018-03-01,1900-01-01,Moxa OnCell G3100-HSPA Series,1,Moxa,NULL
ICSA-18-060-03,https://www.us-cert.gov/ics/advisories/ICSA-18-060-03,2018-03-01,1900-01-01,Delta Electronics Delta Industrial Automation DOPSoft,1,Delta Electronics,NULL
ICSA-18-065-01,https://www.us-cert.gov/ics/advisories/ICSA-18-065-01,2018-03-06,1900-01-01,Hirschmann Automation and Control GmbH Classic Platform Switches,1,"Hirschmann, Belden",NULL
ICSA-18-065-02,https://www.us-cert.gov/ics/advisories/ICSA-18-065-02,2018-03-06,1900-01-01,Schneider Electric SoMove Software and DTM Software Components,1,Schneider Electric,NULL
ICSA-18-065-03,https://www.us-cert.gov/ics/advisories/ICSA-18-065-03,2018-03-06,1900-01-01,Eaton ELCSoft,1,Eaton,NULL
ICSA-18-067-01,https://www.us-cert.gov/ics/advisories/ICSA-18-067-01,2018-03-08,2019-03-13,"Siemens SIPROTEC 4, SIPROTEC Compact, DIGSI 4, and EN100 Ethernet Module (Update C)",1,Siemens,NULL
ICSA-18-067-02,https://www.us-cert.gov/ics/advisories/ICSA-18-067-02,2018-03-08,2019-02-12,"Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension (Update B)",1,Siemens,NULL
ICSA-18-072-01,https://www.us-cert.gov/ics/advisories/ICSA-18-072-01,2018-03-13,2018-12-20,Omron CX-Supervisor (Update A),1,Omron,NULL
ICSA-18-072-02,https://www.us-cert.gov/ics/advisories/ICSA-18-072-02,2018-03-13,1900-01-01,OSIsoft PI Data Archive,1,OSIsoft,NULL
ICSA-18-072-03,https://www.us-cert.gov/ics/advisories/ICSA-18-072-03,2018-03-13,1900-01-01,OSIsoft PI Vision,1,OSIsoft,NULL
ICSA-18-072-04,https://www.us-cert.gov/ics/advisories/ICSA-18-072-04,2018-03-13,1900-01-01,OSIsoft PI Web API,1,OSIsoft,NULL
ICSA-18-079-01,https://www.us-cert.gov/ics/advisories/ICSA-18-079-01,2018-03-20,1900-01-01,Geutebruck IP Cameras,1,Geutebrück,NULL
ICSA-18-079-02,https://www.us-cert.gov/ics/advisories/ICSA-18-079-02,2018-03-20,2019-05-14,"Siemens SIMATIC, SINUMERIK, and PROFINET IO (Update C)",1,Siemens,NULL
ICSA-18-081-01,https://www.us-cert.gov/ics/advisories/ICSA-18-081-01,2018-03-22,1900-01-01,Siemens SIMATIC WinCC OA UI Mobile App,1,Siemens,NULL
ICSA-18-081-02,https://www.us-cert.gov/ics/advisories/ICSA-18-081-02,2018-03-22,1900-01-01,Beckhoff TwinCAT,1,Beckhoff,NULL
ICSA-18-086-01,https://www.us-cert.gov/ics/advisories/ICSA-18-086-01,2018-03-27,1900-01-01,"Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200",1,Schneider Electric,NULL
ICSA-18-088-01,https://www.us-cert.gov/ics/advisories/ICSA-18-088-01,2018-03-29,1900-01-01,WAGO 750 Series,1,WAGO,NULL
ICSA-18-088-02,https://www.us-cert.gov/ics/advisories/ICSA-18-088-02,2018-03-29,1900-01-01,Siemens TIM 1531 IRC,1,Siemens,NULL
ICSA-18-088-03,https://www.us-cert.gov/ics/advisories/ICSA-18-088-03,2018-03-29,2019-03-12,"Siemens SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional, and SIMATIC NET PC Software (Update G)",1,Siemens,NULL
ICSA-18-093-01,https://www.us-cert.gov/ics/advisories/ICSA-18-093-01,2018-04-03,2018-04-05,Siemens Building Technologies Products (Update A),1,Siemens,NULL
ICSA-18-095-01,https://www.us-cert.gov/ics/advisories/ICSA-18-095-01,2018-04-05,2018-09-17,Rockwell Automation MicroLogix,1,Rockwell Automation,NULL
ICSA-18-095-02,https://www.us-cert.gov/ics/advisories/ICSA-18-095-02,2018-04-05,1900-01-01,Moxa MXview,1,Moxa,NULL
ICSA-18-095-03,https://www.us-cert.gov/ics/advisories/ICSA-18-095-03,2018-04-05,2019-01-15,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA,1,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME,NULL
ICSA-18-100-01,https://www.us-cert.gov/ics/advisories/ICSA-18-100-01,2018-04-10,1900-01-01,ATI Systems Emergency Mass Notification Systems,0,ATI Systems,NULL
ICSA-18-100-02,https://www.us-cert.gov/ics/advisories/ICSA-18-100-02,2018-04-10,1900-01-01,Omron CX-One,1,Omron,NULL
ICSA-18-102-01,https://www.us-cert.gov/ics/advisories/ICSA-18-102-01,2018-04-12,2018-04-13,Yokogawa CENTUM and Exaopc,1,Yokogawa,NULL
ICSA-18-102-02,https://www.us-cert.gov/ics/advisories/ICSA-18-102-02,2018-05-10,2018-05-31,Rockwell Automation FactoryTalk Activation Manager (Update B),1,Rockwell Automation,NULL
ICSA-18-107-01,https://www.us-cert.gov/ics/advisories/ICSA-18-107-01,2018-04-17,2018-04-25,Schneider Electric InduSoft Web Studio and InTouch Machine Edition,1,Schneider Electric,NULL
ICSA-18-107-02,https://www.us-cert.gov/ics/advisories/ICSA-18-107-02,2018-04-17,2018-12-18,Schneider Electric Triconex Tricon (Update B),1,Schneider Electric,NULL
ICSA-18-107-03,https://www.us-cert.gov/ics/advisories/ICSA-18-107-03,2018-04-17,2018-04-25,Rockwell Automation Stratix Services Router,1,Rockwell Automation,NULL
ICSA-18-107-04,https://www.us-cert.gov/ics/advisories/ICSA-18-107-04,2018-04-17,2018-04-25,Rockwell Automation Stratix and ArmorStratix Switches,1,Rockwell Automation,NULL
ICSA-18-107-05,https://www.us-cert.gov/ics/advisories/ICSA-18-107-05,2018-04-17,2018-04-25,Rockwell Automation Stratix Industrial Managed Ethernet Switch,1,Rockwell Automation,NULL
ICSA-18-109-01,https://www.us-cert.gov/ics/advisories/ICSA-18-109-01,2018-04-19,2018-10-09,Siemens SIMATIC WinCC OA Operator IOS App (Update A),1,Siemens,NULL
ICSA-18-114-01,https://www.us-cert.gov/ics/advisories/ICSA-18-114-01,2018-04-24,2018-10-30,Vecna VGo Robot (Update A),1,Vecna,NULL
ICSA-18-114-02,https://www.us-cert.gov/ics/advisories/ICSA-18-114-02,2018-04-24,1900-01-01,Intel 2G Modem,0,Intel,NULL
ICSA-18-114-03,https://www.us-cert.gov/ics/advisories/ICSA-18-114-03,2018-04-24,1900-01-01,Advantech WebAccess HMI Designer,1,Advantech,NULL
ICSA-18-116-01,https://www.us-cert.gov/ics/advisories/ICSA-18-116-01,2018-04-26,1900-01-01,Delta Electronics PMSoft,1,Delta Electronics,NULL
ICSA-18-116-02,https://www.us-cert.gov/ics/advisories/ICSA-18-116-02,2018-04-26,1900-01-01,"WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer",1,WECON,NULL
ICSA-18-123-01,https://www.us-cert.gov/ics/advisories/ICSA-18-123-01,2018-05-03,1900-01-01,Lantech IDS 2102,1,Lantech,NULL
ICSA-18-128-01,https://www.us-cert.gov/ics/advisories/ICSA-18-128-01,2018-05-08,2018-10-09,Siemens Medium Voltage SINAMICS Products (Update A),1,Siemens,NULL
ICSA-18-128-02,https://www.us-cert.gov/ics/advisories/ICSA-18-128-02,2018-05-08,2018-05-24,Siemens Siveillance VMS (Update A),1,Siemens,NULL
ICSA-18-128-03,https://www.us-cert.gov/ics/advisories/ICSA-18-128-03,2018-05-08,1900-01-01,Siemens Siveillance VMS Video Mobile App,1,Siemens,NULL
ICSA-18-130-01,https://www.us-cert.gov/ics/advisories/ICSA-18-130-01,2018-05-10,1900-01-01,MatrikonOPC Explorer,1,MatrikonOPC,NULL
ICSA-18-130-02,https://www.us-cert.gov/ics/advisories/ICSA-18-130-02,2018-05-10,1900-01-01,Rockwell Automation Arena,1,Rockwell Automation,NULL
ICSA-18-135-01,https://www.us-cert.gov/ics/advisories/ICSA-18-135-01,2018-05-15,2018-05-18,Advantech WebAccess,1,Advantech,NULL
ICSA-18-137-01,https://www.us-cert.gov/ics/advisories/ICSA-18-137-01,2018-05-17,2018-05-21,"GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, RXi",1,GE,NULL
ICSA-18-137-02,https://www.us-cert.gov/ics/advisories/ICSA-18-137-02,2018-05-17,1900-01-01,PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx Series,1,PHOENIX CONTACT,NULL
ICSA-18-137-03,https://www.us-cert.gov/ics/advisories/ICSA-18-137-03,2018-05-17,2018-09-11,Siemens SIMATIC S7-400 CPU (Update A),1,Siemens,NULL
ICSA-18-137-04,https://www.us-cert.gov/ics/advisories/ICSA-18-137-04,2018-05-17,2018-06-20,Delta Electronics Delta Industrial Automation TPEditor (Update A),1,Delta Electronics,NULL
ICSA-18-142-01,https://www.us-cert.gov/ics/advisories/ICSA-18-142-01,2018-05-22,2018-08-30,Martem TELEM-GW6/GWM (Update B),1,Martem,NULL
ICSA-18-144-01,https://www.us-cert.gov/ics/advisories/ICSA-18-144-01,2018-05-24,1900-01-01,Schneider Electric Floating License Manager,1,Schneider Electric,NULL
ICSA-18-151-01,https://www.us-cert.gov/ics/advisories/ICSA-18-151-01,2018-05-31,1900-01-01,Delta Industrial Automation DOPSoft,1,Delta Electronics,NULL
ICSA-18-151-02,https://www.us-cert.gov/ics/advisories/ICSA-18-151-02,2018-05-31,1900-01-01,GE MDS PulseNET and MDS PulseNET Enterprise,1,GE,NULL
ICSA-18-151-03,https://www.us-cert.gov/ics/advisories/ICSA-18-151-03,2018-05-31,2018-10-11,Yokogawa STARDOM Controllers (Update A),1,Yokogawa,NULL
ICSA-18-156-01,https://www.us-cert.gov/ics/advisories/ICSA-18-156-01,2018-06-05,1900-01-01,ABB IP Gateway,1,ABB,NULL
ICSA-18-158-01,https://www.us-cert.gov/ics/advisories/ICSA-18-158-01,2018-06-07,1900-01-01,Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway,1,Rockwell Automation,NULL
ICSA-18-163-01,https://www.us-cert.gov/ics/advisories/ICSA-18-163-01,2018-06-12,2018-06-18,Schneider Electric U.motion Builder,1,Schneider Electric,NULL
ICSA-18-163-02,https://www.us-cert.gov/ics/advisories/ICSA-18-163-02,2018-06-12,1900-01-01,Siemens SCALANCE X Switches,1,Siemens,NULL
ICSA-18-165-01,https://www.us-cert.gov/ics/advisories/ICSA-18-165-01,2018-06-14,2019-06-11,"Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update B)",1,Siemens,NULL
ICSA-18-172-01,https://www.us-cert.gov/ics/advisories/ICSA-18-172-01,2018-06-21,1900-01-01,Delta Electronics Delta Industrial Automation COMMGR,1,Delta Electronics,NULL
ICSA-18-172-02,https://www.us-cert.gov/ics/advisories/ICSA-18-172-02,2018-06-21,2018-07-17,Rockwell Automation Allen-Bradley CompactLogix and Compact GuardLogix (Update A),1,Rockwell Automation,NULL
ICSA-18-184-01,https://www.us-cert.gov/ics/advisories/ICSA-18-184-01,2018-07-03,1900-01-01,Rockwell Automation Allen-Bradley Stratix 5950,1,Rockwell Automation,NULL
ICSA-18-191-01,https://www.us-cert.gov/ics/advisories/ICSA-18-191-01,2018-07-10,1900-01-01,Universal Robots Robot Controllers,1,Universal Robots,NULL
ICSA-18-191-02,https://www.us-cert.gov/ics/advisories/ICSA-18-191-02,2018-07-10,2018-07-11,"Schweitzer Engineering Laboratories, Inc. Compass and AcSELerator Architect",1,Schweitzer Engineering Laboratories,NULL
ICSA-18-191-03,https://www.us-cert.gov/ics/advisories/ICSA-18-191-03,2018-08-16,2018-10-30,Tridium Niagara,0,Tridium,NULL
ICSA-18-193-01,https://www.us-cert.gov/ics/advisories/ICSA-18-193-01,2018-07-12,1900-01-01,Eaton 9000X Drive,1,Eaton,NULL
ICSA-18-198-01,https://www.us-cert.gov/ics/advisories/ICSA-18-198-01,2018-07-17,1900-01-01,ABB Panel Builder 800,1,ABB,NULL
ICSA-18-198-02,https://www.us-cert.gov/ics/advisories/ICSA-18-198-02,2018-07-17,1900-01-01,WAGO e!DISPLAY Web-Based-Management,1,WAGO,NULL
ICSA-18-198-03,https://www.us-cert.gov/ics/advisories/ICSA-18-198-03,2018-07-17,1900-01-01,"PEPPERL+FUCHS VisuNet RM, VisuNet PC, and Box Thin Client",0,PEPPERL+FUCHS,NULL
