Industrial cybersecurity news
[VULNERABILITY] Emerson ROC800, ROC800L and DL8000
11 Aug 2022
Vulnerability affects :
- ROC800: All versions\xc2\xa0
- ROC800L: All versions\xc2\xa0
- DL8000: All versions\xc2\xa0
Vulnerability risks:
-
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30264
[VULNERABILITY] Siemens products
09 Aug 2022
Vulnerability affects :
- SCALANCE M-800 / S615 All versions
- SCALANCE SC-600 family All versions < V2.3.1 only affected by CVE-2022-36325, CVE-2022-36323
- SCALANCE W-700 IEEE 802.11ax family All versions
- SCALANCE W-700 IEEE 802.11n family All versions
- SCALANCE W-1700 IEEE 802.11ac family All versions
- SCALANCE XB-200 switch family All versions
- SCALANCE XC-200 switch family All versions
- SCALANCE XF-200BA switch family All versions
- SCALANCE XM-400 Family All versions
- SCALANCE XP-200 switch family All versions
- SCALANCE XR-300WG switch family All versions
- SCALANCE XR-500 Family All versions
Vulnerability risks:
- RCE
- XSS
- DoS
Patch available :
See the documents below for more information
Sources :
- [EN] Siemens
[VULNERABILITY] Siemens Simcenter STAR-CCM+
09 Aug 2022
Vulnerability affects :
- Simcenter STAR-CCM+ All versions only if the Power-on-Demand public license server is used
Vulnerability risks:
- Information Disclosure
Patch available :
See the documents below for more information
Sources :
- [EN] Siemens
[VULNERABILITY] Siemens SICAM A8000 Web Server Module
09 Aug 2022
Vulnerability affects :
- CP-8000 MASTER MODULE WITH I/O -25/+70°C (6MF2101-0AB10-0AA0) All versions
- CP-8000 MASTER MODULE WITH I/O -40/+70°C (6MF2101-1AB10-0AA0) All versions
- CP-8021 MASTER MODULE (6MF2802-1AA00) All versions
- CP-8022 MASTER MODULE WITH GPRS (6MF2802-2AA00) All versions
Vulnerability risks:
- Authentication Bypass
Patch available :
See the documents below for more information
Sources :
- [EN] Siemens
[VULNERABILITY] Emerson OpenBSI
09 Aug 2022
Vulnerability affects :
- OpenBSI: Versions 5.9 SP3 and prior
Vulnerability risks:
- Use of Broken or Risky Cryptographic Algorithm
- Use of Hard-coded Cryptographic Key
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-29959
- [EN] CVE-2022-29960
[VULNERABILITY] Emerson ControlWave
09 Aug 2022
Vulnerability affects :
- ControlWave: All versions
Vulnerability risks:
- Insufficient Verification of Data Authenticity
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30262
[VULNERABILITY] Mitsubishi Electric GT SoftGOT2000
09 Aug 2022
Vulnerability affects :
- GT SoftGOT2000: Version 1.275M
Vulnerability risks:
- Infinite Loop
- OS Command Injection
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-0778
- [EN] CVE-2022-1292
[VULNERABILITY] Digi ConnectPort X2D
04 Aug 2022
Vulnerability affects :
- Digi ConnectPort X2D Gateway: All firmware versions in devices manufactured prior to January 2020
Vulnerability risks:
- Execution with Unnecessary Privileges
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2634
[VULNERABILITY] Mitsubishi Electric Factory Automation Engineering Products (Update H)
02 Aug 2022
Vulnerability affects :
- C Controller Interface Module Utility, all versions
- CC-Link IE Control Network Data Collector, Version 1.00A
- CC-Link IE Field Network Data Collector, Version 1.00A
- CC-Link IE TSN Data Collector, Version 1.00A
- CPU Module Logging Configuration Tool, Versions 1.100E and prior
- CW Configurator, Versions 1.010L and prior
- Data Transfer, Versions 3.42U and prior
- EZSocket, version 5.1 and prior
- FR Configurator SW3, all versions
- FR Configurator2: Versions 1.26C and prior
- GT Designer2 Classic, all versions
- GT Designer3 Version1 (GOT1000), Versions 1.241B and prior
- GT Designer3 Version1 (GOT2000), Versions 1.241B and prior
- GT SoftGOT1000 Version3, Versions 3.200J and prior
- GT SoftGOT2000 Version1, Versions 1.241B and prior
- GX Developer, Versions 8.504A and prior
- GX LogViewer, Versions 1.100E and prior
- GX Works2, Versions 1.601B and prior
- GX Works3, Versions 1.063R and prior
- M_CommDTM-IO-Link, Versions 1.03D and prior
- MELFA-Works: Version 4.4 and prior
- MELSEC WinCPU Setting Utility, all versions
- MELSOFT Complete Clean Up Tool, Versions 1.06G and prior
- MELSOFT EM Software Development Kit, all versions
- MELSOFT iQ AppPortal, 1.17T and prior
- MELSOFT Navigator, Versions 2.74C and prior
- MI Configurator, Version 1.004F or later
- Motion Control Setting, Versions 1.005F and prior
- Motorizer, Versions 1.005F and prior
- MR Configurator2, Version 1.125F and prior
- MT Works2, Version 1.167Z and prior
- MTConnect Data Collector, Version 1.1.4.0 and prior
- MX Component, Version 4.20W and prior
- MX MESInterface, Versions 1.21X and prior
- MX MESInterface-R, Versions 1.12N and prior
- MX Sheet, Version 2.15R and prior
- Network Interface Board CC IE Control Utility, Versions 1.29F and prior
- Network Interface Board CC IE Field Utility, Versions 1.16S and prior
- Network Interface Board CC-Link Ver.2 Utility, Versions 1.23Z and prior
- Network Interface Board MNETH Utility, Versions 34L and prior
- Position Board utility 2, all versions
- PX Developer, version 1.53F and prior
- RT ToolBox2: Version 3.73B and prior
- RT ToolBox3: Version 1.82L and prior
- Setting/Monitoring tools for the C Controller module (SW3PVC-CCPU), Version 3.13P and prior
- Setting/Monitoring tools for the C Controller module (SW4PVC-CCPU), Version 4.12N and prior
- SLMP Data Collector, Version 1.04E and prior
Vulnerability risks:
- Unquoted Search Path or Element
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2020-14521
[VULNERABILITY] Mitsubishi Electric FA Engineering Software Products (Update F)
02 Aug 2022
Vulnerability affects :
- CPU Module Logging Configuration Tool, Versions 1.112R and prior
- CW Configurator, Versions 1.011M and prior
- Data Transfer, Versions 3.44W and prior
- EZSocket, Versions 5.4 and prior
- FR Configurator, All versions
- FR Configurator SW3, All versions
- FR Configurator2, Versions 1.24A and prior
- GT Designer3 Version1(GOT1000), Versions 1.250L and prior
- GT Designer3 Version1(GOT2000), Versions 1.250L and prior
- GT SoftGOT1000 Version3, Versions 3.245F and prior
- GT SoftGOT2000 Version1, Versions 1.250L and prior
- GX Configurator-DP, Versions 7.14Q and prior
- GX Configurator-QP, All versions
- GX Developer, Versions 8.506C and prior
- GX Explorer, All versions
- GX IEC Developer, All versions
- GX LogViewer, Versions 1.115U and prior
- GX RemoteService-I, All versions
- GX Works2, Versions 1.597X and prior
- GX Works3, Versions 1.070Y and prior
- iQ Monozukuri ANDON (Data Transfer), All versions
- iQ Monozukuri Process Remote Monitoring (Data Transfer), All versions
- M_CommDTM-HART, All versions
- M_CommDTM-IO-Link, Versions 1.03D and prior
- MELFA-Works, Versions 4.4 and prior
- MELSEC WinCPU Setting Utility, All versions
- MELSOFT EM Software Development Kit (EM Configurator), All versions
- MELSOFT Navigator, Versions 2.74C and prior
- MH11 SettingTool Version2, Versions 2.004E and prior
- MI Configurator, Versions 1.004E and prior
- MT Works2, Versions 1.167Z and prior
- MX Component, Versions 5.001B and prior
- Network Interface Board CC IE Control utility, Versions 1.29F and prior
- Network Interface Board CC IE Field Utility, Versions 1.16S and prior
- Network Interface Board CC-Link Ver.2 Utility, Versions 1.23Z and prior
- Network Interface Board MNETH utility, Versions 34L and prior
- PX Developer, Versions 1.53F and prior
- RT ToolBox2, versions 3.73B and prior
- RT ToolBox3, versions 1.82L and prior
- Setting/monitoring tools for the C Controller module (SW3PVC-CCPU), all versions
- Setting/Monitoring tools for the C Controller module (SW4PVC-CCPU), Versions 4.12N and prior
- SLMP Data Collector, Versions 1.04E and prior
