Security
Headlines
HeadlinesLatestCVEs

Source

us-cert

Emerson ROC800, ROC800L and DL8000

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerability in versions of ROC800, a remote automation controller.

us-cert
Open in Source
#vulnerability#auth
Siemens SICAM A8000 Web Server Module

This advisory contains mitigations for an Improper Access Control vulnerability in versions of SICAM A8000 Web Server Module products.

Siemens SICAM TOOLBOX II

This advisory contains mitigations for a Use of Hard-coded Credentials vulnerability in versions of SICAM TOOLBOX II, a control and monitoring system.

Siemens SCALANCE

This advisory contains mitigations for Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’), Allocation of Resources Without Limits or Throttling, and Basic Cross Site Scripting vulnerabilities in versions of SCALANCE products.

Siemens SIMATIC S7-400 (Update A)

This updated advisory is a follow-up to the advisory update titled ICSA-21-104-12 Siemens SIMATIC S7-400 that was published April 14, 2022, to the ICS webpage on www.cisa.gov/ics. This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability in the Siemens SIMATIC S7-400.

Siemens Industrial Products LLDP (Update C)

This updated advisory is a follow-up to the original advisory titled ICSA-21-194-07 Siemens Industrial Products LLDP (Update B) that was published August 10, 2021, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Classic Buffer Overflow and Uncontrolled Resource Consumption vulnerabilities in versions of Siemens Industrial Products (LLDP).

Mitsubishi Electric GT SoftGOT2000

This advisory contains mitigations for Infinite Loop and OS Command Injection vulnerabilities in versions of Mitsubishi Electric GT SoftGOT2000 software.

Emerson ControlWave

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerabilities in Emerson ControlWave products, a programmable controller.

Emerson OpenBSI

This advisory contains mitigations for Use of Broken or Risky Cryptographic Algorithm and Use of Hard-coded Cryptographic Key vulnerabilities in Emerson OpenBSI, a set of network communication services.

Digi ConnectPort X2D

This advisory contains mitigations for an Execution with Unnecessary Privileges vulnerability in Digi ConnectPort X2D, a connection gateway.