Source
us-cert
This updated advisory is a follow-up to the original advisory titled ICSA-21-350-05 Mitsubishi Electric FA Engineering Software that was published December 16, 2021, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Out-of-bounds Read, and Integer Underflow vulnerabilities in Mitsubishi Electric's FA Engineering Software products.
This updated advisory is a follow-up to the original advisory titled ICSA-15-258-02 3S CODESYS Gateway Server Buffer overflow Vulnerability that was published September 15, 2015, on the ICS webpage at cisa.gov/ics. This advisory provides mitigation details for a heap-based buffer overflow vulnerability in CODESYS Gateway Server products.
This advisory contains mitigations for an Incorrect Default Permissions vulnerability in ABB e-Design engineering software.
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.
This advisory contains mitigations for a SQL Injection, Missing Authentication for Critical Function, Relative Path Traversal, and Command Injection vulnerabilities in Advantech iView management software.
This advisory contains mitigations for a missing authentication for critical function vulnerability in the Motorola Solutions MOSCAD IP and ACE IP Gateways products.
This advisory contains mitigations for Use of a Broken or Risky Cryptographic Algorithm, and Plaintext Storage of a Password vulnerabilities in the Motorola Solutions MDLC protocol parser.
This advisory contains mitigations for Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials, and Insufficient Verification of Data Authenticity vulnerabilities in the Motorola Solutions ACE1000 remote terminal unit.
This advisory contains mitigations for a path traversal, relative path traversal, NULL pointer reference vulnerability in DCMTK, an OFFIS product.
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, and Use of Hard-coded Credentials vulnerabilities in the Yokogawa STARDOM network control system.