Vulnerability risks:
- Heap-based Buffer Overflow
- Improper Handling of Length Parameter Inconsistency
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-20588
- [EN] CVE-2021-20587
[VULNERABILITY] Delta Electronics DIAEnergie (Update C)
02 Aug 2022
Vulnerability affects :
- DIAEnergie: All versions prior to 1.9
Vulnerability risks:
- Path Traversal
- Incorrect Default Permissions
- SQL Injection
- Uncontrolled Search Path Element
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-26887
- [EN] CVE-2022-1366
- [EN] CVE-2022-26338
- [EN] CVE-2022-25980
- [EN] CVE-2022-1376
- [EN] CVE-2022-26667
- [EN] CVE-2022-1375
- [EN] CVE-2022-0923
- [EN] CVE-2022-26013
- [EN] CVE-2022-27175
- [EN] CVE-2022-26059
- [EN] CVE-2022-1378
- [EN] CVE-2022-26839
- [EN] CVE-2022-1370
- [EN] CVE-2022-26065
- [EN] CVE-2022-1098
- [EN] CVE-2022-1377
- [EN] CVE-2022-26666
- [EN] CVE-2022-1369
- [EN] CVE-2022-26349
- [EN] CVE-2022-26069
- [EN] CVE-2022-26836
- [EN] CVE-2022-1367
- [EN] CVE-2022-1372
- [EN] CVE-2022-25347
- [EN] CVE-2022-25880
- [EN] CVE-2022-1374
- [EN] CVE-2022-26514
- [EN] CVE-2022-1371
[VULNERABILITY] Delta Electronics DIAEnergie (Update C)
02 Aug 2022
Vulnerability affects :
- DIAEnergie: All versions prior to 1.9
Vulnerability risks:
- Use of Password Hash with Insufficient Computational Effort
- Authentication Bypass Using an Alternate Path or Channel
- Unrestricted Upload of File with Dangerous Type
- SQL Injection
- Cross-site Request Forgery
- Cross-site Scripting
- Cleartext Transmission of Sensitive Information
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-44544
- [EN] CVE-2021-33003
- [EN] CVE-2021-38391
- [EN] CVE-2022-0988
- [EN] CVE-2021-32955
- [EN] CVE-2021-23228
- [EN] CVE-2021-32991
- [EN] CVE-2021-38393
- [EN] CVE-2021-44471
- [EN] CVE-2021-32983
- [EN] CVE-2021-31558
- [EN] CVE-2021-32967
- [EN] CVE-2021-38390
[VULNERABILITY] ABB Ability TM Operations Data Management Zenon Zenon Log Server file access contro
29 Jul 2022
Vulnerability affects :
- Zenon All versions up to 8.20
Vulnerability risks:
- Database Password is encrypted using a static encryption key
- Zenon log server file upload vulnerability
- Network Password is encrypted using a predictable key
Patch available :
See the documents below for more information
Sources :
- [EN] ABB
CVE :
- [EN] CVE-2022-34836
- [EN] CVE-2022-34837
- [EN] CVE-2022-34838
[VULNERABILITY] Rockwell Products Impacted by Chromium Type Confusion
28 Jul 2022
Vulnerability affects :
- FactoryTalk Linx Enterprise software: Versions 6.20, 6.21, and 6.30
- Enhanced HIM (eHIM) for PowerFlex 6000T: Version 1.001
- Connected Components Workbench software: Versions 11, 12, 13, and 20
- FactoryTalk View Site Edition: Version 13
Vulnerability risks:
- Type Confusion
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1096
[RESSOURCES] Claroty : Finding Flaws in FileWave MDM
26 Jul 2022
Claroty has discovered a vulnerability in FileWave MDM and details this one:
[VULNERABILITY] Mitsubishi Electric MELSEC and MELIPC Series (Update D)
26 Jul 2022
Vulnerability affects :
- MELSEC iQ-R Series R00/01/02CPU: Firmware\xc2\xa0Versions 24 and prior
- MELSEC iQ-R Series R04/08/16/32/120(EN)CPU: Firmware\xc2\xa0Versions 57 and prior
- MELSEC iQ-R Series R08/16/32/120SFCPU: All versions
- MELSEC iQ-R Series R08/16/32/120PCPU: Firmware\xc2\xa0Versions 29 and prior
- MELSEC iQ-R Series R08/16/32/120PSFCPU: Firmware Versions 08 and prior
- MELSEC iQ-R Series R16/32/64MTCPU: Operating system software Versions 23 and prior
- MELSEC iQ-R Series R12CCPU-V: Firmware Versions 16 and prior
- MELSEC iQ-R Series R12CCPU-V: All versions
- MELSEC Q Series Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: \xc2\xa0The first 5 digits of serial No. 23121 and prior
- MELSEC Q Series Q03/04/06/13/26UDVCPU: The first 5 digits of serial No. 23071 and prior
- MELSEC Q Series Q04/06/13/26UDPVCPU: The first 5 digits of serial No. 23071 and prior
- MELSEC Q Series Q12DCCPU-V, Q24DHCCPU-V(G), Q24/26DHCCPU-LS: The first 5 digits of serial No. 24031 and prior
- MELSEC Q Series MR-MQ100: Operating system software version F and prior
- MELSEC Q Series Q172/173DCPU-S1: Operating system software version W and prior\xc2\xa0
- MELSEC Q Series Q172/173DSCPU: All versions
- MELSEC Q Series Q170MCPU: Operating system software version W and prior\xc2\xa0
- MELSEC Q Series Q170MSCPU(-S1): All versions
- MELSEC L Series L02/06/26CPU(-P), L26CPU-(P)BT: \xc2\xa0The first 5 digits of serial No. 23121 and prior
- MELIPC Series MI5122-VW: All versions
- MELIPC Series MI5122-VW: Firmware Versions 05 and prior
Vulnerability risks:
- Uncontrolled Resource Consumption
- Improper Handling of Length Parameter Inconsistency
- Improper Input Validation
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-20611
- [EN] CVE-2021-20609
- [EN] CVE-2021-20610
[VULNERABILITY] Inductive Automation Ignition
26 Jul 2022
Vulnerability affects :
- Inductive Automation Ignition: All versions prior to 8.1.9
- Inductive Automation Ignition: All versions prior to v7.9.21
Vulnerability risks:
- Improper Restriction of XML External Entity Reference
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1704
[VULNERABILITY] Honeywell Safety Manager
26 Jul 2022
Vulnerability affects :
- Safety Manager: (CVE-2022-30315, CVE-2022-30313, and CVE-2022-30316) All versions
- Safety Manager: (CVE-2022-30314) Versions prior to R160.1
Vulnerability risks:
-
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30313
- [EN] CVE-2022-30314
- [EN] CVE-2022-30316
- [EN] CVE-2022-30315
[VULNERABILITY] Honeywell Saia Burgess PG5 PCD
26 Jul 2022
Vulnerability affects :
- Saia Burgess PG5 PCD: All versions
Vulnerability risks:
- Authentication Bypass
- Use of a Broken or Risky Cryptographic Algorithm
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30319
- [EN] CVE-2022-30320
[VULNERABILITY] MOXA NPort 5110
26 Jul 2022
Vulnerability affects :
- NPort 5110: Firmware Versions 2.10
Vulnerability risks:
- Out-of-bounds Write
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2044
- [EN] CVE-2022-2043
[VULNERABILITY] AutomationDirect Stride Field I/O
21 Jul 2022
Vulnerability affects :
- SIO-MB04RTDS, firmware version prior to v8.3.4.0
- SIO- MB04ADS, firmware version prior to v8.4.3.0
- SIO-MB04THMS, firmware version prior to v8.5.4.0
- SIO-MB08ADS-1, firmware version prior to v8.6.3.0
- SIO-MB08ADS-2, firmware version prior to v8.7.3.0
- SIO-MB08THMS, firmware version prior to v8.8.4.0
- SIO-MB04DAS, firmware version prior to v8.11.3.0
- SIO-MB12CDR, firmware version prior to v8.0.4.0
- SIO-MB16CDD2, firmware version prior to v8.1.4.0
- SIO-MB16ND3, firmware version prior to v8.2.4.00
- SIO-MB12CDR, batch number (B/N) 5714442222
- SIO-MB04ADS, B/N 5714442222
- SIO-MB04THMS, B/N 57141862221
- SIO-MB04DAS, B/N 4714432222
Vulnerability risks:
- Cleartext Transmission of Sensitive Information.
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2485
[VULNERABILITY] AutomationDirect Stride Field I/O
21 Jul 2022
Vulnerability affects :
- SIO-MB04RTDS, firmware version prior to v8.3.4.0
- SIO- MB04ADS, firmware version prior to v8.4.3.0
- SIO-MB04THMS, firmware version prior to v8.5.4.0
- SIO-MB08ADS-1, firmware version prior to v8.6.3.0
- SIO-MB08ADS-2, firmware version prior to v8.7.3.0
- SIO-MB08THMS, firmware version prior to v8.8.4.0
- SIO-MB04DAS, firmware version prior to v8.11.3.0
- SIO-MB12CDR, firmware version prior to v8.0.4.0
- SIO-MB16CDD2, firmware version prior to v8.1.4.0
- SIO-MB16ND3, firmware version prior to v8.2.4.00
- SIO-MB12CDR, batch number (B/N) 5714442222
- SIO-MB04ADS, B/N 5714442222
- SIO-MB04THMS, B/N 57141862221
- SIO-MB04DAS, B/N 4714432222
Vulnerability risks:
- Cleartext Transmission of Sensitive Information.