ICSA-18-200-01,https://www.us-cert.gov/ics/advisories/ICSA-18-200-01,2018-07-19,1900-01-01,AVEVA InduSoft Web Studio and InTouch Machine Edition,1,AVEVA,NULL
ICSA-18-200-02,https://www.us-cert.gov/ics/advisories/ICSA-18-200-02,2018-07-19,1900-01-01,AVEVA InTouch,1,AVEVA,NULL
ICSA-18-200-03,https://www.us-cert.gov/ics/advisories/ICSA-18-200-03,2018-07-19,2018-09-18,"Echelon SmartServer 1, SmartServer 2, SmartServer 3, i.LON 100, i.LON 600 (Update A)",1,Echelon,NULL
ICSA-18-200-04,https://www.us-cert.gov/ics/advisories/ICSA-18-200-04,2018-07-19,1900-01-01,Moxa NPort 5210 5230 5232,1,Moxa,NULL
ICSA-18-212-01,https://www.us-cert.gov/ics/advisories/ICSA-18-212-01,2018-07-31,1900-01-01,Davolink DVW-3200N,1,Davolink,NULL
ICSA-18-212-02,https://www.us-cert.gov/ics/advisories/ICSA-18-212-02,2018-07-31,1900-01-01,Johnson Controls Metasys and BCPro,1,Johnson Controls,NULL
ICSA-18-212-03,https://www.us-cert.gov/ics/advisories/ICSA-18-212-03,2018-07-31,2018-10-02,WECON LeviStudioU (Update A),1,WECON,NULL
ICSA-18-212-04,https://www.us-cert.gov/ics/advisories/ICSA-18-212-04,2018-07-31,1900-01-01,AVEVA InTouch Access Anywhere,1,AVEVA,NULL
ICSA-18-212-05,https://www.us-cert.gov/ics/advisories/ICSA-18-212-05,2018-07-31,1900-01-01,AVEVA Wonderware License Server,1,AVEVA,NULL
ICSA-18-219-01,https://www.us-cert.gov/ics/advisories/ICSA-18-219-01,2018-08-07,2018-09-20,Delta Electronics CNCSoft and ScreenEditor,1,Delta Electronics,NULL
ICSA-18-221-01,https://www.us-cert.gov/ics/advisories/ICSA-18-221-01,2018-08-09,2018-08-21,Crestron TSW-X60 and MC3,1,Crestron,NULL
ICSA-18-221-02,https://www.us-cert.gov/ics/advisories/ICSA-18-221-02,2018-08-09,1900-01-01,NetComm Wireless 4G LTE Light Industrial M2M Router,1,NetComm Wireless,NULL
ICSA-18-226-01,https://www.us-cert.gov/ics/advisories/ICSA-18-226-01,2018-08-14,2018-10-09,Siemens SIMATIC STEP 7 and SIMATIC WinCC (Update A),1,Siemens,NULL
ICSA-18-226-02,https://www.us-cert.gov/ics/advisories/ICSA-18-226-02,2018-08-14,2019-04-09,Siemens OpenSSL Vulnerability in Industrial Products (Update E),1,Siemens,NULL
ICSA-18-226-03,https://www.us-cert.gov/ics/advisories/ICSA-18-226-03,2018-08-14,1900-01-01,Siemens Automation License Manager,1,Siemens,NULL
ICSA-18-228-01,https://www.us-cert.gov/ics/advisories/ICSA-18-228-01,2018-08-16,2018-09-05,Emerson DeltaV DCS Workstations,1,Emerson,NULL
ICSA-18-233-01,https://www.us-cert.gov/ics/advisories/ICSA-18-233-01,2018-08-21,1900-01-01,"Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows",1,Yokogawa,NULL
ICSA-18-240-01,https://www.us-cert.gov/ics/advisories/ICSA-18-240-01,2018-08-28,1900-01-01,Schneider Electric Modicon M221,1,Schneider Electric,NULL
ICSA-18-240-02,https://www.us-cert.gov/ics/advisories/ICSA-18-240-02,2018-08-28,1900-01-01,Schneider Electric Modicon M221,1,Schneider Electric,NULL
ICSA-18-240-03,https://www.us-cert.gov/ics/advisories/ICSA-18-240-03,2018-08-28,1900-01-01,Schneider Electric PowerLogic PM5560,1,Schneider Electric,NULL
ICSA-18-240-04,https://www.us-cert.gov/ics/advisories/ICSA-18-240-04,2018-08-28,2018-10-02,ABB eSOMS (Update A),1,ABB,NULL
ICSA-18-242-01,https://www.us-cert.gov/ics/advisories/ICSA-18-242-01,2018-08-30,1900-01-01,Philips e-Alert Unit,1,Philips,NULL
ICSA-18-247-01,https://www.us-cert.gov/ics/advisories/ICSA-18-247-01,2018-09-04,2018-10-18,Opto 22 PAC Control Basic and PAC Control Professional,1,Opto 22,NULL
ICSA-18-249-01,https://www.us-cert.gov/ics/advisories/ICSA-18-249-01,2018-09-06,1900-01-01,Ice Qube Thermal Management Center,1,Ice Qube,NULL
ICSA-18-254-01,https://www.us-cert.gov/ics/advisories/ICSA-18-254-01,2018-09-11,2018-09-13,Fuji Electric V-Server,1,Fuji Electric,NULL
ICSA-18-254-02,https://www.us-cert.gov/ics/advisories/ICSA-18-254-02,2018-09-11,1900-01-01,Fuji Electric V-Server Lite,1,Fuji Electric,NULL
ICSA-18-254-03,https://www.us-cert.gov/ics/advisories/ICSA-18-254-03,2018-09-11,1900-01-01,Siemens TD Keypad Designer,1,Siemens,NULL
ICSA-18-254-04,https://www.us-cert.gov/ics/advisories/ICSA-18-254-04,2018-09-11,1900-01-01,Siemens SIMATIC WinCC OA,1,Siemens,NULL
ICSA-18-254-05,https://www.us-cert.gov/ics/advisories/ICSA-18-254-05,2018-09-11,1900-01-01,Siemens SCALANCE X Switches,1,Siemens,NULL
ICSA-18-256-01,https://www.us-cert.gov/ics/advisories/ICSA-18-256-01,2018-09-13,1900-01-01,Honeywell Mobile Computers with Android Operating Systems,1,Honeywell,NULL
ICSA-18-261-01,https://www.us-cert.gov/ics/advisories/ICSA-18-261-01,2018-09-18,1900-01-01,WECON PLC Editor,1,WECON,NULL
ICSA-18-263-01,https://www.us-cert.gov/ics/advisories/ICSA-18-263-01,2018-09-20,1900-01-01,Tec4Data SmartCooler,1,Tec4Data,NULL
ICSA-18-263-02,https://www.us-cert.gov/ics/advisories/ICSA-18-263-02,2018-09-20,2018-10-10,Rockwell Automation RSLinx Classic,1,Rockwell Automation,NULL
ICSA-18-270-01,https://www.us-cert.gov/ics/advisories/ICSA-18-270-01,2018-09-27,1900-01-01,Emerson AMS Device Manager,1,Emerson,NULL
ICSA-18-270-02,https://www.us-cert.gov/ics/advisories/ICSA-18-270-02,2018-09-27,2019-02-07,Fuji Electric Alpha5 Smart Loader (Update A),1,Fuji Electric,NULL
ICSA-18-270-03,https://www.us-cert.gov/ics/advisories/ICSA-18-270-03,2018-09-27,2019-02-14,Fuji Electric FRENIC Devices (Update A),1,Fuji Electric,NULL
ICSA-18-270-04,https://www.us-cert.gov/ics/advisories/ICSA-18-270-04,2018-09-27,1900-01-01,Delta Electronics Delta Industrial Automation PMSoft,1,Delta Electronics,NULL
ICSA-18-275-01,https://www.us-cert.gov/ics/advisories/ICSA-18-275-01,2018-10-02,1900-01-01,Delta Electronics ISPSoft,1,Delta Electronics,NULL
ICSA-18-275-02,https://www.us-cert.gov/ics/advisories/ICSA-18-275-02,2018-10-02,1900-01-01,GE Communicator,1,GE,NULL
ICSA-18-275-03,https://www.us-cert.gov/ics/advisories/ICSA-18-275-03,2018-10-02,1900-01-01,Entes EMG 12,1,Entes,NULL
ICSA-18-277-01,https://www.us-cert.gov/ics/advisories/ICSA-18-277-01,2018-10-04,2018-10-05,WECON PI Studio,1,WECON,NULL
ICSA-18-282-01,https://www.us-cert.gov/ics/advisories/ICSA-18-282-01,2018-10-09,1900-01-01,GE iFix,1,GE,NULL
ICSA-18-282-02,https://www.us-cert.gov/ics/advisories/ICSA-18-282-02,2018-10-09,1900-01-01,Siemens SCALANCE W1750D,1,Siemens,NULL
ICSA-18-282-03,https://www.us-cert.gov/ics/advisories/ICSA-18-282-03,2018-10-09,1900-01-01,Siemens ROX II,1,Siemens,NULL
ICSA-18-282-04,https://www.us-cert.gov/ics/advisories/ICSA-18-282-04,2018-10-09,1900-01-01,Siemens SIMATIC S7-1200 CPU Family Version 4,1,Siemens,NULL
ICSA-18-282-05,https://www.us-cert.gov/ics/advisories/ICSA-18-282-05,2018-10-09,2019-02-12,"Siemens SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP OpenController (Update A)",1,Siemens,NULL
ICSA-18-282-06,https://www.us-cert.gov/ics/advisories/ICSA-18-282-06,2018-10-09,1900-01-01,"Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server",1,"Hangzhou Xiongmai Technology Co., Ltd",NULL
ICSA-18-282-07,https://www.us-cert.gov/ics/advisories/ICSA-18-282-07,2018-10-09,1900-01-01,Fuji Electric Energy Savings Estimator,1,Fuji Electric,NULL
ICSA-18-284-01,https://www.us-cert.gov/ics/advisories/ICSA-18-284-01,2018-10-11,1900-01-01,NUUO NVRmini2 and NVRsolo,1,NUUO,NULL
ICSA-18-284-02,https://www.us-cert.gov/ics/advisories/ICSA-18-284-02,2018-10-11,2018-11-20,NUUO CMS (Update A),1,NUUO,NULL
ICSA-18-284-03,https://www.us-cert.gov/ics/advisories/ICSA-18-284-03,2018-10-11,1900-01-01,Delta Industrial Automation TPEditor,1,Delta Electronics,NULL
ICSA-18-289-01,https://www.us-cert.gov/ics/advisories/ICSA-18-289-01,2018-10-16,2019-01-15,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA,1,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME,NULL
ICSA-18-290-01,https://www.us-cert.gov/ics/advisories/ICSA-18-290-01,2018-10-17,2019-01-31,Omron CX-Supervisor (Update A),1,Omron,NULL
ICSA-18-296-01,https://www.us-cert.gov/ics/advisories/ICSA-18-296-01,2018-10-23,1900-01-01,Advantech WebAccess,1,Advantech,NULL
ICSA-18-296-02,https://www.us-cert.gov/ics/advisories/ICSA-18-296-02,2018-10-23,2018-10-25,GAIN Electronic Co. Ltd SAGA1-L Series,1,GAIN Electronic Co. Ltd,NULL
ICSA-18-296-03,https://www.us-cert.gov/ics/advisories/ICSA-18-296-03,2018-10-23,1900-01-01,Telecrane F25 Series,0,Telecrane,NULL
ICSA-18-298-01,https://www.us-cert.gov/ics/advisories/ICSA-18-298-01,2018-10-25,1900-01-01,GEOVAP Reliance 4 SCADA/HMI,1,GEOVAP,NULL
ICSA-18-298-02,https://www.us-cert.gov/ics/advisories/ICSA-18-298-02,2018-10-25,1900-01-01,Advantech WebAccess,1,Advantech,NULL
ICSA-18-303-01,https://www.us-cert.gov/ics/advisories/ICSA-18-303-01,2018-10-30,1900-01-01,PEPPERL+FUCHS CT50-Ex,0,PEPPERL+FUCHS,NULL
ICSA-18-305-01,https://www.us-cert.gov/ics/advisories/ICSA-18-305-01,2018-11-01,1900-01-01,AVEVA InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition),1,AVEVA,NULL
ICSA-18-305-02,https://www.us-cert.gov/ics/advisories/ICSA-18-305-02,2018-11-01,2018-11-06,Schneider Electric Software Update (SESU) (Update A),1,Schneider Electric,NULL
ICSA-18-305-03,https://www.us-cert.gov/ics/advisories/ICSA-18-305-03,2018-11-01,1900-01-01,Circontrol CirCarLife,1,Circontrol,NULL
ICSA-18-305-04,https://www.us-cert.gov/ics/advisories/ICSA-18-305-04,2018-11-01,1900-01-01,Fr. Sauter AG CASE Suite,1,Fr. Sauter AG,NULL
ICSA-18-310-01,https://www.us-cert.gov/ics/advisories/ICSA-18-310-01,2019-02-14,1900-01-01,gpsd Open Source Project,1,gpsd Open Source Project,NULL
ICSA-18-310-02,https://www.us-cert.gov/ics/advisories/ICSA-18-310-02,2018-12-06,1900-01-01,Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules,1,Rockwell Automation,NULL
ICSA-18-317-01,https://www.us-cert.gov/ics/advisories/ICSA-18-317-01,2018-11-13,1900-01-01,"Siemens IEC 61850 System Configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC",1,Siemens,NULL
ICSA-18-317-02,https://www.us-cert.gov/ics/advisories/ICSA-18-317-02,2018-11-13,2019-05-14,Siemens S7-400 CPUs (Update A),1,Siemens,NULL
ICSA-18-317-03,https://www.us-cert.gov/ics/advisories/ICSA-18-317-03,2018-11-13,1900-01-01,Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal),1,Siemens,NULL
ICSA-18-317-04,https://www.us-cert.gov/ics/advisories/ICSA-18-317-04,2018-11-13,1900-01-01,Siemens SCALANCE S,1,Siemens,NULL
ICSA-18-317-05,https://www.us-cert.gov/ics/advisories/ICSA-18-317-05,2018-11-13,2019-03-12,Siemens SIMATIC S7 (Update A),1,Siemens,NULL
ICSA-18-317-06,https://www.us-cert.gov/ics/advisories/ICSA-18-317-06,2018-11-13,1900-01-01,Siemens SIMATIC STEP 7 (TIA Portal),1,Siemens,NULL
