Read more about the article CISA Releases Six Industrial Control Systems Advisories

CISA Releases Six Industrial Control Systems Advisories

  • Post author:
  • Post category:

An official website of the United States government Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure

Continue ReadingCISA Releases Six Industrial Control Systems Advisories
Read more about the article ICS Medical Advisory: Orthanc Osimis DICOM Web Viewer

ICS Medical Advisory: Orthanc Osimis DICOM Web Viewer

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Orthanc Equipment: Osimis Web Viewer Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code inside the victim's browser. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Osimis Web

Continue ReadingICS Medical Advisory: Orthanc Osimis DICOM Web Viewer
Read more about the article ICS Advisory: Lantronix XPort

ICS Advisory: Lantronix XPort

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low attack complexity Vendor: Lantronix Equipment: XPort Vulnerability: Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of XPort, a device server configuration manager, are affected: XPort

Continue ReadingICS Advisory: Lantronix XPort
Read more about the article ICS Advisory: Westermo Lynx 206-F2G

ICS Advisory: Westermo Lynx 206-F2G

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Westermo Equipment: Lynx 206-F2G Vulnerabilities: Cross-site Scripting, Code Injection, Cross-Origin Resource Sharing, Cleartext Transmission of Sensitive Information, Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access the web application, inject arbitrary code, execute

Continue ReadingICS Advisory: Westermo Lynx 206-F2G
Read more about the article ICS Advisory: Voltronic Power ViewPower Pro

ICS Advisory: Voltronic Power ViewPower Pro

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Voltronic Power Equipment: ViewPower Pro Vulnerabilities: Deserialization of Untrusted Data, Missing Authentication for Critical Function, Exposed Dangerous Method or Function, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service condition, obtain administrator credentials, or achieve remote

Continue ReadingICS Advisory: Voltronic Power ViewPower Pro