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2485
[VULNERABILITY] ICONICS Suite and Mitsubishi Electric MC Works64 Products
21 Jul 2022
Vulnerability affects :
- ICONICS GENESIS64: Version 10.97.1 and prior
- ICONICS Hyper Historian: Version 10.97.1 and prior
- ICONICS AnalytiX: Version 10.97.1 and prior
- ICONICS IoTWorX: Versions 10.97 and 10.97.1
- ICONICS MobileHMI: Versions 10.97 and 10.97.1
- ICONICS GraphWorX64: Version 10.97.1 and prior
- ICONICS GenBrokerX64: Version 10.97.1 and prior
- Mitsubishi Electric MC Works64: Version 4.04E and prior (v10.95.210.01), excluding CVE-2022-29384
Vulnerability risks:
- Path Traversal
- Deserialization of Untrusted Data
- Inclusion of Functionality from Untrusted Control Sphere
- Out-of-Bounds Read
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-33316
- [EN] CVE-2022-29384
- [EN] CVE-2022-33320
- [EN] CVE-2022-33317
- [EN] CVE-2022-29834
- [EN] CVE-2022-33315
- [EN] CVE-2022-33318
- [EN] CVE-2022-33319
[VULNERABILITY] Rockwell Automation ISaGRAF Workbench
21 Jul 2022
Vulnerability affects :
- ISaGRAF Workbench Version 6.0 through 6.6.9
Vulnerability risks:
- Deserialization of Untrusted Data
- Path Traversal
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2463
- [EN] CVE-2022-2464
- [EN] CVE-2022-2465
[VULNERABILITY] Johnson Controls Metasys ADS, ADX, OAS
21 Jul 2022
Vulnerability affects :
- Johnson Controls Metasys ADS, ADX, OAS with MUI: Version 10
- Johnson Controls Metasys ADS, ADX, OAS with MUI: Version 11
Vulnerability risks:
- Missing Authentication for Critical Function
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-36200
[VULNERABILITY] ABB Drive Composer, Automation Builder, Mint Workbench
21 Jul 2022
Vulnerability affects :
- ABB Drive Composer Entry: Versions 2.0 to 2.7
- ABB Drive Composer Pro: Versions 2.0 to 2.7
- ABB Automation Builder: Versions 1.1.0 to 2.5.0
- Mint Workbench: Builds 5866 and prior
Vulnerability risks:
- Improper Privilege Management
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-31219
- [EN] CVE-2022-31217
- [EN] CVE-2022-31216
- [EN] CVE-2022-31218
- [EN] CVE-2022-26057
[VULNERABILITY] MiCODUS MV720 GPS tracker
19 Jul 2022
Vulnerability affects :
- MV720 model
Vulnerability risks:
- Use of Hard-coded Credentials
- Improper Authentication
- Cross-site Scripting
- Authorization Bypass Through User-controlled Key
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2199
- [EN] CVE-2022-2141
- [EN] CVE-2022-34150
- [EN] CVE-2022-2107
- [EN] CVE-2022-33944
[VULNERABILITY] ISaGRAF Workbench Vulnerable to Multiple Phishing-Style Attacks
19 Jul 2022
Vulnerability affects :
- ISaGRAF Workbench v6.0 though v6.6.9
Vulnerability risks:
- directory traversal
- privilege escalation
- arbitrary code execution
Patch available : YES
See the documents below for more information
Sources :
- [EN] Rockwell
CVE :
- [EN] CVE-2022-2463
- [EN] CVE-2022-2464
- [EN] CVE-2022-2465
[VULNERABILITY] ABB Flow Computer and Remote Controllers Path Traversal Vulnerability in Totalflow TCP
15 Jul 2022
Vulnerability affects :
- RMC-100 (Standard), fixed in 2105457-037 -> affected in All prior to fixed version.
- RMC-100-LITE, fixed in 2106229-011 -> affected in All prior to fixed version.
- XIO, fixed in 2106198-008 -> affected in All prior to fixed version.
- XFCG5, fixed in 2105805-016 -> affected in All prior to fixed version.
- XRCG5, fixed in 2105864-016 -> affected in All prior to fixed version.
- uFLOG5, fixed in 2105298-024 -> affected in All prior to fixed version.
- UDC, fixed in 2106177-007 -> affected in All prior to fixed version
Vulnerability risks:
- Denial of service
- Remote code execution
Patch available :
See the documents below for more information
Sources :
- [EN] ABB
CVE :
- [EN] CVE-2022-0902
[VULNERABILITY] CODESYS V3 Runtime, Development System and Gateway Vulnerabilities
13 Jul 2022
Vulnerability affects :
- Security update for CODESYS V3 web server
- CVE-2021-33485
- Security update for CODESYS Gateway V3
- CVE-2021-29241
- Security update for CODESYS Development System V3
- CVE-2021-29240
- CVE-2021-21863
- CVE-2021-21864
- CVE-2021-21865
- CVE-2021-21866
- CVE-2021-21867
- CVE-2021-21868
- CVE-2021-21869
Vulnerability risks:
- Denial of service
- Remote code execution
Patch available :
See the documents below for more information
Sources :
- [EN] Schneider
CVE :
- [EN] CVE-2021-33485
- [EN] CVE-2021-29241
- [EN] CVE-2021-29240
- [EN] CVE-2021-21863
- [EN] CVE-2021-21864
- [EN] CVE-2021-21865
- [EN] CVE-2021-21866
- [EN] CVE-2021-21867
- [EN] CVE-2021-21868
- [EN] CVE-2021-21869
[VULNERABILITY] Easergy P5
13 Jul 2022
Vulnerability affects :
- Easergy P5 Firmware V01.401.102 and prior
Vulnerability risks:
-
Patch available :
See the documents below for more information
Sources :
- [EN] Schneider
CVE :
- [EN] CVE-2022-34756
- [EN] CVE-2022-34757
- [EN] CVE-2022-34758
[VULNERABILITY] Acti9 PowerTag Link C
13 Jul 2022
Vulnerability affects :
- Acti9 PowerTag Link C (A9XELC10-A) V1.7.5 and prior
- Acti9 PowerTag Link C (A9XELC10-B) V2.12.0 and prior
Vulnerability risks:
-
Patch available :
See the documents below for more information
Sources :
- [EN] Schneider
CVE :
- [EN] CVE-2022-34754
[VULNERABILITY] SpaceLogic C-Bus Home Controller, formerly known as C-Bus Wiser Home Controller MK2
13 Jul 2022
Vulnerability affects :
- SpaceLogic C-Bus Home Controller (5200WHC2), formerly known as C-Bus Wiser Homer Controller MK2 V1.31.460 and prior
Vulnerability risks:
-
Patch available :
See the documents below for more information
Sources :
- [EN] Schneider
CVE :
- [EN] CVE-2022-34753
[VULNERABILITY] OPC UA and X80 Advanced RTU Modicon Communication Modules
13 Jul 2022
Vulnerability affects :
- OPC UA Modicon Communication Module (BMENUA0100) V1.10 and prior
- X80 advanced RTU Communication Module (BMENOR2200H) V1.0
- X80 advanced RTU Communication Module (BMENOR2200H) V2.01 and later
Vulnerability risks:
- Out-of-bounds Write
- Loop with Unreachable Exit Condition ('Infinite Loop')
- NULL Pointer Dereference
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- Insufficient Verification of Data Authenticity
- Improper Restriction of Operations within the Bounds of a Memory Buffer
- External Control of File Name or Path
Patch available :
See the documents below for more information
Sources :
- [EN] Schneider
CVE :
- [EN] CVE-2022-34759
- [EN] CVE-2022-34760
- [EN] CVE-2022-34761
- [EN] CVE-2022-34762
- [EN] CVE-2022-34763
- [EN] CVE-2022-34764
- [EN] CVE-2022-34765
[VULNERABILITY] Siemens SCALANCE X Switch Devices
14 Jul 2022
Vulnerability affects :
- SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3): All versions
- SCALANCE X200-4P IRT (6GK5200-4AH10-2BA3): All versions
- SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3): All versions
- SCALANCE X201-3P IRT (6GK5201-3BH10-2BA3): All versions
- SCALANCE X201-3P IRT PRO (6GK5201-3BH00-2BD2): All versions
- SCALANCE X201-3P IRT PRO (6GK5201-3JR10-2BA6): All versions
- SCALANCE X202-2IRT (6GK5202-2BB00-2BA3): All versions
- SCALANCE X202-2IRT (6GK5202-2BB10-2BA3): All versions
- SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3): All versions
- SCALANCE X202-2P IRT (6GK5202-2BH10-2BA3): All versions
- SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6): All versions
- SCALANCE X202-2P IRT PRO (6GK5202-2JR10-2BA6): All versions
- SCALANCE X204-2 (6GK5204-2BB10-2AA3): All versions prior to v5.2.6
- SCALANCE X204-2FM (6GK5204-2BB11-2AA3): All versions prior to v5.2.6
- SCALANCE X204-2LD (6GK5204-2BC10-2AA3): All versions prior to v5.2.6
- SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2): All versions prior to v5.2.6
- SCALANCE X204-2TS (6GK5204-2BB10-2CA2): All versions prior to v5.2.6
- SCALANCE X204IRT (6GK5204-0BA00-2BA3): All versions
- SCALANCE X204IRT (6GK5204-0BA10-2BA3): All versions
- SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6): All versions
- SCALANCE X204IRT PRO (6GK5204-0JA10-2BA6): All versions
- SCALANCE X206-1 (6GK5206-1BB10-2AA3): All versions prior to v5.2.6
- SCALANCE X206-1LD (6GK5206-1BC10-2AA3): All versions prior to v5.2.6
- SCALANCE X208 (6GK5208-0BA10-2AA3): All versions prior to v5.2.6
- SCALANCE X208PRO (6GK5208-0HA10-2AA6): All versions prior to v5.2.6
- SCALANCE X212-2 (6GK5212-2BB00-2AA3): All versions prior to v5.2.6
- SCALANCE X212-2LD (6GK5212-2BC00-2AA3): All versions prior to v5.2.6
- SCALANCE X216 (6GK5216-0BA00-2AA3): All versions prior to v5.2.6
- SCALANCE X224 (6GK5224-0BA00-2AA3): All versions prior to v5.2.6
- SCALANCE XF201-3P IRT (6GK5201-3JR00-2BA6): All versions
- SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2): All versions
- SCALANCE XF204 (6GK5204-0BA00-2AF2): All versions prior to v5.2.6
- SCALANCE XF204-2 (6GK5204-2BC00-2AF2): All versions prior to v5.2.6
- SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2): All versions
- SCALANCE XF204IRT (6GK5204-0BA00-2BF2): All versions
- SCALANCE XF204IRT (6GK5204-0BA10-2BF2): All versions
- SCALANCE XF206-1 (6GK5206-1BC00-2AF2): All versions prior to v5.2.6
- SCALANCE XF208 (6GK5208-0BA00-2AF2): All versions prior to v5.2.6
Vulnerability risks:
- Use of Insufficiently Random Values
- Classic Buffer Overflow
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-26648
- [EN] CVE-2022-26649
- [EN] CVE-2022-26647
[VULNERABILITY] Siemens SICAM GridEdge
14 Jul 2022
Vulnerability affects :
- SICAM GridEdge Essential ARM (6MD7881-2AA30): All versions.