ICSA-18-317-07,https://www.us-cert.gov/ics/advisories/ICSA-18-317-07,2018-11-13,1900-01-01,Siemens SIMATIC IT Production Suite,1,Siemens,NULL
ICSA-18-317-08,https://www.us-cert.gov/ics/advisories/ICSA-18-317-08,2018-11-13,1900-01-01,Siemens SIMATIC Panels,1,Siemens,NULL
ICSA-18-324-01,https://www.us-cert.gov/ics/advisories/ICSA-18-324-01,2018-11-20,1900-01-01,Teledyne DALSA Sherlock,0,Teledyne DALSA,NULL
ICSA-18-324-02,https://www.us-cert.gov/ics/advisories/ICSA-18-324-02,2018-11-20,1900-01-01,Schneider Electric Modicon M221,1,Schneider Electric,NULL
ICSA-18-331-01,https://www.us-cert.gov/ics/advisories/ICSA-18-331-01,2018-11-27,1900-01-01,AVEVA Vijeo Citect and Citect SCADA,1,AVEVA,NULL
ICSA-18-331-02,https://www.us-cert.gov/ics/advisories/ICSA-18-331-02,2018-12-20,1900-01-01,Rockwell Automation FactoryTalk Services Platform,1,Rockwell Automation,NULL
ICSA-18-333-01,https://www.us-cert.gov/ics/advisories/ICSA-18-333-01,2018-11-29,1900-01-01,INVT Electric VT-Designer,1,INVT Electric,NULL
ICSA-18-333-02,https://www.us-cert.gov/ics/advisories/ICSA-18-333-02,2019-01-10,1900-01-01,"Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4",0,Tridium,NULL
ICSA-18-338-01,https://www.us-cert.gov/ics/advisories/ICSA-18-338-01,2018-12-04,1900-01-01,Omron CX-One,1,Omron,NULL
ICSA-18-338-02,https://www.us-cert.gov/ics/advisories/ICSA-18-338-02,2018-12-04,1900-01-01,SpiderControl SCADA WebServer,1,SpiderControl,NULL
ICSA-18-340-01,https://www.us-cert.gov/ics/advisories/ICSA-18-340-01,2018-12-06,1900-01-01,GE Proficy GDS,1,GE,NULL
ICSA-18-345-01,https://www.us-cert.gov/ics/advisories/ICSA-18-345-01,2018-12-11,1900-01-01,McAfee SINAMICS PERFECT HARMONY GH180,1,McAfee,NULL
ICSA-18-345-02,https://www.us-cert.gov/ics/advisories/ICSA-18-345-02,2018-12-11,2019-03-12,Siemens SINUMERIK Controllers (Update A),1,Siemens,NULL
ICSA-18-347-01,https://www.us-cert.gov/ics/advisories/ICSA-18-347-01,2018-12-13,1900-01-01,Schneider Electric GUIcon Eurotherm,1,Schneider Electric,NULL
ICSA-18-347-02,https://www.us-cert.gov/ics/advisories/ICSA-18-347-02,2018-12-13,2019-02-12,Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays (Update A),1,Siemens,NULL
ICSA-18-347-03,https://www.us-cert.gov/ics/advisories/ICSA-18-347-03,2018-12-13,1900-01-01,Geutebrück GmbH E2 Series IP Cameras,1,Geutebrück,NULL
ICSA-18-347-04,https://www.us-cert.gov/ics/advisories/ICSA-18-347-04,2018-12-13,1900-01-01,"GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e",1,GE,NULL
ICSA-18-352-01,https://www.us-cert.gov/ics/advisories/ICSA-18-352-01,2018-12-18,1900-01-01,ABB GATE-E2,1,ABB,NULL
ICSA-18-352-02,https://www.us-cert.gov/ics/advisories/ICSA-18-352-02,2018-12-18,1900-01-01,Advantech WebAccess/SCADA,1,Advantech,NULL
ICSA-18-352-03,https://www.us-cert.gov/ics/advisories/ICSA-18-352-03,2018-12-18,1900-01-01,3S-Smart Software Solutions GmbH CODESYS Control V3 Products,1,3S-Smart Software Solutions,NULL
ICSA-18-352-04,https://www.us-cert.gov/ics/advisories/ICSA-18-352-04,2018-12-18,1900-01-01,3S-Smart Software Solutions GmbH CODESYS V3 Products,1,3S-Smart Software Solutions,NULL
ICSA-18-352-05,https://www.us-cert.gov/ics/advisories/ICSA-18-352-05,2018-12-18,1900-01-01,Siemens TIM 1531 IRC Modules,1,Siemens,NULL
ICSA-18-352-06,https://www.us-cert.gov/ics/advisories/ICSA-18-352-06,2018-12-18,1900-01-01,ABB CMS-770,1,ABB,NULL
ICSA-18-352-07,https://www.us-cert.gov/ics/advisories/ICSA-18-352-07,2018-12-18,1900-01-01,ABB M2M ETHERNET,1,ABB,NULL
ICSA-18-354-01,https://www.us-cert.gov/ics/advisories/ICSA-18-354-01,2018-12-20,1900-01-01,Horner Automation Cscape,1,Horner Automation,NULL
ICSA-18-354-02,https://www.us-cert.gov/ics/advisories/ICSA-18-354-02,2018-12-20,1900-01-01,Schneider Electric EcoStruxure,1,Schneider Electric,NULL
ICSA-19-003-01,https://www.us-cert.gov/ics/advisories/ICSA-19-003-01,2019-01-03,1900-01-01,Schneider Electric Pro-face GP-Pro EX,1,Schneider Electric,NULL
ICSA-19-003-02,https://www.us-cert.gov/ics/advisories/ICSA-19-003-02,2019-01-03,1900-01-01,Yokogawa Vnet/IP Open Communication Driver,1,Yokogawa,NULL
ICSA-19-003-03,https://www.us-cert.gov/ics/advisories/ICSA-19-003-03,2019-01-03,1900-01-01,Hetronic Nova-M,1,Hetronic,NULL
ICSA-19-008-01,https://www.us-cert.gov/ics/advisories/ICSA-19-008-01,2019-01-08,1900-01-01,Schneider Electric Zelio Soft 2,1,Schneider Electric,NULL
ICSA-19-008-02,https://www.us-cert.gov/ics/advisories/ICSA-19-008-02,2019-01-08,2019-01-15,Schneider Electric IIoT Monitor (Update A),1,Schneider Electric,NULL
ICSA-19-010-01,https://www.us-cert.gov/ics/advisories/ICSA-19-010-01,2019-01-10,1900-01-01,Emerson DeltaV,1,Emerson,NULL
ICSA-19-010-02,https://www.us-cert.gov/ics/advisories/ICSA-19-010-02,2019-01-10,1900-01-01,Omron CX-One CX-Protocol,1,Omron,NULL
ICSA-19-010-03,https://www.us-cert.gov/ics/advisories/ICSA-19-010-03,2019-01-10,1900-01-01,Pilz PNOZmulti Configurator,1,Pilz,NULL
ICSA-19-015-01,https://www.us-cert.gov/ics/advisories/ICSA-19-015-01,2019-01-15,1900-01-01,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA,1,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME,NULL
ICSA-19-017-01,https://www.us-cert.gov/ics/advisories/ICSA-19-017-01,2019-01-17,2019-02-07,Omron CX-Supervisor (Update A),1,Omron,NULL
ICSA-19-017-02,https://www.us-cert.gov/ics/advisories/ICSA-19-017-02,2019-01-17,1900-01-01,ABB CP400 Panel Builder TextEditor 2.0,1,ABB,NULL
ICSA-19-017-03,https://www.us-cert.gov/ics/advisories/ICSA-19-017-03,2019-01-17,1900-01-01,ControlByWeb X-320M,1,ControlByWeb,NULL
ICSA-19-022-01,https://www.us-cert.gov/ics/advisories/ICSA-19-022-01,2019-01-22,1900-01-01,Johnson Controls Facility Explorer,1,Johnson Controls,NULL
ICSA-19-024-01,https://www.us-cert.gov/ics/advisories/ICSA-19-024-01,2019-01-24,1900-01-01,Advantech WebAccess/SCADA,1,Advantech,NULL
ICSA-19-024-02,https://www.us-cert.gov/ics/advisories/ICSA-19-024-02,2019-01-24,1900-01-01,PHOENIX CONTACT FL SWITCH,1,PHOENIX CONTACT,NULL
ICSA-19-029-01,https://www.us-cert.gov/ics/advisories/ICSA-19-029-01,2019-01-29,1900-01-01,Yokogawa License Manager Service,1,Yokogawa,NULL
ICSA-19-029-02,https://www.us-cert.gov/ics/advisories/ICSA-19-029-02,2019-01-29,1900-01-01,Mitsubishi Electric MELSEC-Q Series PLCs,1,Mitsubishi Electric,NULL
ICSA-19-029-03,https://www.us-cert.gov/ics/advisories/ICSA-19-029-03,2019-01-29,1900-01-01,AVEVA Wonderware System Platform,1,AVEVA,NULL
ICSA-19-031-01,https://www.us-cert.gov/ics/advisories/ICSA-19-031-01,2019-01-31,1900-01-01,Schneider Electric EVLink Parking,1,Schneider Electric,NULL
ICSA-19-031-02,https://www.us-cert.gov/ics/advisories/ICSA-19-031-02,2019-01-31,2019-03-05,IDenticard PremiSys (Update A),1,IDenticard,NULL
ICSA-19-036-01,https://www.us-cert.gov/ics/advisories/ICSA-19-036-01,2019-02-05,1900-01-01,AVEVA InduSoft Web Studio and InTouch Edge HMI,1,AVEVA,NULL
ICSA-19-036-02,https://www.us-cert.gov/ics/advisories/ICSA-19-036-02,2019-02-05,2019-02-19,Rockwell Automation EtherNet/IP Web Server Modules,1,Rockwell Automation,NULL
ICSA-19-036-03,https://www.us-cert.gov/ics/advisories/ICSA-19-036-03,2019-02-05,1900-01-01,WECON LeviStudioU,1,WECON,NULL
ICSA-19-036-04,https://www.us-cert.gov/ics/advisories/ICSA-19-036-04,2019-02-05,1900-01-01,Siemens SIMATIC S7-1500 CPU,1,Siemens,NULL
ICSA-19-036-05,https://www.us-cert.gov/ics/advisories/ICSA-19-036-05,2019-02-05,2019-03-05,Kunbus PR100088 Modbus Gateway (Update B),1,Kunbus,NULL
ICSA-19-038-01,https://www.us-cert.gov/ics/advisories/ICSA-19-038-01,2019-02-07,1900-01-01,Siemens SICAM A8000 RTU Series,1,Siemens,NULL
ICSA-19-038-02,https://www.us-cert.gov/ics/advisories/ICSA-19-038-02,2019-02-07,1900-01-01,Siemens EN100 Ethernet Module,1,Siemens,NULL
ICSA-19-043-01,https://www.us-cert.gov/ics/advisories/ICSA-19-043-01,2019-02-12,1900-01-01,OSIsoft PI Vision,1,OSIsoft,NULL
ICSA-19-043-02,https://www.us-cert.gov/ics/advisories/ICSA-19-043-02,2019-02-12,1900-01-01,Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays,1,Siemens,NULL
ICSA-19-043-03,https://www.us-cert.gov/ics/advisories/ICSA-19-043-03,2019-02-12,2019-05-14,WIBU SYSTEMS AG WibuKey Digital Rights Management (Update D),1,"Siemens, COPA-DATA, Sprecher Automation, PHOENIX CONTACT",NULL
ICSA-19-043-04,https://www.us-cert.gov/ics/advisories/ICSA-19-043-04,2019-02-12,1900-01-01,Siemens SIMATIC S7-300 CPU,1,Siemens,NULL
ICSA-19-043-05,https://www.us-cert.gov/ics/advisories/ICSA-19-043-05,2019-02-12,1900-01-01,Siemens Intel Active Management Technology of SIMATIC IPCs,1,Siemens,NULL
ICSA-19-043-06,https://www.us-cert.gov/ics/advisories/ICSA-19-043-06,2019-02-12,1900-01-01,Siemens CP1604 and CP1616,1,Siemens,NULL
ICSA-19-045-01,https://www.us-cert.gov/ics/advisories/ICSA-19-045-01,2019-02-14,1900-01-01,Pangea Communications Internet FAX ATA,0,Pangea Communications,NULL
ICSA-19-050-01,https://www.us-cert.gov/ics/advisories/ICSA-19-050-01,2019-02-19,1900-01-01,Intel Data Center Manager SDK,0,Intel,NULL
ICSA-19-050-02,https://www.us-cert.gov/ics/advisories/ICSA-19-050-02,2019-02-19,1900-01-01,Delta Industrial Automation CNCSoft,1,Delta Electronics,NULL
ICSA-19-050-03,https://www.us-cert.gov/ics/advisories/ICSA-19-050-03,2019-02-19,1900-01-01,Horner Automation Cscape,1,Horner Automation,NULL
ICSA-19-050-04,https://www.us-cert.gov/ics/advisories/ICSA-19-050-04,2019-02-19,2019-02-20,Rockwell Automation Allen-Bradley PowerMonitor 1000,1,Rockwell Automation,NULL
ICSA-19-057-01,https://www.us-cert.gov/ics/advisories/ICSA-19-057-01,2019-02-26,1900-01-01,"Moxa IKS, EDS",1,Moxa,NULL
ICSA-19-059-01,https://www.us-cert.gov/ics/advisories/ICSA-19-059-01,2019-02-28,1900-01-01,PSI GridConnect Telecontrol,1,PSI GridConnect,NULL
ICSA-19-064-01,https://www.us-cert.gov/ics/advisories/ICSA-19-064-01,2019-03-05,1900-01-01,Rockwell Automation RSLinx Classic,1,Rockwell Automation,NULL
ICSA-19-073-01,https://www.us-cert.gov/ics/advisories/ICSA-19-073-01,2019-03-14,1900-01-01,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA ELS Files,1,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME,NULL
ICSA-19-073-02,https://www.us-cert.gov/ics/advisories/ICSA-19-073-02,2019-03-14,1900-01-01,Gemalto Sentinel UltraPro,1,Gemalto,NULL
ICSA-19-073-03,https://www.us-cert.gov/ics/advisories/ICSA-19-073-03,2019-03-14,1900-01-01,PEPPERL+FUCHS WirelessHART-Gateways,0,PEPPERL+FUCHS,NULL
ICSA-19-078-01,https://www.us-cert.gov/ics/advisories/ICSA-19-078-01,2019-03-19,1900-01-01,AVEVA InduSoft Web Studio and InTouch Edge HMI,1,AVEVA,NULL
