Source
us-cert
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Smart Editor Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Fuji Electric products are affected: Smart Editor: Versions 1.0.1.0 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS READ CWE-125 The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. CVE-2025-32412 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2025-32412. A base score of 8.4 has been calculated; the CVSS vector string is (AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N). 3.2....
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: PI Connector for CygNet Vulnerabilities: Cross-site Scripting, Improper Validation of Integrity Check Value 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to persist arbitrary code in the administrative portal of the product or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PI Connector for CygNet are affected: PI Connector for CygNet: Version 1.6.14 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-79 A cross-site scripting vulnerability exists in PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow an administrator miscreant with local access to the connector admin portal to persist arbitrary JavaScript code that will be executed by other users who visit affected pages. CVE...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.5 ATTENTION: Exploitable remotely Vendor: AVEVA Equipment: PI Web API Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disable content security policy protections. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AVEVA PI Web API are affected: PI Web API: Versions 2023 SP1 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 A cross-site scripting vulnerability exists in PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker (with privileges to create/update annotations or upload media files) to persist arbitrary JavaScript code that will be executed by users who were socially engineered to disable content security policy protections while rendering annotation attachments from within a web browser. CVE-2025-2745 has been assign...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ValueHD, PTZOptics, multiCAM Systems, SMTAV Equipment: Various pan-tilt-zoom cameras Vulnerabilities: Improper Authentication, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leak sensitive data, execute arbitrary commands, and access the admin web interface using hard-coded credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following ValueHD, PTZOptics, multiCAM Systems, and SMTAV products are affected: PTZOptics PT12X-SDI-xx-G2: Versions 6.3.34 and prior (CVE-2025-35451) PTZOptics PT12X-NDI-xx: Versions 6.3.34 and prior (CVE-2025-35451) PTZOptics PT12X-USB-xx-G2: Versions 6.2.81 and prior (CVE-2025-35451) PTZOptics PT20X-SDI-xx-G2: Versions 6.3.20 and prior (CVE-2025-35451) PTZOptics PT20X-NDI-xx: Versions...
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC S7-1500 CPU family Vulnerabilities: Missing Encryption of Sensitive Data, Out-of-bounds Read, Use After Free, Stack-based Buffer Overflow, Incorrect Provision of Specified Functionality, Out-of-bounds Write, Incorrect Calculation of Buffer Size, Heap-based Buffer Overflow, External Control of File Name or Path, Uncontrolled Resource Consumption, Improper Input Validation, Truncation of Security-relevant Information, Missing Critical Step in Authentication, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), ...
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens RUGGEDCOM APE1808: All versions with Palo Alto Networks Virtual NGFW with an enabled GlobalProtect gateway or portal 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALI...
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Tecnomatix Plant Simulation Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code in the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Tecnomatix Plant Simulation V2404: All versions prior to V2404.0013 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS READ CWE-125 The affected applications contain an out-of-bounds read past the end of an allocated structure while parsing specially crafted WRL files. This coul...
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE and RUGGEDCOM Vulnerabilities: Incorrect Authorization, Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to circumvent authorization checks and perform actions that exceed the permissions of the "guest" role. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens RUGGEDCOM RST2428P (6GK6242-6PA00): All versions prior to V3.2 Siemens SCALANCE XCM324 (6GK5324-8TS...
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE and RUGGEDCOM Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform actions that exceed the permissions of the "guest" role. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens RUGGEDCOM RST2428P (6GK6242-6PA00): All versions prior to V3.1 Siemens SCALANCE XCM324 (6GK5324-8TS01-2AC2): All versions prior to V3.1 Siemens SCALANCE XCM328 (6GK5328-4TS01-2AC2): All versions prior to V3.1 Siemens SCALANCE X...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: PI Data Archive Vulnerabilities: Uncaught Exception, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could shut down necessary subsystems and cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PI Data Archive, as delivered by PI Server are affected: PI Data Archive: Versions 2018 SP3 Patch 4 and prior (CVE-2025-44019) PI Data Archive: Version 2023 (CVE-2025-44019, CVE-2025-36539) PI Data Archive: Version 2023 Patch 1 (CVE-2025-44019, CVE-2025-36539) PI Server: Versions 2018 SP3 Patch 6 and prior (CVE-2025-44019) PI Server: Version 2023 (CVE-2025-44019, CVE-2025-36539) PI Server: Version 2023 Patch 1 (CVE-2025-44019, CVE-2025-36539) 3.2 VULNERABILITY OVERVIEW 3.2.1 UNCAUGHT EXCEPTION CWE-248 The affected products are vulnerable to an uncaught exception that, if explo...