- SICAM GridEdge Essential Intel (6MD7881-2AA40): All versions prior to v2.7.3
- SICAM GridEdge Essential with GDS ARM (6MD7881-2AA10): All versions.
- SICAM GridEdge Essential with GDS Intel(6MD7881-2AA20): All versions prior to v2.7.3
Vulnerability risks:
- Exposure of Resource to Wrong Sphere
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-34464
[VULNERABILITY] Siemens SIMATIC MV500 Devices
14 Jul 2022
Vulnerability affects :
- SIMATIC MV540 H (6GF3540-0GE10): All versions prior to v3.3
- SIMATIC MV540 S (6GF3540-0CD10): All versions prior to v3.3
- SIMATIC MV550 H (6GF3550-0GE10): All versions prior to v3.3
- SIMATIC MV550 S (6GF3550-0CD10): All versions prior to v3.3
- SIMATIC MV560 U (6GF3560-0LE10): All versions prior to v3.3
- SIMATIC MV560 X (6GF3560-0HE10): All versions prior to v3.3
Vulnerability risks:
- Insufficient Session Expiration
- Missing Authentication for Critical Function
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-33138
- [EN] CVE-2022-33137
[VULNERABILITY] Siemens Simcenter Femap
14 Jul 2022
Vulnerability affects :
- All versions prior to v2022.2
Vulnerability risks:
- Out-of-bounds Write
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-34748
[VULNERABILITY] Siemens RUGGEDCOM ROX
14 Jul 2022
Vulnerability affects :
- RUGGEDCOM ROX MX5000: All versions prior to 2.15.1
- RUGGEDCOM ROXMX5000RE: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1400: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1500: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1501: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1510: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1511: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1512: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1524: All versions prior to 2.15.1
- RUGGEDCOM ROX RX1536: All versions prior to 2.15.1
- RUGGEDCOM ROX RX5000: \xc2\xa0All versions prior to 2.15.1
Vulnerability risks:
- Command Injection
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-29560
[VULNERABILITY] Siemens Mendix Excel Importer
14 Jul 2022
Vulnerability affects :
- Mendix Excel Importer Module (Mendix 8 compatible): All versions prior to v9.2.2
- Mendix Excel Importer Module (Mendix 9 compatible): All versions prior to v10.1.2
Vulnerability risks:
- XML Entity Expansion
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-34467
[VULNERABILITY] Siemens Datalogics File Parsing Vulnerability
14 Jul 2022
Vulnerability affects :
- Teamcenter Visualization V13.3: All versions prior to 13.3.0.5
- Teamcenter Visualization V14.0: All versions
- JT2go: All versions prior to 13.3.0.5
Vulnerability risks:
- Heap-based buffer Overflow
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-2069
[VULNERABILITY] Siemens PADS Standard/Plus Viewer
14 Jul 2022
Vulnerability affects :
- PADS Standard/Plus Viewer: All versions.
Vulnerability risks:
- Out-of-bounds Read
- Out-of-bounds Write
- Improper Restriction of Operations within the Bounds of a Memory Buffer
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-34288
- [EN] CVE-2022-34272
- [EN] CVE-2022-34273
- [EN] CVE-2022-34287
- [EN] CVE-2022-34283
- [EN] CVE-2022-34278
- [EN] CVE-2022-34281
- [EN] CVE-2022-34291
- [EN] CVE-2022-34290
- [EN] CVE-2022-34275
- [EN] CVE-2022-34274
- [EN] CVE-2022-34285
- [EN] CVE-2022-34286
- [EN] CVE-2022-34277
- [EN] CVE-2022-34280
- [EN] CVE-2022-34279
- [EN] CVE-2022-34289
- [EN] CVE-2022-34282
- [EN] CVE-2022-34284
- [EN] CVE-2022-34276
[VULNERABILITY] Simcenter Femap and Parasolid
14 Jul 2022
Vulnerability affects :
- Parasolid v33.1: All versions
- Parasolid v34.0: All versions prior to v34.0.250
- Parasolid v34.1: All versions prior to v34.1.233
- Simcenter Femap: All versions
Vulnerability risks:
- Out-of-bounds Read
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-34465
[VULNERABILITY] Siemens Mendix Applications
14 Jul 2022
Vulnerability affects :
- Mendix Applications using Mendix 9: All versions between v9.11 v9.15\xc2\xa0
- Mendix Applications using Mendix 9 (v9.12): All versions prior to v9.12.3
Vulnerability risks:
- Injection
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-34466
[ATTACK] Cyber attack on Iranian steel industry by GonjeshkDarand
10 Jul 2022 GonjeshkDarand (گنجشک درنده) attacker group to attack Iranian steel industry command control systems. The group published 19.76GB of data containing emails from different.
Source :
- https://twitter.com/vxunderground/status/1545077273912647683
- https://t.me/s/GonjeshkeDarande
–
[VULNERABILITY] Rockwell Automation MicroLogix
07 Jul 2022
Vulnerability affects :
- MicroLogix 1400: Versions 21.007 and prior
- MicroLogix 1100: All versions
Vulnerability risks:
- Improper Restriction of Rendered UI Layers or Frames
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2179
[VULNERABILITY] Bently Nevada ADAPT 3701/4X Series and 60M100
07 Jul 2022
Vulnerability affects :
- Bently Nevada 3701/40: All versions prior to 4.1
- Bently Nevada 3701/44: All versions prior to 4.1
- Bently Nevada 3701/46: All versions prior to 4.1
- Bently Nevada 60M100 (3701/60): All versions
Vulnerability risks:
- Use of Hard-coded Credentials
- Missing Authentication for Critical Function
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-29953
- [EN] CVE-2022-29952
[VULNERABILITY] Exemys RME1
30 Jun 2022
Vulnerability affects :
- Exemys RME1-AI firmware: All versions prior to and including 2.1.6\xc2\xa0
Vulnerability risks:
- Improper Authentication
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2197
[VULNERABILITY] Yokogawa Wide Area Communication Router
30 Jun 2022
Vulnerability affects :
- Wide Area Communication Router (for AW810D) VI461: Vnet/IP firmware (F) R12 or earlier
Vulnerability risks:
- Use of Insufficiently Random Values
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-32284
[VULNERABILITY] Emerson DeltaV Distributed Control System
30 Jun 2022
Vulnerability affects :
- DeltaV M-series: All versions
- DeltaV S-series: All versions
- Use of a Broken or Risky Cryptographic Algorithm
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30265
- [EN] CVE-2022-29960
- [EN] CVE-2022-29957
- [EN] CVE-2022-29964
- [EN] CVE-2022-302602022-30260)
- [EN] CVE-2022-299632022-29963)
- [EN] CVE-2022-299622022-29962)
- [EN] CVE-2022-299652022-29965)
[VULNERABILITY] Distributed Data Systems WebHMI
30 Jun 2022
Vulnerability affects :
- WebHMI 4.1.1.7662 (and possibly prior versions)
Vulnerability risks:
- Cross-site Scripting
- OS Command Injection
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2253
- [EN] CVE-2022-2254
[VULNERABILITY] ABB e-Design
28 Jun 2022
Vulnerability affects :
- e-Design: All versions prior to 1.12.2.0006
Vulnerability risks:
- Incorrect Default Permissions
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-28702
- [EN] CVE-2022-29483
[VULNERABILITY] Omron SYSMAC CS/CJ/CP Series and NJ/NX Series
28 Jun 2022
Vulnerability affects :
- SYSMAC CS1: Versions prior to 4.1
- SYSMAC CJ2M: Versions prior to 2.1
- SYSMAC CJ2H: Versions prior to 1.5
- SYSMAC CP1E/CP1H: Versions prior to 1.30
- SYSMAC CP1L: Versions prior to 1.10
- CP1W-CIF41: All versions
- SYSMAC CX-Programmer: Versions prior to 9.6
- SYSMAC NJ/NX Series: Versions prior to 1.49 (1.29 for NX7)
Vulnerability risks:
- Cleartext Transmission of Sensitive Information
- Insufficient Verification of Data Authenticity
- Plaintext Storage of a Password
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-31205
- [EN] CVE-2022-31206
- [EN] CVE-2022-31207
- [EN] CVE-2022-31204
[VULNERABILITY] Advantech iView