ICSA-19-078-02,https://www.us-cert.gov/ics/advisories/ICSA-19-078-02,2019-03-19,1900-01-01,Columbia Weather Systems MicroServer,1,Columbia Weather Systems,NULL
ICSA-19-085-01,https://www.us-cert.gov/ics/advisories/ICSA-19-085-01,2019-03-26,2019-06-11,Siemens SCALANCE X (Update A),1,Siemens,NULL
ICSA-19-085-02,https://www.us-cert.gov/ics/advisories/ICSA-19-085-02,2019-03-26,1900-01-01,PHOENIX CONTACT RAD-80211-XD,1,PHOENIX CONTACT,NULL
ICSA-19-085-03,https://www.us-cert.gov/ics/advisories/ICSA-19-085-03-0,2019-03-26,1900-01-01,ENTTEC Lighting Controllers,1,ENTTEC,NULL
ICSA-19-087-01,https://www.us-cert.gov/ics/advisories/ICSA-19-087-01,2019-03-28,1900-01-01,Rockwell Automation PowerFlex 525 AC Drives,1,Rockwell Automation,NULL
ICSA-19-092-01,https://www.us-cert.gov/ics/advisories/ICSA-19-092-01,2019-04-02,1900-01-01,Advantech WebAccess/SCADA,1,Advantech,NULL
ICSA-19-094-01,https://www.us-cert.gov/ics/advisories/ICSA-19-094-01,2019-04-04,1900-01-01,Omron CX-Programmer,1,Omron,NULL
ICSA-19-094-02,https://www.us-cert.gov/ics/advisories/ICSA-19-094-02,2019-04-04,2019-04-05,Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700,1,Rockwell Automation,NULL
ICSA-19-094-03,https://www.us-cert.gov/ics/advisories/ICSA-19-094-03,2019-04-04,2019-04-05,Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700,1,Rockwell Automation,NULL
ICSA-19-094-04,https://www.us-cert.gov/ics/advisories/ICSA-19-094-04,2019-04-04,2019-04-05,Rockwell Automation Stratix 5950,1,Rockwell Automation,NULL
ICSA-19-099-01,https://www.us-cert.gov/ics/advisories/ICSA-19-099-01,2019-04-09,1900-01-01,Siemens SIMOCODE pro V EIP,1,Siemens,NULL
ICSA-19-099-02,https://www.us-cert.gov/ics/advisories/ICSA-19-099-02,2019-04-09,1900-01-01,Siemens Spectrum Power 4.7,1,Siemens,NULL
ICSA-19-099-03,https://www.us-cert.gov/ics/advisories/ICSA-19-099-03,2019-04-09,2019-06-11,Siemens Industrial Products with OPC UA (Update B),1,Siemens,NULL
ICSA-19-099-04,https://www.us-cert.gov/ics/advisories/ICSA-19-099-04,2019-04-09,1900-01-01,Siemens SINEMA Remote Connect,1,Siemens,NULL
ICSA-19-099-05,https://www.us-cert.gov/ics/advisories/ICSA-19-099-05,2019-04-09,1900-01-01,Siemens RUGGEDCOM ROX II,1,Siemens,NULL
ICSA-19-099-06,https://www.us-cert.gov/ics/advisories/ICSA-19-099-06,2019-04-09,2019-06-11,"Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update B)",1,Siemens,NULL
ICSA-19-106-01,https://www.us-cert.gov/ics/advisories/ICSA-19-106-01,2019-04-16,1900-01-01,Delta Industrial Automation CNCSoft,1,Delta Electronics,NULL
ICSA-19-106-02,https://www.us-cert.gov/ics/advisories/ICSA-19-106-02,2019-04-16,1900-01-01,WAGO Series 750-88x and 750-87x,1,WAGO,NULL
ICSA-19-106-03,https://www.us-cert.gov/ics/advisories/ICSA-19-106-03,2019-04-16,2019-04-17,PLC Cycle Time Influences,1,"ABB, PHOENIX CONTACT, Schneider Electric, Siemens, WAGO",NULL
ICSA-19-113-01,https://www.us-cert.gov/ics/advisories/ICSA-19-113-01,2019-04-23,1900-01-01,Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers,1,Rockwell Automation,NULL
ICSA-19-120-01,https://www.us-cert.gov/ics/advisories/ICSA-19-120-01,2019-04-30,1900-01-01,Rockwell Automation CompactLogix 5370,1,Rockwell Automation,NULL
ICSA-19-122-01,https://www.us-cert.gov/ics/advisories/ICSA-19-122-01,2019-05-02,2019-05-06,Orpak SiteOmat,1,Orpak,NULL
ICSA-19-122-02,https://www.us-cert.gov/ics/advisories/ICSA-19-122-02,2019-05-02,1900-01-01,GE Communicator,1,GE,NULL
ICSA-19-122-03,https://www.us-cert.gov/ics/advisories/ICSA-19-122-03,2019-05-02,1900-01-01,Sierra Wireless AirLink ALEOS,1,Sierra Wireless,NULL
ICSA-19-134-01,https://www.us-cert.gov/ics/advisories/ICSA-19-134-01,2019-05-14,1900-01-01,Omron Network Configurator for DeviceNet,1,Omron,NULL
ICSA-19-134-02,https://www.us-cert.gov/ics/advisories/ICSA-19-134-02-0,2019-05-14,1900-01-01,Siemens SIMATIC WinCC and SIMATIC PCS 7,1,Siemens,NULL
ICSA-19-134-03,https://www.us-cert.gov/ics/advisories/ICSA-19-134-03,2019-05-14,1900-01-01,Siemens LOGO! Soft Comfort,1,Siemens,NULL
ICSA-19-134-04,https://www.us-cert.gov/ics/advisories/ICSA-19-134-04,2019-05-14,2019-05-15,Siemens LOGO!8 BM,1,Siemens,NULL
ICSA-19-134-05,https://www.us-cert.gov/ics/advisories/ICSA-19-134-05,2019-05-14,1900-01-01,Siemens SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II,1,Siemens,NULL
ICSA-19-134-06,https://www.us-cert.gov/ics/advisories/ICSA-19-134-06,2019-05-14,1900-01-01,Siemens SINAMICS PERFECT HARMONY GH180 Fieldbus Network,1,Siemens,NULL
ICSA-19-134-07,https://www.us-cert.gov/ics/advisories/ICSA-19-134-07,2019-05-14,1900-01-01,Siemens SCALANCE W1750D,1,Siemens,NULL
ICSA-19-134-08,https://www.us-cert.gov/ics/advisories/ICSA-19-134-08,2019-05-14,1900-01-01,"Siemens SIMATIC PCS 7, WinCC, TIA Portal",1,Siemens,NULL
ICSA-19-134-09,https://www.us-cert.gov/ics/advisories/ICSA-19-134-09,2019-05-14,1900-01-01,Siemens SIMATIC Panels and WinCC (TIA Portal),1,Siemens,NULL
ICSA-19-136-01,https://www.us-cert.gov/ics/advisories/ICSA-19-136-01,2019-05-16,2019-06-18,Schneider Electric Modicon Controllers,1,Schneider Electric,NULL
ICSA-19-136-02,https://www.us-cert.gov/ics/advisories/ICSA-19-136-02,2019-05-16,1900-01-01,Fuji Electric Alpha7 PC Loader,1,Fuji Electric,NULL
ICSA-19-141-01,https://www.us-cert.gov/ics/advisories/ICSA-19-141-01,2019-05-21,1900-01-01,Computrols CBAS Web,1,Computrols,NULL
ICSA-19-141-02,https://www.us-cert.gov/ics/advisories/ICSA-19-141-02,2019-05-21,1900-01-01,Mitsubishi Electric MELSEC-Q Series Ethernet Module,1,Mitsubishi Electric,NULL
ICSA-19-148-01,https://www.us-cert.gov/ics/advisories/ICSA-19-148-01,2019-05-28,1900-01-01,Emerson Ovation OCR400 Controller,1,Emerson,NULL
ICSA-19-150-01,https://www.us-cert.gov/ics/advisories/ICSA-19-150-01,2019-05-30,1900-01-01,AVEVA Vijeo Citect and CitectSCADA,1,AVEVA,NULL
ICSA-19-155-01,https://www.us-cert.gov/ics/advisories/ICSA-19-155-01,2019-06-04,1900-01-01,PHOENIX CONTACT PLCNext AXC F 2152,1,PHOENIX CONTACT,NULL
ICSA-19-155-02,https://www.us-cert.gov/ics/advisories/ICSA-19-155-02,2019-06-04,1900-01-01,PHOENIX CONTACT FL NAT SMx,1,PHOENIX CONTACT,NULL
ICSA-19-155-03,https://www.us-cert.gov/ics/advisories/ICSA-19-155-03,2019-06-04,1900-01-01,Geutebrück G-Cam and G-Code,1,Geutebrück,NULL
ICSA-19-157-01,https://www.us-cert.gov/ics/advisories/ICSA-19-157-01,2019-06-06,1900-01-01,Optergy Proton Enterprise Building Management System,1,Optergy,NULL
ICSA-19-157-02,https://www.us-cert.gov/ics/advisories/ICSA-19-157-02,2019-06-06,2019-06-10,Panasonic Control FPWIN Pro,0,Panasonic,NULL
ICSA-19-162-01,https://www.us-cert.gov/ics/advisories/ICSA-19-162-01,2019-06-11,1900-01-01,Siemens Siveillance VMS,1,Siemens,NULL
ICSA-19-162-02,https://www.us-cert.gov/ics/advisories/ICSA-19-162-02,2019-06-11,1900-01-01,Siemens SIMATIC Ident MV420 and MV440 Families,1,Siemens,NULL
ICSA-19-162-03,https://www.us-cert.gov/ics/advisories/ICSA-19-162-03,2019-06-11,1900-01-01,Siemens LOGO!8 Devices,1,Siemens,NULL
ICSA-19-162-04,https://www.us-cert.gov/ics/advisories/ICSA-19-162-04,2019-06-11,1900-01-01,Siemens SCALANCE X,1,Siemens,NULL
ICSA-19-164-01,https://www.us-cert.gov/ics/advisories/ICSA-19-164-01,2019-06-13,1900-01-01,Johnson Controls exacqVision Enterprise System Manager,1,Johnson Controls,NULL
ICSA-19-164-02,https://www.us-cert.gov/ics/advisories/ICSA-19-164-02,2019-06-13,1900-01-01,"WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505",1,WAGO,NULL
ICSA-19-171-01,https://www.us-cert.gov/ics/advisories/ICSA-19-171-01,2019-06-20,1900-01-01,PHOENIX CONTACT Automation Worx Software Suite,1,PHOENIX CONTACT,NULL
ICSA-19-178-01,https://www.us-cert.gov/ics/advisories/icsa-19-178-01,2019-06-27,1900-01-01,ABB PB610 Panel Builder 600,1,ABB,NULL
ICSA-19-178-02,https://www.us-cert.gov/ics/advisories/icsa-19-178-02,2019-06-27,1900-01-01,ABB CP651 HMI,1,ABB,NULL
ICSA-19-178-03,https://www.us-cert.gov/ics/advisories/icsa-19-178-03,2019-06-27,1900-01-01,ABB CP635 HMI,1,ABB,NULL
ICSA-19-178-04,https://www.us-cert.gov/ics/advisories/icsa-19-178-04,2019-06-27,1900-01-01,SICK MSC800,1,SICK,NULL
ICSA-19-178-05,https://www.us-cert.gov/ics/advisories/icsa-19-178-05,2019-06-27,1900-01-01,Advantech WebAccess/SCADA,1,Advantech,NULL
ICSA-19-183-01,https://www.us-cert.gov/ics/advisories/icsa-19-183-01,2019-07-02,1900-01-01,Schneider Electric Modicon Controllers,1,Schneider Electric,NULL
ICSA-19-183-02,https://www.us-cert.gov/ics/advisories/icsa-19-183-02,2019-07-02,1900-01-01,Quest KACE Systems Management Appliance,1,Quest,NULL
ICSA-19-190-01,https://www.us-cert.gov/ics/advisories/icsa-19-190-01,2019-07-09,1900-01-01,Emerson DeltaV Distributed Control System,1,Emerson,NULL
ICSA-19-190-02,https://www.us-cert.gov/ics/advisories/icsa-19-190-02,2019-07-09,1900-01-01,Rockwell Automation PanelView 5510,1,Rockwell Automation,NULL
ICSA-19-190-03,https://www.us-cert.gov/ics/advisories/icsa-19-190-03,2019-07-09,1900-01-01,Schneider Electric Zelio Soft 2,1,Schneider Electric,NULL
ICSA-19-190-04,https://www.us-cert.gov/ics/advisories/icsa-19-190-04,2019-07-09,2019-08-13,Siemens Spectrum Power (Update A),1,Siemens,NULL
ICSA-19-190-05,https://www.us-cert.gov/ics/advisories/icsa-19-190-05,2019-12-10,1900-01-01,Siemens SIPROTEC 5 and DIGSI 5 (Update B),1,Siemens,NULL
ICSA-19-192-01,https://www.us-cert.gov/ics/advisories/icsa-19-192-01,2019-07-11,1900-01-01,Delta Industrial Automation CNCSoft ScreenEditor,1,Delta Electronics,NULL
ICSA-19-192-02,https://www.us-cert.gov/ics/advisories/icsa-19-192-02,2019-10-10,1900-01-01,Siemens SIMATIC WinCC and PCS7 (Update C),1,Siemens,NULL
ICSA-19-192-03,https://www.us-cert.gov/ics/advisories/icsa-19-192-03,2019-07-11,1900-01-01,Siemens TIA Administrator (TIA Portal),1,Siemens,NULL
ICSA-19-192-04,https://www.us-cert.gov/ics/advisories/icsa-19-192-04,2019-07-11,1900-01-01,Siemens SIMATIC RF6XXR,1,Siemens,NULL
ICSA-19-192-05,https://www.us-cert.gov/ics/advisories/icsa-19-192-05,2019-07-11,1900-01-01,AVEVA Vijeo Citect and Citect SCADA Floating License Manager,1,AVEVA,NULL
ICSA-19-192-06,https://www.us-cert.gov/ics/advisories/icsa-19-192-06,2019-07-11,1900-01-01,Schneider Electric Interactive Graphical SCADA System,1,Schneider Electric,NULL
ICSA-19-192-07,https://www.us-cert.gov/ics/advisories/icsa-19-192-07,2019-07-11,1900-01-01,Schneider Electric Floating License Manager,1,Schneider Electric,NULL
ICSA-19-199-01,https://www.us-cert.gov/ics/advisories/icsa-19-199-01,2019-07-16,2019-07-24,Johnson Controls exacqVision Server,1,Johnson Controls,NULL
