An official website of the United States government Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View SE Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject a malicious SQL statement in the SQL database, resulting in expose sensitive information. 3. TECHNICAL DETAILS 3.1
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM CROSSBOW Vulnerabilities: Missing Authorization, Improper Neutralization of Special Elements used in an SQL Command, Missing Authentication for Critical Function, External Control of File Name or Path, Improper Limitation of a Pathname to a Restricted Directory, Exposure of Sensitive Information to
1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: S7-PCT, SCT, SIMATIC, SINAMICS, SINUMERIK, and TIA Portal Products Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel, leading to denial-of-service condition.
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Cerberus PRO UL and Desigo Fire Safety UL Vulnerabilities: Classic Buffer Overflow, Out-of-bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of the vulnerabilities could allow an unauthenticated attacker, who gained access
