View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: B&R Equipment: Automation Runtime Vulnerability: Use of a Broken or Risky Cryptographic Algorithm 2. RISK EVALUATION Successful exploitation of this vulnerability could
Continue ReadingCategory: CISA.gov
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-23006 SonicWall SMA1000 Appliances Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-11023 JQuery Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and
Continue ReadingSchneider Electric EcoStruxure Power Build Rapsody
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.6 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Power Build Rapsody Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful
Continue ReadingCISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-023-01 mySCADA myPRO Manager ICSA-25-023-02 Hitachi Energy RTU500 Series Product
Continue ReadingHMS Networks Ewon Flexy 202
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: HMS Networks Equipment: Ewon Flexy 202 Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an
Continue ReadingSchneider Electric Easergy Studio
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Easergy Studio Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability may risk unauthorized access to the
Continue ReadingmySCADA myPRO Manager
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation
Continue ReadingSchneider Electric EVlink Home Smart and Schneider Charge
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: EVlink Home Smart and Schneider Charge Vulnerability: Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability
Continue ReadingHitachi Energy RTU500 Series Product
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series products Vulnerability: Improperly Implemented Security Check for Standard 2. RISK EVALUATION Successful exploitation of this vulnerability could
Continue Reading