ICSA-19-204-01,https://www.us-cert.gov/ics/advisories/icsa-19-204-01,2019-07-23,1900-01-01,Mitsubishi Electric FR Configurator2,1,Mitsubishi Electric,NULL
ICSA-19-204-02,https://www.us-cert.gov/ics/advisories/icsa-19-204-02,2019-07-23,1900-01-01,NREL EnergyPlus,1,National Renewable Energy Laboratory (NREL),NULL
ICSA-19-211-01,https://www.us-cert.gov/ics/advisories/icsa-19-211-01,2019-07-30,2019-08-08,Wind River VxWorks (Update A),1,Wind River,NULL
ICSA-19-211-02,https://www.us-cert.gov/ics/advisories/icsa-19-211-02,2019-07-30,1900-01-01,Prima Systems FlexAir,1,Prima Systems,NULL
ICSA-19-213-01,https://www.us-cert.gov/ics/advisories/icsa-19-213-01,2019-08-01,1900-01-01,Advantech WebAccess HMI Designer,1,Advantech,NULL
ICSA-19-213-02,https://www.us-cert.gov/ics/advisories/icsa-19-213-02,2019-08-01,2019-08-05,Fuji Electric FRENIC Loader,0,Fuji Electric,NULL
ICSA-19-213-03,https://www.us-cert.gov/ics/advisories/icsa-19-213-03,2019-08-01,1900-01-01,3S-Smart Software Solutions GmbH CODESYS V3,1,3S-Smart Software Solutions,NULL
ICSA-19-213-04,https://www.us-cert.gov/ics/advisories/icsa-19-213-04,2019-08-01,1900-01-01,3S-Smart Software Solutions GmbH CODESYS V3,1,3S-Smart Software Solutions,NULL
ICSA-19-213-05,https://www.us-cert.gov/ics/advisories/icsa-19-213-05,2019-08-01,2019-09-20,Rockwell Automation Arena Simulation Software (Update B),1,Rockwell Automation,NULL
ICSA-19-213-06,https://www.us-cert.gov/ics/advisories/icsa-19-213-06,2019-08-01,1900-01-01,LCDS LAquis SCADA LQS File Parsing,1,LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME,NULL
ICSA-19-225-01,https://www.us-cert.gov/ics/advisories/icsa-19-225-01,2019-08-13,1900-01-01,Delta Industrial Automation DOPSoft,1,Delta Electronics,NULL
ICSA-19-225-02,https://www.us-cert.gov/ics/advisories/icsa-19-225-02,2019-08-13,1900-01-01,OSIsoft PI Web API,1,OSIsoft,NULL
ICSA-19-225-03,https://www.us-cert.gov/ics/advisories/icsa-19-225-03,2019-08-13,2019-08-21,Siemens SCALANCE X Switches (Update A),1,Siemens,NULL
ICSA-19-227-01,https://www.us-cert.gov/ics/advisories/icsa-19-227-01,2019-08-15,1900-01-01,Johnson Controls Metasys,1,Johnson Controls,NULL
ICSA-19-227-02,https://www.us-cert.gov/ics/advisories/icsa-19-227-02,2019-08-15,1900-01-01,Fuji Electric Alpha5 Smart Loader,0,Fuji Electric,NULL
ICSA-19-227-03,https://www.us-cert.gov/ics/advisories/icsa-19-227-03,2019-08-15,1900-01-01,Siemens SCALANCE Products,1,Siemens,NULL
ICSA-19-227-04,https://www.us-cert.gov/ics/advisories/icsa-19-227-04,2019-12-10,2019-12-17,Siemens SINAMICS (Update B),1,Siemens,NULL
ICSA-19-232-01,https://www.us-cert.gov/ics/advisories/icsa-19-232-01,2019-08-20,1900-01-01,Zebra Industrial Printers,1,Zebra,NULL
ICSA-19-239-01,https://www.us-cert.gov/ics/advisories/icsa-19-239-01,2019-08-27,1900-01-01,Delta Controls enteliBUS Controllers,1,Delta Controls,NULL
ICSA-19-239-02,https://www.us-cert.gov/ics/advisories/icsa-19-239-02,2019-08-27,1900-01-01,Datalogic AV7000 Linear Barcode Scanner,1,Datalogic,NULL
ICSA-19-246-01,https://www.us-cert.gov/ics/advisories/icsa-19-246-01,2019-09-03,1900-01-01,EZAutomation EZ Touch Editor,0,EZAutomation,NULL
ICSA-19-246-02,https://www.us-cert.gov/ics/advisories/icsa-19-246-02,2019-09-03,1900-01-01,EZAutomation EZ PLC Editor,0,EZAutomation,NULL
ICSA-19-248-01,https://www.us-cert.gov/ics/advisories/icsa-19-248-01,2019-09-05,2019-09-16,Red Lion Controls Crimson,1,Red Lion Controls,NULL
ICSA-19-253-01,https://www.us-cert.gov/ics/advisories/icsa-19-253-01,2019-09-10,1900-01-01,Delta Electronics TPEditor,1,Delta Electronics,NULL
ICSA-19-253-02,https://www.us-cert.gov/ics/advisories/icsa-19-253-02,2019-09-10,1900-01-01,Siemens SINETPLAN,1,Siemens,NULL
ICSA-19-253-03,https://www.us-cert.gov/ics/advisories/icsa-19-253-03,2020-03-10,1900-01-01,Siemens Industrial Products (Update E),1,Siemens,NULL
ICSA-19-253-04,https://www.us-cert.gov/ics/advisories/icsa-19-253-04,2019-09-10,1900-01-01,Siemens IE-WSN-PA Link WirelessHART Gateway,1,Siemens,NULL
ICSA-19-253-05,https://www.us-cert.gov/ics/advisories/icsa-19-253-05,2019-09-10,1900-01-01,Siemens SIMATIC TDC CP51M1,1,Siemens,NULL
ICSA-19-253-06,https://www.us-cert.gov/ics/advisories/icsa-19-253-06,2019-09-10,1900-01-01,OSIsoft PI SQL Client,1,OSIsoft,NULL
ICSA-19-255-01,https://www.us-cert.gov/ics/advisories/icsa-19-255-01,2019-09-12,1900-01-01,3S-Smart Software Solutions GmbH CODESYS V3 Web Server,1,3S-Smart Software Solutions,NULL
ICSA-19-255-02,https://www.us-cert.gov/ics/advisories/icsa-19-255-02,2019-09-12,1900-01-01,3S-Smart Software Solutions GmbH CODESYS V3 Library Manager,1,3S-Smart Software Solutions,NULL
ICSA-19-255-03,https://www.us-cert.gov/ics/advisories/icsa-19-255-03,2019-09-12,1900-01-01,3S-Smart Software Solutions GmbH CODESYS Control V3 Online User Management,1,3S-Smart Software Solutions,NULL
ICSA-19-255-04,https://www.us-cert.gov/ics/advisories/icsa-19-255-04,2019-09-12,1900-01-01,3S-Smart Software Solutions GmbH CODESYS Control V3 OPC UA Server,1,3S-Smart Software Solutions,NULL
ICSA-19-255-05,https://www.us-cert.gov/ics/advisories/icsa-19-255-05,2019-09-12,1900-01-01,3S-Smart Software Solutions GmbH CODESYS V3 Products Containing a CODESYS Communication Server,1,3S-Smart Software Solutions,NULL
ICSA-19-260-01,https://www.us-cert.gov/ics/advisories/icsa-19-260-01,2019-09-17,2019-09-18,Advantech WebAccess,1,Advantech,NULL
ICSA-19-260-02,https://www.us-cert.gov/ics/advisories/icsa-19-260-02,2019-09-17,1900-01-01,Siemens SINEMA Remote Connect Server,1,Siemens,NULL
ICSA-19-260-03,https://www.us-cert.gov/ics/advisories/icsa-19-260-03,2019-09-17,1900-01-01,Honeywell Performance IP Cameras and Performance NVRs,0,Honeywell,NULL
ICSA-19-262-01,https://www.us-cert.gov/ics/advisories/icsa-19-262-01,2019-09-19,1900-01-01,Tridium Niagara,1,Tridium,NULL
ICSA-19-274-01,https://www.us-cert.gov/ics/advisories/icsa-19-274-01,2020-02-18,1900-01-01,Interpeak IPnet TCP/IP Stack (Update C),1,"ENEA, Green Hills Software, ITRON, IP Infusion, Wind River",NULL
ICSA-19-274-02,https://www.us-cert.gov/ics/advisories/icsa-19-274-02,2019-10-01,1900-01-01,Yokogawa Products,1,Yokogawa,NULL
ICSA-19-274-03,https://www.us-cert.gov/ics/advisories/icsa-19-274-03,2019-10-01,2019-10-02,Moxa EDR 810 Series,1,Moxa,NULL
ICSA-19-281-01,https://www.us-cert.gov/ics/advisories/icsa-19-281-01,2019-10-08,1900-01-01,SMA Solar Technology AG Sunny WebBox,1,SMA Solar Technology AG,NULL
ICSA-19-281-02,https://www.us-cert.gov/ics/advisories/icsa-19-281-02,2019-10-08,2019-10-15,GE Mark VIe Controller,1,GE,NULL
ICSA-19-281-03,https://www.us-cert.gov/ics/advisories/icsa-19-281-03,2020-01-14,1900-01-01,Siemens SIMATIC WinAC RTX (F) 2010 (Update A),1,Siemens,NULL
ICSA-19-281-04,https://www.us-cert.gov/ics/advisories/icsa-19-281-04,2019-10-08,1900-01-01,Siemens SIMATIC IT UADM,1,Siemens,NULL
ICSA-19-283-01,https://www.us-cert.gov/ics/advisories/icsa-19-283-01,2020-03-10,1900-01-01,Siemens Industrial Real-Time (IRT) Devices (Update C),1,Siemens,NULL
ICSA-19-283-02,https://www.us-cert.gov/ics/advisories/icsa-19-283-02,2020-03-10,1900-01-01,Siemens PROFINET Devices (Update D),1,Siemens,NULL
ICSA-19-290-01,https://www.us-cert.gov/ics/advisories/icsa-19-290-01,2019-12-19,1900-01-01,AVEVA Vijeo Citect and Citect SCADA (Update A),1,"AVEVA, Schneider Electric",NULL
ICSA-19-290-02,https://www.us-cert.gov/ics/advisories/icsa-19-290-02,2019-10-17,2019-10-23,Horner Automation Cscape,1,Horner Automation,NULL
ICSA-19-295-01,https://www.us-cert.gov/ics/advisories/icsa-19-295-01,2019-10-22,1900-01-01,Schneider Electric ProClima,1,Schneider Electric,NULL
ICSA-19-297-01,https://www.us-cert.gov/ics/advisories/icsa-19-297-01,2019-10-24,1900-01-01,Rittal Chiller SK 3232-Series,1,Rittal,NULL
ICSA-19-297-02,https://www.us-cert.gov/ics/advisories/icsa-19-297-02,2019-10-24,1900-01-01,Honeywell IP-AK2,0,Honeywell,NULL
ICSA-19-302-01,https://www.us-cert.gov/ics/advisories/icsa-19-302-01,2019-10-29,1900-01-01,PHOENIX CONTACT Automation Worx Software Suite,1,PHOENIX CONTACT,NULL
ICSA-19-304-01,https://www.us-cert.gov/ics/advisories/icsa-19-304-01,2019-10-31,1900-01-01,Advantech WISE-PaaS/RMM,1,Advantech,NULL
ICSA-19-304-02,https://www.us-cert.gov/ics/advisories/icsa-19-304-02,2019-10-31,1900-01-01,Honeywell equIP Series IP Cameras,0,Honeywell,NULL
ICSA-19-304-03,https://www.us-cert.gov/ics/advisories/icsa-19-304-03,2019-10-31,1900-01-01,Honeywell equIP and Performance Series IP Cameras,0,Honeywell,NULL
ICSA-19-304-04,https://www.us-cert.gov/ics/advisories/icsa-19-304-04,2019-10-31,1900-01-01,Honeywell equIP and Performance Series IP Cameras and Recorders,0,Honeywell,NULL
ICSA-19-309-01,https://www.us-cert.gov/ics/advisories/icsa-19-309-01,2019-11-05,2019-11-06,Omron CX-Supervisor,1,Omron,NULL
ICSA-19-311-01,https://www.us-cert.gov/ics/advisories/icsa-19-311-01,2019-11-07,1900-01-01,Mitsubishi Electric MELSEC-Q Series and MELSEC-L Series CPU Modules,1,Mitsubishi Electric,NULL
ICSA-19-311-02,https://www.us-cert.gov/ics/advisories/icsa-19-311-02,2019-11-07,1900-01-01,Fuji Electric V-Server,0,Fuji Electric,NULL
ICSA-19-318-01,https://www.us-cert.gov/ics/advisories/icsa-19-318-01,2019-11-14,1900-01-01,Siemens Mentor Nucleus Networking Module,1,Siemens,NULL
ICSA-19-318-02,https://www.us-cert.gov/ics/advisories/icsa-19-318-02,2019-12-10,1900-01-01,Siemens S7-1200 and S7-200 SMART CPUs (Update A),1,Siemens,NULL
ICSA-19-318-03,https://www.us-cert.gov/ics/advisories/icsa-19-318-03,2019-11-14,1900-01-01,Siemens Desigo PX Devices,1,Siemens,NULL
ICSA-19-318-04,https://www.us-cert.gov/ics/advisories/icsa-19-318-04,2019-12-19,1900-01-01,Omron CX-Supervisor (Update A),1,Omron,NULL
ICSA-19-318-05,https://www.us-cert.gov/ics/advisories/icsa-19-318-05,2019-11-14,1900-01-01,ABB Power Generation Information Manager (PGIM) and Plant Connect,1,ABB,NULL
ICSA-19-323-01,https://www.us-cert.gov/ics/advisories/icsa-19-323-01,2019-11-19,1900-01-01,Flexera FlexNet Publisher,0,Flexera,NULL
ICSA-19-330-01,https://www.us-cert.gov/ics/advisories/icsa-19-330-01,2019-11-26,1900-01-01,ABB Relion 670 Series,1,ABB,NULL
ICSA-19-330-02,https://www.us-cert.gov/ics/advisories/icsa-19-330-02,2019-11-26,1900-01-01,ABB Relion 650 and 670 Series,1,ABB,NULL
ICSA-19-337-01,https://www.us-cert.gov/ics/advisories/icsa-19-337-01,2019-12-03,1900-01-01,Reliable Controls LicenseManager,1,Reliable Controls,NULL
ICSA-19-337-02,https://www.us-cert.gov/ics/advisories/icsa-19-337-02,2019-12-03,1900-01-01,Moxa AWK-3121,1,Moxa,NULL
