us-cert

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: OMNTEC Mfg., Inc. Equipment: Proteus Tank Monitoring Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform administrative actions without proper authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Proteus Tank Monitoring is affected: OMNTEC Proteus Tank Monitoring: OEL8000III Series 3.2 Vulnerability Overview 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The affected product could allow an attacker to perform administrative actions without proper authentication. CVE-2024-6981 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-6981. A base score of 9.3 has been calculated; the C...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXview One, MXview One Central Manager Series Vulnerabilities: Cleartext Storage In A File or On Disk, Path Traversal, Time-of-Check Time-of-Use Race Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to expose local credentials and write arbitrary files to the system, resulting in execution of malicious code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Moxa products are affected: MXview One Series: Versions 1.4.0 and prior MXview One Central Manager Series: Version 1.0.0 3.2 Vulnerability Overview 3.2.1 CLEARTEXT STORAGE IN A FILE OR ON DISK CWE-313 The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused because of sensitive information exposure. CVE-2024-6785 has been assign...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low Attack Complexity Vendor: IDEC Corporation Equipment: IDEC PLCs Vulnerabilities: Cleartext Transmission of Sensitive Information, Generation of Predictable Identifiers 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain user authentication information or disrupt communication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of IDEC PLCs are affected: FC6A Series MICROSmart All-in-One CPU module: Ver.2.60 and prior FC6B Series MICROSmart All-in-One CPU module: Ver.2.60 and prior FC6A Series MICROSmart Plus CPU module: Ver.2.40 and prior FC6B Series MICROSmart Plus CPU module: Ver.2.60 and prior FT1A Series SmartAXIS Pro/Lite: Ver.2.41 and prior (affected only by CVE-2024-41927) 3.2 Vulnerability Overview 3.2.1 CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319 The affected products are vulnerable to a cleartext vulnerability that could allow an attacker to o...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Kastle Systems Equipment: Access Control System Vulnerabilities: Use of Hard-coded Credentials, Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information on the affected product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Kastle Systems Access Control System are affected: Access Control System: Firmware before May 1, 2024 3.2 Vulnerability Overview 3.2.1 USE OF HARD-CODED CREDENTIALS CWE-798 Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information. CVE-2024-45861 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.6 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N). A CVSS v4 score has also been ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable locally/high attack complexity Vendor: Rockwell Automation Equipment: RSLogix 5 and RSLogix 500 Vulnerability: Insufficient verification of data authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation RSLogix 5 and RSLogix 500, a programming software, are affected: RSLogix 500: All versions RSLogix Micro Developer and Starter: All versions RSLogix 5: All versions 3.2 Vulnerability Overview 3.2.1 INSUFFICIENT VERIFICATION OF DATA AUTHENTICITY CWE-345 A feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been opened without user intervention. This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/R...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: MegaSys Computer Technologies Equipment: Telenium Online Web Application Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following MegaSys Computer Technologies products are affected: Telenium Online Web Application: versions 8.3 and prior 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server. CVE-2024-6404 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 ha...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: IDEC Corporation Equipment: WindLDR, WindO/I-NV4 Vulnerability: Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of WindLDR and WindO/I-NV4 are affected: WindLDR: Ver.9.1.0 and prior WindO/I-NV4: Ver.3.0.1 and prior 3.2 Vulnerability Overview 3.2.1 CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312 The affected products are vulnerable to a cleartext vulnerability that could allow an attacker to obtain user authentication information. CVE-2024-41716 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.9 has been calculated; the CVSS vector string is (/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Food and Agriculture, Critical Manufacturing, Energy, Transportation COUNTRI...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC S7-200 SMART Devices Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens SIMATIC S7-200 SMART Devices are affected: SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0): All versions SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0): All Versions SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0): All Versions SIMATIC S7-200 SMART CPU SR20 (6ES7288...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Millbeck Communications Equipment: Proroute H685t-w Vulnerabilities: Command Injection, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary commands on the device's operating system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Millbeck Communications Proroute H685t-w, a 4G router, are affected: Proroute H685t-w: Version 3.2.334 3.2 Vulnerability Overview 3.2.1 Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-77 There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system. CVE-2024-45682 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). 3.2.2 Improper Neutralization of...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: Dual-redundant Platform for Computer (PC2CKM) Vulnerability: Unchecked Return Value 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform a denial-of-service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Yokogawa PC2CKM, a dual-redundant platform computer, are affected: Dual-redundant Platform for Computer (PC2CKM): R1.01.00 to R2.03.00 3.2 Vulnerability Overview 3.2.1 UNCHECKED RETURN VALUE CWE-252 If a computer on which the affected product is installed receives a large number of UDP broadcast packets in a short period, occasionally that computer may restart. If both the active and standby computers are restarted at the same time, the functionality on that computer may be temporarily unavailable. CVE-2024-8110 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been cal...