us-cert

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vertiv Equipment: Liebert RDU101 and Liebert UNITY Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or achieve remote code execution 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Vertiv products are affected: Liebert RDU101: Versions 1.9.0.0 and prior Liebert IS-UNITY: Versions 8.4.1.0 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288 Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication. CVE-2025-46412 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). A CVSS v...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/Low attack complexity Vendor: ABUP Equipment: ABUP Internet of Things (IoT) Cloud Platform Vulnerability: Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access device profiles for which they are not authorized. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following ABUP products are affected: ABUP IoT Cloud Platform: All Versions 3.2 VULNERABILITY OVERVIEW 3.2.1 INCORRECT PRIVILEGE ASSIGNMENT CWE-266 Actors can use a maliciously crafted JavaScript Object Notation (JSON) Web Token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by the Cloud Update Platform. CVE-2025-4692 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vec...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Assured Telematics Inc. Equipment: Fleet Management System Vulnerabilities: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker collecting sensitive file system information or obtain administrative credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following product is affected: Fleet Management System: Versions prior to February 6th, 2025 3.2 VULNERABILITY OVERVIEW 3.2.1 EXPOSURE OF SENSITIVE SYSTEM INFORMATION TO AN UNAUTHORIZED CONTROL SPHERE CWE-497 The affected products could allow an unauthenticated attacker to access system information that could enable further access to sensitive files and obtain administrative credentials. CVE-2025-4364 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: Teamcenter Visualization Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code in the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens Teamcenter Visualization V14.3: All versions prior to V14.3.0.14 Siemens Teamcenter Visualization V2312: All versions prior to V2312.0010 Siemens Teamcenter Visualization V2406: All versions prior to V2406.0008 Siemens Teamcenter Visualization V2412: All versions prior ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIPROTEC and SICAM Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the network access server to grant the attacker access to the network with the attacker's desired authorization and without the need of knowing or guessing legitimate access credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the following products using the RADIUS protocol are affected: CPC80 Central Processing/Communication: All versions...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Desigo Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens Desigo CC: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The affected server application fails to authenticate specific client requests. Modification of the client...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Siemens Equipment: BACnet ATEC Devices Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the following BACnet ATEC products are affected: Siemens BACnet ATEC 550-440: All versions Siemens BACnet ATEC 550-441: All versions Siemens BACnet ATEC 550-445: All versions Siemens BACnet AT...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: INTRALOG WMS Vulnerabilities: Cleartext Transmission of Sensitive Information, Uncontrolled Resource Consumption, Use After Free, Improper Link Resolution Before File Access ('Link Following'), Improper Input Validation, Inefficient Algorithmic Complexity 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass security features, cause a denial-of-service condition, or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens INTRALOG WM...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Devices Vulnerabilities: Insufficiently Protected Credentials, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve LDAP credentials via modifying the LDAP server IP address in the FortiOS configuration to point to a malicious attacker-controlled server or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: RUGGEDCOM APE1808: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 INSUFFICIENT...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Siemens Equipment: VersiCharge AC Series EV Chargers Vulnerabilities: Missing Immutable Root of Trust in Hardware, Initialization of a Resource with an Insecure Default 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain control of the chargers through default Modbus port or execute arbitrary code by manipulating the M0 firmware. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0): All versions (CVE-2025-31929)...