ICSA-19-339-01,https://www.us-cert.gov/ics/advisories/icsa-19-339-01,2019-12-05,1900-01-01,Thales DIS SafeNet Sentinel LDK License Manager Runtime,1,Thales DIS,NULL
ICSA-19-339-02,https://www.us-cert.gov/ics/advisories/icsa-19-339-02,2019-12-05,1900-01-01,Weidmueller Industrial Ethernet Switches,1,Weidmueller,NULL
ICSA-19-344-01,https://www.us-cert.gov/ics/advisories/icsa-19-344-01,2019-12-10,1900-01-01,Siemens SCALANCE W700 and W1700,1,Siemens,NULL
ICSA-19-344-02,https://www.us-cert.gov/ics/advisories/icsa-19-344-02,2019-12-10,1900-01-01,Siemens SiNVR 3,1,Siemens,NULL
ICSA-19-344-03,https://www.us-cert.gov/ics/advisories/icsa-19-344-03,2019-12-10,1900-01-01,Siemens RUGGEDCOM ROS,1,Siemens,NULL
ICSA-19-344-04,https://www.us-cert.gov/ics/advisories/icsa-19-344-04,2020-03-10,1900-01-01,Siemens SIMATIC Products (Update B),1,Siemens,NULL
ICSA-19-344-05,https://www.us-cert.gov/ics/advisories/icsa-19-344-05,2019-12-10,1900-01-01,Siemens XHQ Operations Intelligence,1,Siemens,NULL
ICSA-19-344-06,https://www.us-cert.gov/ics/advisories/icsa-19-344-06,2020-03-10,1900-01-01,Siemens SIMATIC S7-1200 and S7-1500 CPU Families (Update A),1,Siemens,NULL
ICSA-19-344-07,https://www.us-cert.gov/ics/advisories/icsa-19-344-07,2020-01-14,1900-01-01,Siemens EN100 Ethernet Module (Update A),1,Siemens,NULL
ICSA-19-346-01,https://www.us-cert.gov/ics/advisories/icsa-19-346-01,2019-12-12,1900-01-01,Advantech DiagAnywhere Server,1,Advantech,NULL
ICSA-19-346-02,https://www.us-cert.gov/ics/advisories/icsa-19-346-02,2019-12-12,2020-01-13,Omron PLC CJ and CS Series,1,Omron,NULL
ICSA-19-346-03,https://www.us-cert.gov/ics/advisories/icsa-19-346-03,2019-12-12,1900-01-01,"Omron PLC CJ, CS and NJ Series",1,Omron,NULL
ICSA-19-351-01,https://www.us-cert.gov/ics/advisories/icsa-19-351-01,2019-12-17,1900-01-01,GE S2020/S2020G Fast Switch 61850,1,GE,NULL
ICSA-19-351-02,https://www.us-cert.gov/ics/advisories/icsa-19-351-02,2020-03-10,1900-01-01,Siemens SPPA-T3000 (Update A),1,Siemens,NULL
ICSA-19-353-01,https://www.us-cert.gov/ics/advisories/icsa-19-353-01,2019-12-19,1900-01-01,Moxa EDS Ethernet Switches,1,Moxa,NULL
ICSA-19-353-02,https://www.us-cert.gov/ics/advisories/icsa-19-353-02,2019-12-19,1900-01-01,Equinox Control Expert,0,Equinox,NULL
ICSA-19-353-03,https://www.us-cert.gov/ics/advisories/icsa-19-353-03,2019-12-19,1900-01-01,WECON PLC Editor,1,WECON,NULL
ICSA-19-353-04,https://www.us-cert.gov/ics/advisories/icsa-19-353-04,2019-12-19,1900-01-01,Reliable Controls MACH-ProWebCom/Sys,1,Reliable Controls,NULL
ICSA-20-014-01,https://www.us-cert.gov/ics/advisories/icsa-20-014-01,2020-01-14,2020-01-16,GE PACSystems RX3i,1,GE,NULL
ICSA-20-014-02,https://www.us-cert.gov/ics/advisories/icsa-20-014-02,2020-01-14,1900-01-01,Siemens SINEMA Server,0,Siemens,NULL
ICSA-20-014-03,https://www.us-cert.gov/ics/advisories/icsa-20-014-03,2020-01-14,1900-01-01,Siemens SCALANCE X Switches,0,Siemens,NULL
ICSA-20-014-04,https://www.us-cert.gov/ics/advisories/icsa-20-014-04,2020-01-14,1900-01-01,Siemens SINAMICS PERFECT HARMONY GH180,0,Siemens,NULL
ICSA-20-014-05,https://www.us-cert.gov/ics/advisories/icsa-20-014-05,2020-01-14,1900-01-01,Siemens TIA Portal,0,Siemens,NULL
ICSA-20-014-06,https://www.us-cert.gov/ics/advisories/icsa-20-014-06,2020-01-14,1900-01-01,OSIsoft PI Vision,1,OSIsoft,NULL
ICSA-20-016-01,https://www.us-cert.gov/ics/advisories/icsa-20-016-01,2020-01-16,1900-01-01,Schneider Electric Modicon Controllers,1,Schneider,NULL
ICSA-20-021-01,https://www.us-cert.gov/ics/advisories/icsa-20-021-01,2020-01-21,1900-01-01,Honeywell Maxpro VMS & NVR,0,Honeywell,NULL
ICSA-20-035-01,https://www.us-cert.gov/ics/advisories/icsa-20-035-01,2020-02-04,1900-01-01,AutomationDirect C-More Touch Panels,1,AutomationDirect,NULL
ICSA-20-042-01,https://www.us-cert.gov/ics/advisories/icsa-20-042-01,2020-02-11,1900-01-01,Synergy Systems & Solutions HUSKY RTU,1,Synergy Systems & Solutions,NULL
ICSA-20-042-02,https://www.us-cert.gov/ics/advisories/icsa-20-042-02,2020-02-11,1900-01-01,Siemens Industrial Products SNMP Vulnerabilities,1,Siemens,NULL
ICSA-20-042-03,https://www.us-cert.gov/ics/advisories/icsa-20-042-03,2020-02-11,1900-01-01,Siemens SIMATIC CP 1543-1,1,Siemens,NULL
ICSA-20-042-04,https://www.us-cert.gov/ics/advisories/icsa-20-042-04,2020-03-10,1900-01-01,Siemens PROFINET-IO Stack (Update A),1,Siemens,NULL
ICSA-20-042-05,https://www.us-cert.gov/ics/advisories/icsa-20-042-05,2020-03-10,1900-01-01,Siemens SIMATIC S7 (Update A),1,Siemens,NULL
ICSA-20-042-06,https://www.us-cert.gov/ics/advisories/icsa-20-042-06,2020-03-10,1900-01-01,"Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC (Update A)",1,Siemens,NULL
ICSA-20-042-07,https://www.us-cert.gov/ics/advisories/icsa-20-042-07,2020-02-11,1900-01-01,Siemens SCALANCE X Switches,0,Siemens,NULL
ICSA-20-042-08,https://www.us-cert.gov/ics/advisories/icsa-20-042-08,2020-02-11,1900-01-01,Siemens SIPORT MP,0,Siemens,NULL
ICSA-20-042-09,https://www.us-cert.gov/ics/advisories/icsa-20-042-09,2020-02-11,1900-01-01,Siemens OZW Web Server,0,Siemens,NULL
ICSA-20-042-10,https://www.us-cert.gov/ics/advisories/icsa-20-042-10,2020-02-11,1900-01-01,Siemens SCALANCE S-600,0,Siemens,NULL
ICSA-20-042-11,https://www.us-cert.gov/ics/advisories/icsa-20-042-11,2020-03-10,1900-01-01,Siemens SIMATIC S7-1500 (Update A),1,Siemens,NULL
ICSA-20-042-12,https://www.us-cert.gov/ics/advisories/icsa-20-042-12,2020-02-11,1900-01-01,Siemens SIPROTEC 4 and SIPROTEC Compact,0,Siemens,NULL
ICSA-20-042-13,https://www.us-cert.gov/ics/advisories/icsa-20-042-13,2020-02-11,1900-01-01,Digi ConnectPort LTS 32 MEI,1,Digi International,NULL
ICSA-20-044-01,https://www.us-cert.gov/ics/advisories/icsa-20-044-01,2020-02-13,1900-01-01,Schneider Electric Modicon Ethernet Serial RTU,1,Schneider Electric,NULL
ICSA-20-044-02,https://www.us-cert.gov/ics/advisories/icsa-20-044-02,2020-02-13,1900-01-01,Schneider Electric Magelis HMI Panels,1,Schneider Electric,NULL
ICSA-20-049-01,https://www.us-cert.gov/ics/advisories/icsa-20-049-01,2020-02-18,2020-02-19,Honeywell INNCOM INNControl 3,0,Honeywell,NULL
ICSA-20-049-02,https://www.us-cert.gov/ics/advisories/icsa-20-049-02,2020-02-18,1900-01-01,Emerson OpenEnterprise,1,Emerson,NULL
ICSA-20-051-01,https://www.us-cert.gov/ics/advisories/icsa-20-051-01,2020-02-20,2020-02-27,B&R Automation Studio and Automation Runtime,1,B&R,NULL
ICSA-20-051-02,https://www.us-cert.gov/ics/advisories/icsa-20-051-02,2020-02-20,1900-01-01,Rockwell Automation FactoryTalk Diagnostics,1,Rockwell Automation,NULL
ICSA-20-051-03,https://www.us-cert.gov/ics/advisories/icsa-20-051-03,2020-02-20,1900-01-01,Honeywell NOTI-FIRE-NET Web Server (NWS-3),1,Honeywell,NULL
ICSA-20-051-04,https://www.us-cert.gov/ics/advisories/icsa-20-051-04,2020-02-20,1900-01-01,"Auto-Maskin RP210E, DCU210E, and Marine Observer Pro (Android App)",1,Auto-Maskin,NULL
ICSA-20-056-01,https://www.us-cert.gov/ics/advisories/icsa-20-056-01,2020-02-25,1900-01-01,Moxa MB3xxx Series Protocol Gateways,1,Moxa,NULL
ICSA-20-056-02,https://www.us-cert.gov/ics/advisories/icsa-20-056-02,2020-02-25,1900-01-01,"Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility",1,Moxa,NULL
ICSA-20-056-03,https://www.us-cert.gov/ics/advisories/icsa-20-056-03,2020-02-25,1900-01-01,Moxa PT-7528 and PT-7828 Series Ethernet Switches,1,Moxa,NULL
ICSA-20-056-04,https://www.us-cert.gov/ics/advisories/icsa-20-056-04,2020-02-25,2020-03-26,Moxa EDS-G516E and EDS-510E Series Ethernet Switches,1,Moxa,NULL
ICSA-20-056-05,https://www.us-cert.gov/ics/advisories/icsa-20-056-05,2020-02-25,1900-01-01,Honeywell WIN-PAK,1,Honeywell,NULL
ICSA-20-063-01,https://www.us-cert.gov/ics/advisories/icsa-20-063-01,2020-03-03,1900-01-01,Emerson ValveLink,1,Emerson,NULL
ICSA-20-063-02,https://www.us-cert.gov/ics/advisories/icsa-20-063-02,2020-03-03,1900-01-01,PHOENIX CONTACT Emalytics Controller ILC,1,PHOENIX CONTACT,NULL
ICSA-20-063-03,https://www.us-cert.gov/ics/advisories/icsa-20-063-03,2020-03-03,1900-01-01,Omron PLC CJ Series,1,Omron,NULL
ICSA-20-063-04,https://www.us-cert.gov/ics/advisories/icsa-20-063-04,2020-03-03,1900-01-01,Moxa AWK-3131A Series Industrial AP/Bridge/Client,1,Moxa,NULL
ICSA-20-065-01,https://www.us-cert.gov/ics/advisories/icsa-20-065-01,2020-03-05,1900-01-01,WAGO I/O-CHECK,0,WAGO,NULL
ICSA-20-070-01,https://www.us-cert.gov/ics/advisories/icsa-20-070-01,2020-03-10,1900-01-01,Siemens SiNVR 3,1,Siemens,NULL
ICSA-20-070-02,https://www.us-cert.gov/ics/advisories/icsa-20-070-02,2020-03-10,1900-01-01,SIMATIC S7-300 CPUs and SINUMERIK Controller over Profinet,1,Siemens,NULL
ICSA-20-070-03,https://www.us-cert.gov/ics/advisories/icsa-20-070-03,2020-03-10,1900-01-01,Siemens Spectrum Power 5,1,Siemens,NULL
ICSA-20-070-04,https://www.us-cert.gov/ics/advisories/icsa-20-070-04,2020-03-10,2020-03-11,Johnson Controls Kantech EntraPass,1,Johnson Controls,NULL
ICSA-20-070-05,https://www.us-cert.gov/ics/advisories/icsa-20-070-05,2020-03-10,1900-01-01,Johnson Controls Metasys,1,Johnson Controls,NULL
ICSA-20-070-06,https://www.us-cert.gov/ics/advisories/icsa-20-070-06,2020-03-10,1900-01-01,Rockwell Automation MicroLogix Controllers and RSLogix 500 Software,1,Rockwell Automation,NULL
ICSA-20-072-01,https://www.us-cert.gov/ics/advisories/icsa-20-072-01,2020-03-12,1900-01-01,ABB eSOMS,1,ABB,NULL
ICSA-20-072-02,https://www.us-cert.gov/ics/advisories/icsa-20-072-02,2020-03-12,1900-01-01,ABB Asset Suite,1,ABB,NULL
ICSA-20-072-03,https://www.us-cert.gov/ics/advisories/icsa-20-072-03,2020-03-12,1900-01-01,Rockwell Automation Allen-Bradley Stratix 5950,1,Rockwell Automation,NULL
ICSA-20-077-01,https://www.us-cert.gov/ics/advisories/icsa-20-077-01,2020-03-17,1900-01-01,Delta Electronics Industrial Automation CNCSoft ScreenEditor,1,Delta Electronics,NULL
ICSA-20-079-01,https://www.us-cert.gov/ics/advisories/icsa-20-079-01,2020-03-19,1900-01-01,Systech NDS-5000 Terminal Server,1,Systech,NULL
ICSA-20-084-01,https://www.us-cert.gov/ics/advisories/icsa-20-084-01,2020-03-24,1900-01-01,VISAM Automation Base (VBASE),1,VISAM,NULL
ICSA-20-084-02,https://www.us-cert.gov/ics/advisories/icsa-20-084-02,2020-03-24,1900-01-01,Schneider Electric IGSS SCADA Software,1,Schneider Electric,NULL
ICSA-20-086-01,https://www.us-cert.gov/ics/advisories/icsa-20-086-01,2020-03-26,1900-01-01,Advantech WebAccess,1,Advantech,NULL
