Vulnerabilities in ICS-CERT

93 results
CVE-2018-19018An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing proEPSS 1.2%CVE-2019-6547Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. An out-of-bounds read vulnerability may cause the softwEPSS 1.1%CVE-2019-6565Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attackEPSS 1.1%CVE-2018-14793DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to alloEPSS 1.0%CVE-2018-14784NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-sitEPSS 1.0%CVE-2018-19020When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the applEPSS 0.8%CVE-2018-19014Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. LEPSS 0.8%CVE-2018-19010Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. AEPSS 0.8%CVE-2018-19013An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a EPSS 0.8%CVE-2018-14783NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site request forgery condition can ocEPSS 0.7%CVE-2017-7906In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which EPSS 0.7%CVE-2018-8860In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker may be able to capture firmware updates through the adjacent network.EPSS 0.7%CVE-2019-6549An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or SoftwareEPSS 0.6%CVE-2018-7502Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer vEPSS 0.6%CVE-2017-16726Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been deEPSS 0.5%CVE-2018-5463A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA 4.1.0.33EPSS 0.4%CVE-2017-16718Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol useEPSS 0.4%CVE-2018-10599IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) REPSS 0.4%CVE-2019-6517BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 20EPSS 0.4%CVE-2018-10597IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) REPSS 0.4%