28 Jun 2022
Vulnerability affects :
- Advantech iView: All versions prior to 5_7_04_6469
Vulnerability risks:
- SQL Injection
- Missing Authentication for Critical Function
- Relative Path Traversal
- Command Injection
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2135
- [EN] CVE-2022-2136
- [EN] CVE-2022-2142
- [EN] CVE-2022-2143
- [EN] CVE-2022-2138
- [EN] CVE-2022-2139
- [EN] CVE-2022-2137
[VULNERABILITY] Motorola Solutions MOSCAD IP and ACE IP Gateways
28 Jun 2022
Vulnerability affects :
Vulnerability risks:
- Missing Authentication for Critical Function
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30276
[VULNERABILITY] Motorola Solutions MDLC
28 Jun 2022
Vulnerability affects :
- MDLC: Versions 4.80.0024, 4.82.004, and 4.83.001
Vulnerability risks:
- Use of a Broken or Risky Cryptographic Algorithm
- Plaintext Storage of a Password
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30273
- [EN] CVE-2022-30275
[VULNERABILITY] Motorola Solutions ACE1000
28 Jun 2022
Vulnerability affects :
- Motorola Solutions ACE1000: All versions
Vulnerability risks:
- Use of Hard-coded Cryptographic Key
- Use of Hard-coded Credentials
- Insufficient Verification of Data Authenticity
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30270
- [EN] CVE-2022-30271
- [EN] CVE-2022-30269
- [EN] CVE-2022-30272
- [EN] CVE-2022-30274
[VULNERABILITY] OFFIS DCMTK
23 Jun 2022
Vulnerability affects :
- DCMTK: All versions prior to 3.6.7
Vulnerability risks:
- Path Traversal
- Relative Path Traversal
- NULL Pointer Dereference
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2120
- [EN] CVE-2022-2119
- [EN] CVE-2022-2121
[VULNERABILITY] Yokogawa STARDOM
23 Jun 2022
Vulnerability affects :
- STARDOM FCN/FCJ: Versions R1.01 through R4.31
- STARDOM FCN/FCJ: Versions R4.10 through R4.31, dual CPU modules only; only affected by CVE-2022-30997
Vulnerability risks:
- Cleartext Transmission of Sensitive Information
- Use of Hard-coded Credentials
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30997
- [EN] CVE-2022-29519
[VULNERABILITY] Yokogawa CAMS for HIS
23 Jun 2022
Vulnerability affects :
- CENTUM CS 3000 (including CENTUM CS 3000 Entry Class): Versions R3.08.10 through R3.09.00. These vulnerabilities affect this product if LHS4800 (CAMS for HIS) is installed.
- CENTUM VP (including CENTUM VP Entry Class): Versions R4.01.00 through R4.03.00 (these product versions are affected only if CAMS function is used), Versions R5.01.00 through R5.04.20, and R6.01.00 through R6.09.00 (these product versions are affected regardless of whether CAMS function is used or not).
- Exaopc: Versions R3.72.00 through R3.80.00 (these product versions are affected if NTPF100-S6 "For CENTUM VP Support CAMS for HIS" is installed).
- B/M9000CS: Versions R5.04.01 - R5.05.01
- B/M9000 VP: Versions R6.01.01 - R8.03.01
Vulnerability risks:
- Violation of Secure Design Principles
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-30707
[VULNERABILITY] Secheron SEPCOS Control and Protection Relay
23 Jun 2022
Vulnerability affects :
- SEPCOS Single Package firmware (1.23.xx feature level): All versions prior to 1.23.21
- SEPCOS Single Package firmware (1.24.xx feature level): All versions prior to 1.24.8
- SEPCOS Single Package firmware (1.25.xx feature level): All versions prior to 1.25.3
Vulnerability risks:
- Improper Enforcement of Behavioral Workflow
- Lack of Administrator Control over Security
- Improper Privilege Management
- Insufficiently Protected Credentials
- Improper Access Control
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1668
- [EN] CVE-2022-2102
- [EN] CVE-2022-2103
- [EN] CVE-2022-1666
- [EN] CVE-2022-2105
- [EN] CVE-2022-2104
- [EN] CVE-2022-1667
[VULNERABILITY] Pyramid Solutions EtherNet/IP Adapter Development Kit
23 Jun 2022
Vulnerability affects :
- EtherNet/IP Adapter Development Kit (EADK): Versions 4.4.0 and prior
- EtherNet/IP Adapter DLL Kit (EIPA): Versions 4.4.0 and prior
- EtherNet/IP Scanner Development Kit (EDKS): Versions 4.4.0 and prior
- EtherNet/IP Scanner DLL Kit (EIPS): Versions 4.4.0 and prior
Vulnerability risks:
- Out-of-bounds Write
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1737
[VULNERABILITY] Elcomplus SmartICS
23 Jun 2022
Vulnerability affects :
- SmartICS v2.3.4.0
Vulnerability risks:
- Improper Access Control
- Relative Path Traversal
- Cross-site Scripting
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2140
- [EN] CVE-2022-2106
- [EN] CVE-2022-2088
[VULNERABILITY] Mitsubishi Electric MELSEC Q and L Series
21 Jun 2022
Vulnerability affects :
- <strong>
- Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: All versions
- Q03/04/06/13/26UDVCPU: Versions with the first 5 digits of serial No. 24051 and prior
- Q04/06/13/26UDPVCPU: Versions with the first 5 digits of serial No. 24051 and prior
- <strong>
- L02/06/26CPU(-P), L26CPU-(P)BT: Versions with the first 5 digits of serial No. 24051 and prior
Vulnerability risks:
- Improper Resource Locking
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-24946
[VULNERABILITY] JTEKT TOYOPUC
21 Jun 2022
Vulnerability affects :
- PC10G-CPU Type=TCC-6353: All versions
- PC10GE Type=TCC-6464: All versions
- PC10P Type=TCC-6372: All versions
- PC10P-DP Type=TCC-6726: All versions
- PC10P-DP-IO Type=TCC-6752: All versions
- PC10B-P Type=TCC-6373: All versions
- PC10B Type=TCC-1021: All versions
- PC10E Type=TCC-4737: All versions
- PC10EL Type=TCC-4747: All versions
- Plus CPU Type=TCC-6740: All versions
- PC3JX Type=TCC-6901: All versions
- PC3JX-D Type=TCC-6902: All versions
- PC10PE Type=TCC-1101: All versions
- PC10PE-1616P Type=TCC-1102: All versions
- PCDL Type=TKC-6688: All versions
- Nano 10GX Type=TUC-1157: All versions
- Nano CPU Type=TUC-6941: All versions
Vulnerability risks:
- Missing Authentication for Critical Function
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-29951
- [EN] CVE-2022-29958
[VULNERABILITY] Phoenix Contact Classic Line Controllers
21 Jun 2022
Vulnerability affects :
- ILC 1x0 All variants
- ILC 1x1 All variants
- ILC 1x1 GSM/GPRS: Article number 2700977
- ILC 3xx All variants
- AXC 1050: Article number 2700988
- AXC 1050 XC: Article number 2701295
- AXC 3050: Article number 2700989
- RFC 480S PN 4TX: Article number 2404577
- RFC 470 PN 3TX: Article number 2916600
- RFC 470S PN 3TX: Article number 2916794
- RFC 460R PN 3TX: Article number 2700784
- RFC 460R PN 3TX-S: Article number 1096407
- RFC 430 ETH-IB: Article number 2730190
- RFC 450 ETH-IB: Article number 2730200
- PC WORX SRT: Article number 2701680
- PC WORX RT BASIC: Article number 2700291
- FC 350 PCI ETH: Article number 2730844
Vulnerability risks:
- Insufficient Verification of Data Authenticity
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-31800
[VULNERABILITY] Phoenix Contact ProConOS and MULTIPROG
21 Jun 2022
Vulnerability affects :
- ProConOS: All versions
- ProConOS eCLR: All versions
- MULTIPROG: All versions
Vulnerability risks:
- Insufficient Verification of Data Authenticity
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-31801
[VULNERABILITY] Phoenix Contact Classic Line Industrial Controllers
21 Jun 2022
Vulnerability affects :
- ILC 1x0: All variants
- ILC 1x1: All variants
- ILC 3xx: All variants
- AXC 1050: Article number 2700988
- AXC 1050XC: Article number 2701295
- AXC 3050: Article number 2700989
- RFC 480S: Article number 2404577
- RFC 470S: Article number 2916794
- RFC 460R: Article number 2700784
- RFC 430 ETH: Article number 2730190
- RFC 450 ETH: Article number 2730200
- PC WORX SRT: Article number 2701680