ICSMA-16-089-01,https://www.us-cert.gov/ics/advisories/ICSMA-16-089-01,2016-03-29,2017-03-23,CareFusion Pyxis SupplyStation System Vulnerabilities,1,"CareFusion, Becton, Dickinson and Company (BD)"," Independent researchers Billy Rios and Mike Ahmadi in collaboration with CareFusion have identified numerous third-party software vulnerabilities in end-of-life versions of CareFusion’s Pyxis SupplyStation system. The Pyxis SupplyStation was obtained through a third-party that resells decommissioned systems from healthcare systems, and the vulnerabilities were found using an automated software composition analysis tool. Because the affected versions are at end-of-life, a patch will not be provided; however, CareFusion has provided compensating measures to help reduce the risk of exploitation for the affected versions of the Pyxis SupplyStation systems. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSMA-16-196-01,https://www.us-cert.gov/ics/advisories/ICSMA-16-196-01,2016-07-14,2016-07-15,Philips Xper-IM Connect Vulnerabilities,1,Philips," Independent researchers Mike Ahmadi of Synopsys and Billy Rios of Whitescope LLC, in collaboration with Philips, have identified numerous vulnerabilities with an automated software composition analysis tool in the Philips Xper-IM Connect system running on Windows XP. Philips reports that the identified vulnerabilities can be addressed by upgrading the affected system to a newer version of Windows and installing Philips’ new software version. An independent third-party organization has tested the upgraded system with the new software version applied to validate that it resolves the reported vulnerabilities. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSMA-16-279-01,https://www.us-cert.gov/ics/advisories/ICSMA-16-279-01,2016-10-05,1900-01-01,Animas OneTouch Ping Insulin Pump Vulnerabilities,1,Animas," Rapid7 has identified vulnerabilities in the cybersecurity of the Animas OneTouch Ping insulin pump system. Animas will not be releasing a patch or new version to mitigate these vulnerabilities. Animas has provided compensating controls to help reduce the risk associated with the exploitation of the identified vulnerabilities, and these compensating controls may impact device functionality. These vulnerabilities could be exploited remotely via radio frequency communications. Detailed vulnerability information is publicly available that could be used to develop an exploit that targets these vulnerabilities."
ICSMA-16-306-01,https://www.us-cert.gov/ics/advisories/ICSMA-16-306-01,2016-12-01,2017-09-07,Smiths Medical CADD-Solis Medication Safety Software Vulnerabilities,1,Smiths Medical," This advisory was originally posted to the US-CERT secure Portal library on November 1, 2016, and is being released to the NCCIC/ICS-CERT web site. Smiths Medical has reported two vulnerabilities in Smiths Medical’s CADD-Solis Medication Safety Software that were identified by Andrew Gothard of Newcastle Upon Tyne Hospitals NHS Foundations Trust. Smiths Medical has produced new versions to mitigate these vulnerabilities. Smiths Medical reports that an independent security expert has tested the new versions to validate that they resolve the identified vulnerabilities. These vulnerabilities could be exploited remotely."
ICSMA-17-009-01A,https://www.us-cert.gov/ics/advisories/ICSMA-17-009-01A,2017-01-09,2017-02-06,St. Jude Merlin@home Transmitter Vulnerability (Update A),1,St. Jude Medical," This updated advisory is a follow-up to the original advisory titled ICSMA-17-009-01 St. Jude Merlin@home Transmitter Vulnerability that was published January 9, 2017, on the NCCIC/ICS-CERT web site."
ICSMA-17-017-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-017-01,2017-02-07,2017-03-23,BD Alaris 8000 Insufficiently Protected Credentials Vulnerability,1,"Becton, Dickinson and Company (BD)"," This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. Becton, Dickinson and Company (BD) has identified an insufficiently protected credentials vulnerability in BD’s Alaris 8000 Point of Care (PC) unit, which provides a common user interface for programming intravenous infusions. BD has not developed a product fix to address this vulnerability, but has issued compensating controls to help reduce the risk associated with this vulnerability."
ICSMA-17-017-02A,https://www.us-cert.gov/ics/advisories/ICSMA-17-017-02A,2017-02-07,2017-10-19,BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities (Update A),1,"Becton, Dickinson and Company (BD)"," This updated advisory is a follow-up to the original advisory titled ICSMA-17-017-02 BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities that was published February 7, 2017, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 4 -------- Researchers at Zingbox were able to expand the impact of the vulnerability identified in Becton, Dickinson and Company’s (BD) Alaris 8015 Point of Care (PC) unit Version 9.5. The Alaris 8015 PC provides a common user interface for programming intravenous infusions. BD has not developed a product fix to address the identified vulnerabilities, but has issued compensating controls to help reduce the risk associated with these vulnerabilities. --------- End Update A Part 1 of 4 ----------"
ICSMA-17-082-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-082-01,2017-03-23,1900-01-01,BD Kiestra PerformA and KLA Journal Service Applications Hard-Coded Passwords Vulnerability,1,"Becton, Dickinson and Company (BD)"," Becton, Dickinson and Company (BD) has identified a hard-coded password vulnerability in BD’s Kiestra PerformA and KLA Journal Service applications that access the BD Kiestra Database. BD has produced compensating controls to reduce the risk of exploitation of the identified vulnerability by issuing product updates and defensive measures to be applied by end users. This vulnerability could be exploited remotely."
ICSMA-17-082-02,https://www.us-cert.gov/ics/advisories/ICSMA-17-082-02,2017-05-23,1900-01-01,B. Braun Medical SpaceCom Open Redirect Vulnerability,1,B. Braun Medical Inc.," This advisory was originally posted to the NCCIC Portal on March 23, 2017, and is being released to the ICS-CERT web site. Marc Ruef and Rocco Gagliardi of scip AG have identified an open redirect vulnerability in B. Braun Medical’s SpaceCom module, which is integrated into the SpaceStation docking station. B. Braun has produced a software update for the SpaceCom module to mitigate this vulnerability. This vulnerability could be exploited remotely."
ICSMA-17-215-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-215-01,2017-08-03,1900-01-01,Siemens Molecular Imaging Vulnerabilities,1,Siemens," Siemens has identified two vulnerabilities in Siemens’ Molecular Imaging products running on Windows XP. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely."
ICSMA-17-215-02,https://www.us-cert.gov/ics/advisories/ICSMA-17-215-02,2017-08-03,2017-08-09,Siemens Molecular Imaging Vulnerabilities,1,Siemens," Siemens has identified four vulnerabilities in Siemens’ Molecular Imaging products running on Windows 7. Siemens is preparing updates for the affected products. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are known to be publicly available."
ICSMA-17-227-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-227-01,2017-08-15,1900-01-01,BMC Medical and 3B Medical Luna CPAP Machine,1,"BMC Medical, 3B Medical"," MedSec has identified an improper input validation vulnerability in BMC Medical’s and 3B Medical’s Luna continuous positive airway pressure (CPAP) therapy machine. For devices released after July 1, 2017, this vulnerability has been addressed. For devices released prior to July 1, 2017, BMC Medical and 3B Medical offer no mitigations."
ICSMA-17-229-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-229-01,2017-08-17,1900-01-01,Philips' DoseWise Portal Vulnerabilities,1,Philips," Philips has identified Hard-coded Credentials and Cleartext Storage of Sensitive Information vulnerabilities in Philips’ DoseWise Portal (DWP) web application. Philips has updated product documentation and produced a new version that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely."
ICSMA-17-241-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-241-01,2017-08-29,2018-04-16,"Abbott Laboratories’ Accent/Anthem, Accent MRI, Assurity/Allure, and Assurity MRI Pacemaker Vulnerabilities",1,Abbott Laboratories," MedSec Holdings Ltd has identified vulnerabilities in Abbott Laboratories’ (formerly St. Jude Medical) pacemakers. Abbott has produced a firmware patch to help mitigate the identified vulnerabilities in their pacemakers that utilize radio frequency (RF) communications. A third-party security research firm has verified that the new firmware version mitigates the identified vulnerabilities. The Food and Drug Administration (FDA) released a safety communication on August 29, 2017, Firmware Update to Address Cybersecurity Vulnerabilities Identified in Abbott’s (formerly St. Jude Medical’s) Implantable Cardiac Pacemakers: FDA Safety Communication, regarding the identified vulnerabilities and corresponding mitigation. In response, ICS-CERT is releasing this advisory to provide additional detail to patients and healthcare providers."
ICSMA-17-250-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-250-01,2017-09-07,2017-09-08,"i-SENS, Inc. SmartLog Diabetes Management Software",1,I-SENS Inc.," Independent researcher Mark Cross has identified an uncontrolled search path element vulnerability in i-SENS, Inc. SmartLog Diabetes Management Software. i-SENS has produced an update that mitigates this vulnerability. Mark Cross has tested the update to validate that it resolves the vulnerability."
ICSMA-17-250-02A,https://www.us-cert.gov/ics/advisories/ICSMA-17-250-02A,2017-09-07,2017-12-12,Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities (Update A),1,Smiths Medical," This updated advisory is a follow-up to the original advisory titled ICSMA-17-250-02 Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities that was published September 7, 2017, on the NCCIC/ICS-CERT web site. Independent researcher Scott Gayou has identified eight vulnerabilities in Smiths Medical’s Medfusion 4000 Wireless Syringe Infusion Pump. --------- Begin Update A Part 1 of 3 -------- Smiths Medical has released a patch to address these vulnerabilities. ICS-CERT is recommending that users apply the identified compensating controls until the new version can be applied. --------- End Update A Part 1 of 3 -------- These vulnerabilities could be exploited remotely."
