Source
us-cert
This advisory contains mitigations for an Improper Authentication vulnerability in Kingsapn TMS300 CS, a water tank management system.
This advisory contains mitigations for Uncontrolled Search Path Element and Incorrect Permission Assignment for Critical Resource vulnerabilities in the SoftMaster desktop application, a PLC software application.
This advisory contains mitigations for an Off-by-one Error vulnerability in versions of Hitachi Energy TXpert Hub CoreTec 4, a digital transformer monitoring and diagnostics device.
This advisory contains mitigations for Missing Encryption of Sensitive Data, Use of Externally Controlled Format String, Missing Authentication for Critical Function vulnerabilities in Sigma and Baxter Spectrum Infusion Pumps.
This advisory contains mitigations for Buffer Overflow, Access of Resource Using Incompatible Type, NULL Pointer Dereference vulnerabilities in libIEC61850 of IEC61850 implementation software.
This updated advisory is a follow-up to the original advisory titled ICSMA-21-152-01 Hillrom Medical Device Management (Update A) that was published June 1, 2021, to the ICS webpage at cisa.gov/ics. This advisory contains mitigations for Out-of-bounds Write, Out-of-bounds Read vulnerabilities in Welch Allyn medical device management tools.
This advisory contains mitigations for Access of Uninitialized Pointer vulnerabilities in Triangle Microworks, TMW IEC 61850 Software Library and TMW IEC 60870-6 (ICCP/TASE.2) Software Library.
This advisory contains mitigations for Insufficient UI Warning of Dangerous Operations, Uncontrolled Search Path Element, and Deserialization of Untrusted Data, Improper Restriction of XML External Entity Reference vulnerabilities in versions of AVEVA Edge, an industrial software system.
This advisory contains mitigations for Missing Authentication for Critical Function, Improper Output Neutralization for Logs, and Client-side Enforcement of Server-side Security vulnerabilities in versions of Cognex 3DS-A1000 Dimensioning System, an industrial smart camera.
This advisory contains mitigations for Authentication Bypass Using an Alternate Path or Channel and Improper Input Validation, Download of Code Without Integrity Check vulnerabilities in versions of Hitachi Energy TXpert Hub CoreTec 4, a digital transformer monitoring and diagnostics device.