us-cert

This advisory contains mitigations for a Violation of Secure Design Principles vulnerability in the Yokogawa Consolidation Alarm Management Software for Human Interface Station (CAMS for HIS).

This advisory contains mitigations for Improper Enforcement of Behavioral Workflow, Lack of Administrator Control over Security, Improper Privilege Management, and Insufficiently Protected Credentials vulnerabilities in the Secheron SEPCOS Control and Protection Relay.

This advisory contains mitigations for an Out-of-bounds Write vulnerability in the Pyramid Solutions EtherNet/IP Adapter Development Kit.

This advisory contains mitigations for Improper Access Control, Relative Path Traversal, and Cross-site Scripting vulnerabilities in the Elcomplus SmartICS web-based HMI.

This advisory contains mitigations for an Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC Q and L Series CPUs.

This advisory contains mitigations for a Missing Authentication for Critical Function vulnerability in the JTEKT TOYOPUC programmable logic controller.

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerability in the Phoenix Contact classic line controllers.

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerability in the Phoenix Contact ProConOS and MULTIPROG software development kit.

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerability in the Phoenix Contact Classic Line Industrial Controllers.

This advisory contains mitigations for a Use of Client-side Authentication vulnerability in the Siemens SIMATIC WinCC OA SCADA HMI system.