Read more about the article ICS Advisory: EuroTel ETL3100 Radio Transmitter

ICS Advisory: EuroTel ETL3100 Radio Transmitter

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: EuroTel Equipment: ETL3100 Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Authorization Bypass Through User-Controlled Key, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to gain full access to the system

Continue ReadingICS Advisory: EuroTel ETL3100 Radio Transmitter
Read more about the article ICS Advisory: Open Design Alliance Drawing SDK

ICS Advisory: Open Design Alliance Drawing SDK

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Open Design Alliance (ODA) Equipment: Drawing SDK Vulnerabilities: Use after Free, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to disclose sensitive information on affected installations of ODA Drawing SDK. 3. TECHNICAL DETAILS 3.1 AFFECTED

Continue ReadingICS Advisory: Open Design Alliance Drawing SDK
Read more about the article ICS Advisory: EFACEC UC 500E

ICS Advisory: EFACEC UC 500E

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: EFACEC Equipment: UC 500 Vulnerabilities: Cleartext Transmission of Sensitive Information, Open Redirect, Exposure of Sensitive Information to an Unauthorized Actor, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve sensitive information, gain unauthorized

Continue ReadingICS Advisory: EFACEC UC 500E
Read more about the article ICS Advisory: EFACEC BCU 500

ICS Advisory: EFACEC BCU 500

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: EFACEC Equipment: BCU 500 Vulnerabilities: Uncontrolled Resource Consumption, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition on the affected product or compromise the web application through a cross-site request

Continue ReadingICS Advisory: EFACEC BCU 500
Read more about the article ICS Advisory: Subnet Solutions Inc. PowerSYSTEM Center

ICS Advisory: Subnet Solutions Inc. PowerSYSTEM Center

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker achieving arbitrary code execution and privilege escalation through the unquoted service path. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of

Continue ReadingICS Advisory: Subnet Solutions Inc. PowerSYSTEM Center