- PC WORX RT BASIC: Article number 2700291
- FC 350 PCI ETH: Article number 2730844
Vulnerability risks:
- Missing Authentication for Critical Function
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2019-9201
[VULNERABILITY] Siemens WinCC OA
21 Jun 2022
Vulnerability affects :
- SIMATIC WinCC OA v3.16: All versions
- SIMATIC WinCC OA v3.17: All versions
- SIMATIC WinCC OA v3.18: All versions
Vulnerability risks:
- Use of Client-side Authentication
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-33139
[VULNERABILITY] Hillrom Medical Device Management
16 Jun 2022
Vulnerability affects :
- Welch Allyn ELI 380 Resting Electrocardiograph: Versions 2.6.0 and prior
- Welch Allyn ELI 280/BUR280/MLBUR 280 Resting Electrocardiograph: Versions 2.3.1 and prior
- Welch Allyn ELI 250c/BUR 250c Resting Electrocardiograph: Versions 2.1.2 and prior
- Welch Allyn ELI 150c/BUR 150c/MLBUR 150c Resting Electrocardiograph: Versions 2.2.0 and prior
Vulnerability risks:
- Use of Hard-coded Password
- Improper Access Control
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-26388
- [EN] CVE-2022-26389
[VULNERABILITY] AutomationDirect C-More EA9 HMI
16 Jun 2022
Vulnerability affects :
- C-more EA9 with the following part numbers, all versions prior to 6.73:\xc2\xa0
- EA9-T6CL
- EA9-T6CL-R
- EA9-T7CL
- EA9-T7CL-R
- EA9-T8CL
- EA9-T10CL
- EA9-T10WCL
- EA9-T12CL
- EA9-T15CL
- EA9-T15CL-R
- EA9-RHMI
- EA9-PGMSW\xc2\xa0
Vulnerability risks:
- Uncontrolled Search Path Element
- Cleartext Transmission of Sensitive Information
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2006
- [EN] CVE-2022-2005
[VULNERABILITY] AutomationDirect DirectLOGIC with Serial Communication
16 Jun 2022
Vulnerability affects :
- The following D0-06 series CPUs, prior to v2.72:\xc2\xa0
- D0-06DD1
- D0-06DD2
- D0-06DR
- D0-06DA
- D0-06AR
- D0-06AA
- D0-06DD1-D
- D0-06DD2-D
- D0-06DR-D
- D0-06DD2-D
- D0-06DR-D
Vulnerability risks:
- Cleartext Transmission of Sensitive Information
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2003
[VULNERABILITY] AutomationDirect DirectLOGIC with Ethernet
16 Jun 2022
Vulnerability affects :
- All versions of H0-ECOM and H0-ECOM100 when installed in the following D0-06 series CPUs versions prior to v2.72:
- D0-06DD1
- D0-06DD2
- D0-06DR
- D0-06DA
- D0-06AR
- D0-06AA
- D0-06DD1-D
- D0-06DD2-D
- D0-06DR-D
Vulnerability risks:
- Uncontrolled Resource Consumption
- Cleartext Transmission of Sensitive Information
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-2004
- [EN] CVE-2022-2002
- [EN] CVE-2022-2003
[VULNERABILITY] Icefall OT
21 June 2022
Vulnerability affects :
- Bently Nevada 3701
- Products using TDI protocol
- DeltaV
- DeltaV/Ovation SIS nodes (SLS1508/CSLS/LSNB/LSNG)
- DeltaV S-series/P-series controllers
- CIOC/ EIOC IO cards
- DeltaV WIOC IO cards
- Ovation
- OpenBSI
- ControlWave
- Bristol Babcock 33xx
- ControlWave
- ROC
- FloBoss
- PACsystems PLCs (with the exception of HTTPS-supporting models such as IC695, CPE330, CPE400)
- Fanuc/PACSystems PLCs
- TREND controls products using the IC protocol
- Experion PKS Safety Manager
- Experion PKS Safety Manager (SM and FSC)
- Experion LX
- ControlEdge
- Saia Burgess Controls (SBC) - PCD controllers
- TOYOPUC
- MOSCAD IP Gateway
- ACE IP Gateway (CPU 4600)
- MDLC
- ACE1000
- MOSCAD/STS Toolbox
- StarControls staRTU
- SYSMAC CS1/CJ1/CP1/CP2 series
- SYSMAC CS/CJ/CP series
- SYSMAC NJ/NX
- ProConOS/eCLR Runtime
- WinCC OA
- STARDOM
Vulnerability risks:
- Hardcoded keys
- Broken
- risky crypto
- Authentication bypass
- Man-in-the-middle
Patch available :
See the documents below for more information
Sources :
CVE :
- [EN] CVE-2022-29953
- [EN] CVE-2022-29952
- [EN] CVE-2022-29957
- [EN] CVE-2022-29962
- [EN] CVE-2022-29963
- [EN] CVE-2022-29964
- [EN] CVE-2022-29965
- [EN] CVE-2022-29966
- [EN] CVE-2022-29959
- [EN] CVE-2022-29960
- [EN] CVE-2022-29961
- [EN] CVE-2022-29954
- [EN] CVE-2022-29955
- [EN] CVE-2022-29956
- [EN] CVE-2022-30260
- [EN] CVE-2022-30267
- [EN] CVE-2022-30262
- [EN] CVE-2022-30261
- [EN] CVE-2022-30264
- [EN] CVE-2022-30266
- [EN] CVE-2022-30263
- [EN] CVE-2022-30265
- [EN] CVE-2022-30268
- [EN] CVE-2022-30312
- [EN] CVE-2022-30313
- [EN] CVE-2022-30314
- [EN] CVE-2022-30315
- [EN] CVE-2022-30316
- [EN] CVE-2022-30317
- [EN] CVE-2022-30318
- [EN] CVE-2022-30319
- [EN] CVE-2022-30320
- [EN] CVE-2022-29951
- [EN] CVE-2022-29958
- [EN] CVE-2022-30276
- [EN] CVE-2022-30273
- [EN] CVE-2022-30270
- [EN] CVE-2022-30271
- [EN] CVE-2022-30274
- [EN] CVE-2022-30275
- [EN] CVE-2022-30269
- [EN] CVE-2022-30272
- [EN] CVE-2022-31204
- [EN] CVE-2022-31205
- [EN] CVE-2022-31207
- [EN] CVE-2022-31206
- [EN] CVE-2022-31800
- [EN] CVE-2022-31801
- [EN] CVE-2022-33139
- [EN] CVE-2022-29519
- [EN] CVE-2022-30997
- [EN] FSCT-2022-0039
[ATTACK] Industroyer 2
12 Apr 2022
Industroyer2 : ICS-capable malware targets a Ukrainian energy company
Industroyer2 implements the IEC-104 (aka IEC 60870-5-104) protocol to communicate with industrial equipment. This includes protection relays, used in electrical substations.
IOC :
FD9C17C35A68FC505235E20C6E50C622AED8DEA0 108_100.exe Win32/Industroyer.B Industroyer2
6FA04992C0624C7AA3CA80DA6A30E6DE91226A16 zrada.exe Win32/Agent.AECG ArguePatch
9CE1491CE69809F92AE1FE8D4C0783BD1D11FBE7 pa.pay N/A TailJump (Encrypted CaddyWiper)
0090CB4DE31D2D3BCA55FD4A36859921B5FC5DAE link.ps1 PowerShell/HackTool.Agent.AH Script which enumerates GPO
D27D0B9BB57B2BAB881E0EFB97C740B7E81405DF sc.sh Linux/Agent.PC trojan OrcShred (Linux worm)
3CDBC19BC4F12D8D00B81380F7A2504D08074C15 wobf.sh Linux/KillFiles.C trojan AwfulShred (Linux wiper)
8FC7646FA14667D07E3110FE754F61A78CFDE6BC wsol.sh Linux/KillFiles.B trojan SoloShred (Solaris wiper)
fbe32784c073e341fc57d175a913905c 43d07f28b7b699f43abd4f695596c15a90d772bfbd6029c8ee7bc5859c2b0861 sc.sh (OrcShred)
73561d9a331c1d8a334ec48dfd94db99 bcdf0bd8142a4828c61e775686c9892d89893ed0f5093bdc70bde3e48d04ab99 wobf.sh (AwfulShred)
97ad7f3ed815c0528b070941be903d07 87ca2b130a8ec91d0c9c0366b419a0fce3cb6a935523d900918e634564b88028 wsol.sh (SoloShred)
9ec8468dd4a81b0b35c499b31e67375e cda9310715b7a12f47b7c134260d5ff9200c147fc1d05f030e507e57e3582327 {zrada.exe, peremoga.exe, vatt.exe} (ArguePatch)
1938380a81a23b8b1100de8403b583a7 1724a0a3c9c73f4d8891f988b5035effce8d897ed42336a92e2c9bc7d9ee7f5a pa.pay (TailJump)
b63b9929b8f214c4e8dcff7956c87277 fc0e6f2effbfa287217b8930ab55b7a77bb86dbd923c0e8150551627138c9caa caddywiper.bin (CaddyWiper)
3229e8c4150b5e43f836643ec9428865 7062403bccacc7c0b84d27987b204777f6078319c3f4caa361581825c1a94e87 108_100.exe (2022-03-23) (Industroyer2)
C:\Users\peremoga.exe JRIBDFIMCQAKVBBP C:\Users\pa1.pay
reg save HKLM\SYSTEM C:\Users\Public\sys.reg /y
reg save HKLM\SECURITY C:\Users\Public\sec.reg /y
reg save HKLM\SAM C:\Users\Public\sam.reg /y
\\%DOMAIN%\sysvol\%DOMAIN%\Policies\%GPO ID%\Machine\zrada.exe
\\%DOMAIN%\sysvol\%DOMAIN%\Policies\%GPO ID%\Machine\pa.pay
C:\Windows\System32\rundll32.exe C:\windows\System32\comsvcs.dll MiniDump %PID% C:\Users\Public\mem.dmp full
C:\Windows\Temp\link.ps1
C:\Users\peremoga.exe
C:\Users\pa1.pay
C:\Dell\vatt.exe
C:\Dell\pa.pay
C:\Dell\108_100.exe
C:\tmp\cdel.exe
91.245.255.243
195.230.23.19
Sources :
[VULNERABILITY] Valmet DNA
12 Apr 2022
Vulnerability affects :
- Valmet DNA: Versions from Collection 2012 to Collection 2021
Vulnerability risks:
- Inadequate Encryption Strength
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-26726
[VULNERABILITY] Mitsubishi Electric MELSEC-Q Series C Controller Module
12 Apr 2022
Vulnerability affects :
