Security
Headlines
HeadlinesLatestCVEs

Source

us-cert

Delta Industrial Automation DRAS

This advisory contains mitigations for an Improper Restriction of XML External Entity Reference vulnerability in Delta Industrial Automation DRAS, a controller software suite.

us-cert
Open in Source
#vulnerability
B&R Industrial Automation Automation Studio 4

This advisory contains mitigations for an Unrestricted Upload of File with Dangerous Type vulnerability in Industrial Automation Automation Studio 4, a PLC automation programming software.

Emerson Proficy Machine Edition

This advisory contains mitigations for Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of Cryptographic Signature, Insufficient Verification of Data Authenticity, and Path Traversal: ‘\..\filename’ vulnerabilities in Emerson Proficy Machine Edition, an engineering workstation.

Sequi PortBloque S

This advisory contains mitigations for Improper Authentication and Improper Authorization vulnerabilities in Sequi PortBloque S, a serial Modbus firewall.

Siemens Simcenter STAR-CCM+

This advisory contains mitigations for an Exposure of Sensitive Information to an Unauthorized Actor vulnerability in versions of Siemens Simcenter STAR-CCM+ products.

Siemens Teamcenter

This advisory contains mitigations for Command Injection and Infinite Loop vulnerabilities in versions of Siemens Teamcenter a product lifecycle management software.

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70

This advisory contains mitigations for Heap-based Buffer Overflow, Wrap or Wraparound, Classic Buffer Overflow, and Out-of-bounds Write vulnerabilities in products using AT&T Labs Compressor (XMill) and Decompressor (XDemill).

Emerson ROC800, ROC800L and DL8000

This advisory contains mitigations for an Insufficient Verification of Data Authenticity vulnerability in versions of ROC800, a remote automation controller.

Siemens SICAM A8000 Web Server Module

This advisory contains mitigations for an Improper Access Control vulnerability in versions of SICAM A8000 Web Server Module products.

Siemens SICAM TOOLBOX II

This advisory contains mitigations for a Use of Hard-coded Credentials vulnerability in versions of SICAM TOOLBOX II, a control and monitoring system.