ICSMA-17-255-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-255-01,2017-09-12,1900-01-01,Philips' IntelliView MX40 Patient Worn Monitor (WLAN) Vulnerabilities,1,Philips," Philips has identified two vulnerabilities in Philips’ IntelliView MX40 Patient Worn Monitor for use with wireless local area networks (WLANs). Philips has produced a software update that fixes one of the identified vulnerabilities and provides mitigations for the other vulnerability. Philips plans to release an additional software update in 2017 to address the remaining vulnerability."
ICSMA-17-292-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-292-01,2017-10-19,1900-01-01,Boston Scientific ZOOM LATITUDE PRM Vulnerabilities,1,Boston Scientific," Researchers Jonathan Butts and Billy Rios of Whitescope have identified two vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) – Model 3120. Boston Scientific has provided compensating controls to reduce the risk of exploitation."
ICSMA-17-318-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-318-01,2017-11-14,1900-01-01,Philips IntelliSpace Cardiovascular System and Xcelera System Vulnerability,1,Philips," Philips reported a vulnerability in the Philips’ IntelliSpace Cardiovascular and Xcelera cardiac image and information management systems. Philips has produced updates that mitigate this vulnerability in the affected products. This vulnerability could be exploited remotely."
ICSMA-17-332-01,https://www.us-cert.gov/ics/advisories/ICSMA-17-332-01,2017-11-28,2017-12-01,Ethicon Endo-Surgery Generator G11 Vulnerability,1,Ethicon," Johnson & Johnson, the parent company of Ethicon Endo-Surgery, LLC, reported an improper authentication vulnerability in the Ethicon Endo-Surgery Generator Gen11. EthiconEndo-Surgery, LLC has produced updates that mitigate this vulnerability in the affected product."
ICSMA-18-025-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-025-01,2018-01-25,1900-01-01,Philips IntelliSpace Cardiovascular System Vulnerability,1,Philips," Philips reported an insufficient session expiration vulnerability in the Philips’ IntelliSpace Cardiovascular cardiac image and information management systems. Philips is creating a software update to mitigate this vulnerability in the affected products."
ICSMA-18-037-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-037-01,2018-02-06,1900-01-01,Vyaire Medical CareFusion Upgrade Utility Vulnerability,1,Vyaire Medical," Independent researcher Mark Cross (@xerubus) has identified an uncontrolled search path element vulnerability in Vyaire Medical’s CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability."
ICSMA-18-037-02,https://www.us-cert.gov/ics/advisories/ICSMA-18-037-02,2018-03-13,1900-01-01,GE Medical Devices Vulnerability,1,GE," This advisory was originally posted to the HSIN ICS-CERT library on February 6, 2018, and is being released to the NCCIC/ICS-CERT website. Independent researcher Scott Erven submitted information regarding the potential use of default or hard-coded credentials in multiple GE Healthcare products. Following the researcher’s report, GE performed a self-assessment and validated that multiple GE Healthcare products use default or hard-coded credentials. GE has reviewed capability to change passwords identified by the researcher within the product documentation, and users are advised to contact GE Service for assistance in changing passwords. Vulnerability information about the affected products is publicly available."
ICSMA-18-058-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-058-01,2018-02-27,2018-10-11,Medtronic 2090 Carelink Programmer Vulnerabilities (Update B),1,Medtronic,NULL
ICSMA-18-058-02,https://www.us-cert.gov/ics/advisories/ICSMA-18-058-02,2018-02-27,1900-01-01,Philips Intellispace Portal ISP Vulnerabilities,1,Philips," Philips reported vulnerabilities in the Philips’ IntelliSpace Portal (ISP), an advanced visualization and image analysis system. Philips is creating a software update to mitigate these vulnerabilities in the affected products. Additionally, they are issuing mitigating controls for some vulnerabilities. Some vulnerabilities could be exploited remotely. Exploits that target some vulnerabilities are publicly available."
ICSMA-18-086-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-086-01,2018-03-27,2018-12-13,Philips Alice 6 Vulnerabilities (Update B),1,Philips,NULL
ICSMA-18-088-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-088-01,2018-03-29,2018-10-02,Philips iSite/IntelliSpace PACS Vulnerabilities (Update A),1,Philips,NULL
ICSMA-18-107-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-107-01,2018-04-17,2018-04-25,Abbott Laboratories Defibrillator,1,Abbott Laboratories,NULL
ICSMA-18-107-02,https://www.us-cert.gov/ics/advisories/ICSMA-18-107-02,2018-04-17,1900-01-01,Biosense Webster Carto 3 System Vulnerabilities,1,Biosense Webster,NULL
ICSMA-18-114-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-114-01,2018-04-24,1900-01-01,BD Pyxis,1,"Becton, Dickinson and Company (BD)",NULL
ICSMA-18-123-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-123-01,2018-05-03,1900-01-01,Philips Brilliance Computed Tomography (CT) System,1,Philips,NULL
ICSMA-18-128-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-128-01,2018-05-08,2018-06-05,Silex Technology SX-500/SD-320AN or GE Healthcare MobileLink (Update B),1,"GE, Silex Technology",NULL
ICSMA-18-137-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-137-01,2018-05-17,2018-07-12,Medtronic N'Vision Clinician Programmer (Update A),1,Medtronic,NULL
ICSMA-18-142-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-142-01,2018-05-22,2018-10-11,BD Kiestra and InoquIA Systems (Update A),1,"Becton, Dickinson and Company (BD)",NULL
ICSMA-18-144-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-144-01,2018-05-24,2018-05-29,BeaconMedaes TotalAlert Scroll Medical Air Systems,1,BeaconMedaes,NULL
ICSMA-18-156-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-156-01,2018-06-05,1900-01-01,Philips' IntelliVue Patient and Avalon Fetal Monitors,1,Philips,NULL
ICSMA-18-165-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-165-01,2018-06-14,1900-01-01,Natus Xltek NeuroWorks,1,"Natus Medical, Inc.",NULL
ICSMA-18-179-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-179-01,2018-06-28,1900-01-01,Medtronic MyCareLink Patient Monitor,1,Medtronic,NULL
ICSMA-18-219-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-219-01,2018-08-07,1900-01-01,Medtronic MyCareLink 24950 Patient Monitor,1,Medtronic,NULL
ICSMA-18-219-02,https://www.us-cert.gov/ics/advisories/ICSMA-18-219-02,2018-08-07,1900-01-01,Medtronic MiniMed 508 Insulin Pump,1,Medtronic,NULL
ICSMA-18-226-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-226-01,2018-08-14,1900-01-01,Philips IntelliSpace Cardiovascular Vulnerabilities,1,Philips,NULL
ICSMA-18-228-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-228-01,2018-08-16,1900-01-01,"Philips PageWriter TC10, TC20, TC30, TC50, and TC70 Cardiographs",1,Philips,NULL
ICSMA-18-233-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-233-01,2018-08-21,2018-10-11,Philips IntelliVue Information Center iX (Update B),1,Philips,NULL
ICSMA-18-235-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-235-01,2018-08-23,1900-01-01,BD Alaris Plus,1,"Becton, Dickinson and Company (BD)",NULL
ICSMA-18-240-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-240-01,2018-08-28,1900-01-01,Qualcomm Life Capsule,1,Qualcomm Life,NULL
ICSMA-18-277-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-277-01,2018-10-04,1900-01-01,Carestream Vue RIS,1,Carestream,NULL
ICSMA-18-277-02,https://www.us-cert.gov/ics/advisories/ICSMA-18-277-02,2018-10-04,1900-01-01,Change Healthcare PeerVue Web Server,1,Change Healthcare,NULL
ICSMA-18-310-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-310-01,2018-11-06,2018-11-08,Roche Diagnostics Point of Care Handheld Medical Devices (Update A),1,Roche,NULL
ICSMA-18-312-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-312-01,2018-11-08,1900-01-01,Philips iSite and IntelliSpace PACS,1,Philips,NULL
ICSMA-18-340-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-340-01,2018-12-06,1900-01-01,Philips HealthSuite Health Android App,1,Philips,NULL
ICSMA-18-347-01,https://www.us-cert.gov/ics/advisories/ICSMA-18-347-01,2018-12-13,1900-01-01,"Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers",1,Medtronic,NULL
ICSMA-19-022-01,https://www.us-cert.gov/ics/advisories/ICSMA-19-022-01,2019-01-22,1900-01-01,Dräger Infinity Delta,1,Dräger,NULL
ICSMA-19-029-01,https://www.us-cert.gov/ics/advisories/ICSMA-19-029-01,2019-01-29,1900-01-01,Stryker Medical Beds,1,Stryker,NULL
ICSMA-19-029-02,https://www.us-cert.gov/ics/advisories/ICSMA-19-029-02,2019-01-29,2019-02-05,BD FACSLyric (Update A),1,"Becton, Dickinson and Company (BD)",NULL
ICSMA-19-080-01,https://www.us-cert.gov/ics/advisories/ICSMA-19-080-01,2019-03-21,1900-01-01,Medtronic Conexus Radio Frequency Telemetry Protocol,1,Medtronic,NULL
ICSMA-19-113-01,https://www.us-cert.gov/ics/advisories/ICSMA-19-113-01,2019-04-23,1900-01-01,Fujifilm FCR Capsula X/Carbon X,1,Fujifilm,NULL
ICSMA-19-120-01,https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01,2019-04-30,1900-01-01,Philips Tasy EMR,0,Philips,NULL
ICSMA-19-164-01,https://www.us-cert.gov/ics/advisories/ICSMA-19-164-01,2019-06-13,2019-06-14,BD Alaris Gateway Workstation,1,"Becton, Dickinson and Company (BD)",NULL
ICSMA-19-178-01,https://www.us-cert.gov/ics/advisories/icsma-19-178-01,2019-06-27,1900-01-01,Medtronic MiniMed 508 and Paradigm Series Insulin Pumps,1,Medtronic,NULL
ICSMA-19-190-01,https://www.us-cert.gov/ics/advisories/icsma-19-190-01,2019-07-09,2019-07-24,GE Aestiva and Aespire Anesthesia (Update A),1,GE,NULL
ICSMA-19-192-01,https://www.us-cert.gov/ics/advisories/icsma-19-192-01,2019-07-11,1900-01-01,Philips Holter 2010 Plus,1,Philips,NULL
ICSMA-19-241-01,https://www.us-cert.gov/ics/advisories/icsma-19-241-01,2019-08-29,1900-01-01,Change Healthcare McKesson and Horizon Cardiology,1,Change Healthcare,NULL
ICSMA-19-241-02,https://www.us-cert.gov/ics/advisories/icsma-19-241-02,2019-08-29,1900-01-01,Philips HDI 4000 Ultrasound,1,Philips,NULL
ICSMA-19-248-01,https://www.us-cert.gov/ics/advisories/icsma-19-248-01,2019-09-05,2019-10-08,BD Pyxis (Update A),1,"Becton, Dickinson and Company (BD)",NULL
ICSMA-19-255-01,https://www.us-cert.gov/ics/advisories/icsma-19-255-01,2019-09-12,1900-01-01,Philips IntelliVue WLAN,1,Philips,NULL
ICSMA-19-274-01,https://www.us-cert.gov/ics/advisories/icsma-19-274-01,2020-01-07,1900-01-01,Interpeak IPnet TCP/IP Stack (Update D),1,"ENEA, Green Hills Software, ITRON, IP Infusion, Wind River",NULL
ICSMA-19-297-01,https://www.us-cert.gov/ics/advisories/icsma-19-297-01,2019-10-24,1900-01-01,Philips IntelliSpace Perinatal,1,Philips,NULL
ICSMA-19-311-01,https://www.us-cert.gov/ics/advisories/icsma-19-311-01,2019-11-07,1900-01-01,Medtronic Valleylab FT10 and LS10,1,Medtronic,NULL
ICSMA-19-311-02,https://www.us-cert.gov/ics/advisories/icsma-19-311-02,2019-11-07,1900-01-01,Medtronic Valleylab FT10 and FX8,1,Medtronic,NULL
ICSMA-19-318-01,https://www.us-cert.gov/ics/advisories/icsma-19-318-01,2019-12-12,1900-01-01,Philips IntelliBridge EC40/80 (Update A),1,Philips,NULL
ICSMA-19-353-01,https://www.us-cert.gov/ics/advisories/icsma-19-353-01,2019-12-19,1900-01-01,"Philips Veradius Unity, Pulsera, and Endura Dual WAN Routers",0,Philips,NULL
ICSMA-20-023-01,https://www.us-cert.gov/ics/advisories/icsma-20-023-01,2020-01-23,1900-01-01,"GE CARESCAPE, ApexPro, and Clinical Information Center systems",1,GE,NULL
ICSMA-20-049-01,https://www.us-cert.gov/ics/advisories/icsma-20-049-01,2020-02-18,1900-01-01,Spacelabs Xhibit Telemetry Receiver (XTR),1,Spacelabs,NULL
ICSMA-20-049-02,https://www.us-cert.gov/ics/advisories/icsma-20-049-02,2020-02-18,1900-01-01,GE Ultrasound products,1,GE,NULL
ICSMA-20-079-01,https://www.us-cert.gov/ics/advisories/icsma-20-079-01,2020-03-19,1900-01-01,Insulet Omnipod,1,Insulet,NULL
NCCIC Advisory: April 2011,https://www.us-cert.gov/ics/advisories/NCCIC-Advisory-April-2011,2011-04-06,2013-04-26,Targeted Phishing Attacks,0,Other,NULL
NCCIC Advisory: May 2011,https://www.us-cert.gov/ics/advisories/NCCIC-Advisory-May-2011,2011-05-02,2013-04-26,Osama Bin Laden-Themed Phishing,0,Other,NULL