- Module Q12DCCPU-V: First 5 digits of serial number 24031 and prior
Vulnerability risks:
- Heap-based Buffer Overflow\xc2\xa0
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-29998
[VULNERABILITY] Inductive Automation Ignition
12 Apr 2022
Vulnerability affects :
- Inductive Automation Ignition: All 8.0 versions after 8.0.4
- Inductive Automation Ignition: All 8.1 versions prior to 8.1.10
Vulnerability risks:
- Path Traversal
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1264
[VULNERABILITY] Mitsubishi Electric GT25-WLAN
12 Apr 2022
Vulnerability affects :
- GT25-WLAN: All versions
Vulnerability risks:
- Improper Removal of Sensitive Information Before Storage or Transfer
- Inadequate Encryption Strength
- Missing Authentication for Critical Function
- Injection
- Improper Input Validation
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2020-26146
- [EN] CVE-2020-26144
- [EN] CVE-2020-24588
- [EN] CVE-2020-26143
- [EN] CVE-2020-24586
- [EN] CVE-2020-24587
- [EN] CVE-2020-26140
[VULNERABILITY] Aethon TUG Home Base Server
12 Apr 2022
Vulnerability affects :
- All versions prior to Version 24
Vulnerability risks:
- Missing Authorization
- Channel Accessible by Non-endpoint
- Cross-site Scripting\xc2\xa0
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1059
- [EN] CVE-2022-27494
- [EN] CVE-2022-26423
- [EN] CVE-2022-1070
- [EN] CVE-2022-1066
[VULNERABILITY] Pepperl+Fuchs WirelessHART-Gateway
07 Apr 2022
Vulnerability affects :
- WHA-GW-F2D2-0-AS- Z2-ETH: Versions 3.0.7, 3.0.8, 3.0.9
- WHA-GW-F2D2-0-AS- Z2-ETH.EIP: Versions 3.0.7, 3.0.8, 3.0.9
Vulnerability risks:
- Use of Hard-coded Credentials
- Uncontrolled Resource Consumption
- Reliance on Reverse DNS Resolution for a Security-critical Action
- Path Traversal
- Cross-site Scripting
- Exposure of Sensitive Information to an Unauthorized Actor
- Cleartext Storage of Sensitive Information in a Cookie
- HTTP Request Smuggling
- Sensitive Cookie Without \'HttpOnly\' Flag
- Cryptographic Issues
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2007-2379
- [EN] CVE-2021-33555
- [EN] CVE-2013-0169
- [EN] CVE-2021-34565
- [EN] CVE-2021-34562
- [EN] CVE-2021-34559
- [EN] CVE-2020-11022
- [EN] CVE-2015-9251
- [EN] CVE-2019-11358
- [EN] CVE-2020-11023
- [EN] CVE-2020-7656
- [EN] CVE-2014-6071
- [EN] CVE-2011-4969
- [EN] CVE-2012-6708
- [EN] CVE-2021-34560
- [EN] CVE-2021-34563
- [EN] CVE-2021-34561
- [EN] CVE-2021-34564
- [EN] CVE-2016-10707
[VULNERABILITY] ABB SPIET800 and PNI800
07 Apr 2022
Vulnerability affects :
- SPIET800: Firmware Version A_B or prior
- PNI800: Firmware Version A_B or prior
Vulnerability risks:
- Incomplete Internal State Distinction
- Improper Handling of Unexpected Data Type
- Uncontrolled Resource Consumption
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-22286
- [EN] CVE-2021-22288
- [EN] CVE-2021-22285
[VULNERABILITY] Mitsubishi Electric GOT and Tension Controller (Update A)
07 Apr 2022
Vulnerability affects :
- GOT2000 Series GT21 Model
- GT2107-WTBD: All versions
- GT2107-WTSD: All versions
- GT2104-RTBD: All versions
- GT2104-PMBD: All versions
- GT2103-PMBD: All versions
- GOT SIMPLE Series GS21 Model
- GS2110-WTBD: All versions
- GS2107-WTBD: All versions
- GS2110-WTBD-N: All versions
- GS2107-WTBD-N: All versions
- Tension Controller
- LE7-40GU-L: All versions
Vulnerability risks:
- Improper Handling of Exceptional Conditions
- Improper Input Validation
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-20602
- [EN] CVE-2021-20604
- [EN] CVE-2021-20603
- [EN] CVE-2021-20605
[VULNERABILITY] LifePoint Informatics Patient Portal
05 Apr 2022
Vulnerability affects :
- Patient Portal Version LPI 3.5.12.P30
Vulnerability risks:
- Authentication Bypass Using Alternate Path or Channel
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1067
[VULNERABILITY] Rockwell Automation ISaGRAF
05 Apr 2022
Vulnerability affects :
- Connected Component Workbench: v13.00.00 and prior
- ISaGRAF Workbench: v6.0 though v6.6.9
- Safety Instrumented Systems Workstation: v1.2 and prior (for Trusted Controllers)
Vulnerability risks:
- Deserialization of Untrusted Data
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1118
[VULNERABILITY] Philips e-Alert
29 Mar 2022
Vulnerability affects :
- e-Alert Version 2.7 and prior
Vulnerability risks:
- Missing Authentication for Critical Function
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-0922
[VULNERABILITY] Rockwell Automation ISaGRAF
29 Mar 2022
Vulnerability affects :
- Connected Component Workbench: v12.00 and prior
- ISaGRAF Workbench: v6.6.9 and prior
- Safety Instrumented Systems Workstation: v1.1 and prior
Vulnerability risks:
- Improper Restriction of XML External Entity Reference
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1018
[VULNERABILITY] Omron CX-Position
29 Mar 2022
Vulnerability affects :
- CX-Position Versions 2.5.3 and prior
Vulnerability risks:
- Stack-based Buffer Overflow
- Improper Restriction of Operations Within the Bounds of a Memory Buffer
- Use After Free
- Out-of-bounds Write
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-26417
- [EN] CVE-2022-25959
- [EN] CVE-2022-26022
- [EN] CVE-2022-26419
[VULNERABILITY] Hitachi Energy LinkOne WebView
29 Mar 2022
Vulnerability affects :
- LinkOne WebView v3.20
- LinkOne WebView v3.22
- LinkOne WebView v3.23
- LinkOne WebView v3.24
- LinkOne WebView v3.25
- LinkOne WebView v3.26
Vulnerability risks:
- Cross-site Scripting
- Use of a Password System for Primary Authentication
- Configuration
- Exposure of Sensitive Information to an Unauthorized Actor\xc2\xa0
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-40340
- [EN] CVE-2021-40338
- [EN] CVE-2021-40337
- [EN] CVE-2021-40339
[VULNERABILITY] Modbus Tools Modbus Slave
29 Mar 2022
Vulnerability affects :
- Modbus Slave Versions 7.4.2 and prior
Vulnerability risks:
- Stack-based Buffer Overflow
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-1068
[VULNERABILITY] ABB Chainsaw component of Log4j can lead to code execution
03 Mar 2022
Vulnerability affects :
- B&R APROL AutoYaST <=V4.2-064.0.211004
- Apache Directory Studio (via APROL AutoYaST) <=V4.2-064.0.211004
- Squirrel-sql <=3.9.0
- JSignPDF <=1.6.4
- JasperReports-Server <=7.1.3 7.9.1
- Jaspersoft Studio Pro <=7.1.0
Vulnerability risks:
- code execution
Patch available :
See the documents below for more information
Sources :
- [EN] br-automation
CVE :
- [EN] CVE-2022-23307
[VULNERABILITY] Yokogawa CENTUM and Exaopc
24 Mar 2022
Vulnerability affects :
- CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class): R3.08.10 - R3.09.00
- CENTUM VP (Including CENTUM VP Entry Class):
- R4.01.00 - R4.03.00
- R5.01.00 - R5.04.20
- R6.01.00 - R6.08.00
- Exaopc: (R3.72.00 - R3.79.00)
- B/M9000CS: (R5.04.01 - R5.05.01)
- B/M9000 VP: (R6.01.01 - R8.03.01)
Vulnerability risks:
- Use of Hard-coded Credentials
- Relative Path Traversal
- Improper Output Neutralization for Logs
- OS Command Injection
- Permissions
- Privileges
- and Access Controls
- Uncontrolled Search Path Element
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-21808
- [EN] CVE-2022-22151
- [EN] CVE-2022-21194
- [EN] CVE-2022-22729
- [EN] CVE-2022-22141
- [EN] CVE-2022-23402
- [EN] CVE-2022-22148
- [EN] CVE-2022-21177
- [EN] CVE-2022-22145
- [EN] CVE-2022-23401
[VULNERABILITY] mySCADA myPRO
24 Mar 2022
Vulnerability affects :
- myPRO Versions 8.25.0 and prior
Vulnerability risks:
- Command Injection
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-0999
[VULNERABILITY] Delta Electronics DIAEnergie
22 Mar 2022
Vulnerability affects :
- DIAEnergie: All verions prior to 1.8.02.004
Vulnerability risks:
- Path Traversal
- Incorrect Default Permissions
- SQL Injection
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-26069
- [EN] CVE-2022-26839
- [EN] CVE-2022-25980
- [EN] CVE-2022-26836
- [EN] CVE-2022-0923
- [EN] CVE-2022-25347
- [EN] CVE-2022-27175
- [EN] CVE-2022-26887
- [EN] CVE-2022-26065
- [EN] CVE-2022-26349
- [EN] CVE-2022-26514
- [EN] CVE-2022-26338
- [EN] CVE-2022-26013
- [EN] CVE-2022-25880
- [EN] CVE-2022-26666
- [EN] CVE-2022-26667
- [EN] CVE-2022-26059
[VULNERABILITY] Delta Electronics DIAEnergie (Update B)
22 Mar 2022
Vulnerability affects :
- DIAEnergie Version 1.7.5 and prior
Vulnerability risks:
- Use of Password Hash with Insufficient Computational Effort
- Authentication Bypass Using an Alternate Path or Channel
- Unrestricted Upload of File with Dangerous Type
- SQL Injection
- Cross-site Request Forgery
- Cross-site Scripting
- Cleartext Transmission of Sensitive Information
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-31558
- [EN] CVE-2021-44471
- [EN] CVE-2021-38393
- [EN] CVE-2021-32991
- [EN] CVE-2022-0988
- [EN] CVE-2021-33003
- [EN] CVE-2021-23228
- [EN] CVE-2021-44544
- [EN] CVE-2021-32967
- [EN] CVE-2021-38391
- [EN] CVE-2021-32983
- [EN] CVE-2021-38390
- [EN] CVE-2021-32955
[VULNERABILITY] Treck TCP/IP Stack (Update H)
17 Mar 2022
Vulnerability affects (Treck TCP/IP stack) :
- IPv4
- IPv6
- UDP
- DNS
- DHCP
- TCP
- ICMPv4
- ARP
Vulnerability risks:
- Improper Handling of Length Parameter Inconsistency
- Improper Input Validation
- Double Free
- Out-of-bounds Read
- Integer Overflow or Wraparound
- Improper Null Termination
- Improper Access Control
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2020-11901
- [EN] CVE-2020-11904
- [EN] CVE-2020-11902
- [EN] CVE-2020-11910
- [EN] CVE-2020-11897
- [EN] CVE-2020-11900
- [EN] CVE-2020-11906
- [EN] CVE-2020-11899
- [EN] CVE-2020-11898
- [EN] CVE-2020-11912
- [EN] CVE-2020-11908
- [EN] CVE-2020-11911
- [EN] CVE-2020-11913
- [EN] CVE-2020-11914
- [EN] CVE-2020-11903
- [EN] CVE-2020-11909
- [EN] CVE-2020-11907
- [EN] CVE-2020-11905
- [EN] CVE-2020-11896
[VULNERABILITY] ABB OPC Server for AC 800M
15 Mar 2022
Vulnerability affects :
- OPC Server for AC 800M: Versions 5.1.0-x, 5.1.1-x, 6.0.0-1 to 6.0.0-3
- OPC Server for AC 800M: Versions 5.1.1-1 and 6.0.0-1
- OPC Server for AC 800M: Versions 5.1.0-x, 5.1.1-x, 6.0.0-x
Vulnerability risks:
- Execution with Unnecessary Privileges
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-22284
[VULNERABILITY] PTC Axeda agent and Axeda Desktop Server (Update B)
15 Mar 2022
Vulnerability affects :
- Axeda agent: All versions
- Axeda Desktop Server for Windows: All versions
Vulnerability risks:
- Use of Hard-coded Credentials
- Missing Authentication for Critical Function
- Exposure of Sensitive Information to an Unauthorized Actor
- Path Traversal
- Improper Check or Handling of Exceptional Conditions
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-25249
- [EN] CVE-2022-25247
- [EN] CVE-2022-25252
- [EN] CVE-2022-25250
- [EN] CVE-2022-25246
- [EN] CVE-2022-25251
- [EN] CVE-2022-25248
[VULNERABILITY] Siemens RUGGEDCOM Devices
10 Mar 2022
Vulnerability affects :
- RUGGEDCOM ROS i800: All versions prior to v5.6.0
- RUGGEDCOM ROS i801: All versions prior to v5.6.0
- RUGGEDCOM ROS i802: All versions prior to v5.6.0
- RUGGEDCOM ROS i803: All versions prior to v5.6.0
- RUGGEDCOM ROS M969: All versions prior to v5.6.0
- RUGGEDCOM ROS M2100: All versions prior to v5.6.0
- RUGGEDCOM ROS M2200: All versions prior to v5.6.0
- RUGGEDCOM ROS RMC: All versions prior to v5.6.0
- RUGGEDCOM ROS RMC20: All versions prior to v5.6.0
- RUGGEDCOM ROS RMC30: All versions prior to v5.6.0
- RUGGEDCOM ROS RMC40: All versions prior to v5.6.0
- RUGGEDCOM ROS RMC41: All versions prior to v5.6.0
- RUGGEDCOM ROS RMC8388: All versions prior to v5.6.0
- RUGGEDCOM ROS RP110: All versions prior to v5.6.0
- RUGGEDCOM ROS RS400: All versions prior to v5.6.0
- RUGGEDCOM ROS RS401: All versions prior to v5.6.0
- RUGGEDCOM ROS RS416: All versions prior to v5.6.0
- RUGGEDCOM ROS RS416v2: All versions prior to v5.6.0
- RUGGEDCOM ROS RS900 (32M): All versions prior to v5.6.0
- RUGGEDCOM ROS RS900G: All versions prior to v5.6.0
- RUGGEDCOM ROS RS900G (32M): All versions prior to v5.6.0
- RUGGEDCOM ROS RS900GP: All versions prior to v5.6.0
- RUGGEDCOM ROS RS900L: All versions prior to v5.6.0
- RUGGEDCOM ROS RS900L: All versions prior to v5.6.0
- RUGGEDCOM ROS RS900W: All versions prior to v5.6.0
- RUGGEDCOM ROS RS910: All versions prior to v5.6.0
- RUGGEDCOM ROS RS910L: All versions prior to v5.6.0
- RUGGEDCOM ROS RS910W: All versions prior to v5.6.0
- RUGGEDCOM ROS RS920L: All versions prior to v5.6.0
- RUGGEDCOM ROS RS920W: All versions prior to v5.6.0
- RUGGEDCOM ROS RS930L: All versions prior to v5.6.0
- RUGGEDCOM ROS RS930W: All versions prior to v5.6.0
- RUGGEDCOM ROS RS940G: All versions prior to v5.6.0
- RUGGEDCOM ROS RS969: All versions prior to v5.6.0
- RUGGEDCOM ROS RS8000: All versions prior to v5.6.0
- RUGGEDCOM ROS RS8000A: All versions prior to v5.6.0
- RUGGEDCOM ROS RS8000H: All versions prior to v5.6.0
- RUGGEDCOM ROS RS8000T: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG900: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG900C: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG900G: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG900R: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG907R: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG908C: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG909R: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG910C: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG920P: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2100: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2100 (32M): All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2100P: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2100P (32M): All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2200: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2288: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2300: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2300P: All versions prior to v5.6.0
- RUGGEDCOM ROS RSG2488: All versions prior to v5.6.0
- RUGGEDCOM ROS RSL910: All versions prior to v5.6.0
- RUGGEDCOM ROS RST916C: All versions prior to v5.6.0
- RUGGEDCOM ROS RST916P: All versions prior to v5.6.0
- RUGGEDCOM ROS RST2228: All versions prior to v5.6.0
Vulnerability risks:
- Missing Encryption of Sensitive Data
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-37209
[VULNERABILITY] Siemens SIMOTICS CONNECT 400
10 Mar 2022
Vulnerability affects :
- SIMOTICS CONNECT 400: All versions prior to v0.5.0.0
- SIMOTICS CONNECT 400: All versions prior to v1.0.0.0; only affected by CVE-2021-31344, CVE-2021-31346, CVE-2021-31890
Vulnerability risks:
- Type Confusion
- Improper Validation of Specified Quantity in Input
- Wrap or Wraparound
- Improper Handling of Inconsistent Structural Elements
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2021-31346
- [EN] CVE-2021-31344
- [EN] CVE-2021-31890
- [EN] CVE-2021-31889
[VULNERABILITY] Siemens SINEC NMS
10 Mar 2022
Vulnerability affects :
- SINEC NMS: All versions
Vulnerability risks:
- SQL Injection
- Deserialization of Untrusted Data
- Improper Privilege Management
Patch available :
See the documents below for more information
Sources :
- [EN] CISA
CVE :
- [EN] CVE-2022-24282
- [EN] CVE-2022-24281
- [EN] CVE-2022-25311