us-cert

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable with adjacent access/low attack complexity Vendor: Zebra Technologies Equipment: ZTC Industrial ZT410, ZTC Desktop GK420d Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send specially crafted packets to change credentials without any prior authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Zebra ZTC industrial and desktop printers are affected: ZTC Industrial ZT410: All versions ZTC Desktop GK420d: All versions 3.2 Vulnerability Overview 3.2.1 Authentication Bypass Using an Alternate Path or Channel CWE-288 A vulnerability of authentication bypass has been found in Zebra Technologies ZTC Industrial ZT410 and ZTC Desktop GK420d. This vulnerability allows an attacker that is in the same network as the printer to change the username and password for the web page by sending a ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Delta Electronics products are affected: DOPSoft: All versions 3.2 Vulnerability Overview 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 The affected product is vulnerable to a stack-based buffer overflow which may allow to remote code execution if an attacker can lead a legitimate user to execute a specially crafted file. CVE-2023-5944 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Energy COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: Taiwan 3.4 RESEARCHER Natnael Sam...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Products Vulnerability: External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious attacker to execute malicious code by tricking legitimate users to open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Mitsubishi Electric reports the following versions of FA Engineering Software Products are affected: GX Works3: All versions MELSOFT iQ AppPortal: All versions MELSOFT Navigator: All versions Motion Control Setting (Software packaged with GX Works3): All versions 3.2 Vulnerability Overview 3.2.1 External Control of File Name or Path CWE-73 Malicious code execution vulnerability due to external control of file name or path exists in multiple FA engineeri...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: STARDOM FCN/FCJ Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a specially crafted packet. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Yokogawa STARDOM FCN/FCJ, a network control system, are affected: STARDOM FCN/FCJ: versions R1.01 through R4.31 3.2 Vulnerability Overview 3.2.1 UNCONTROLLED RESOURCE CONSUMPTION CWE-400 This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: KEPServerEX, ThingWorx, OPC-Aggregator Vulnerabilities: Heap-based Buffer Overflow, Improper Validation of Certificate with Host Mismatch 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker gaining Windows SYSTEM-level code execution on the service host and may cause the product to crash, leak sensitive information, or connect to the product without proper authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following PTC Kepware products, are affected: KEPServerEX: v6.14.263.0 and prior ThingWorx Kepware Server: v6.14.263.0 and prior ThingWorx Industrial Connectivity: All versions OPC-Aggregator: v6.14 and prior ThingWorx Kepware Edge: v1.7 and prior Rockwell Automation KEPServer Enterprise: Versions v6.14.263.0 and prior GE Digital Industrial Gateway Server: Versions v7.614 and prior Software Toolbox TOP Server: Vers...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Exposed Dangerous Method or Function. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and obtain plaintext credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Delta Electronics products are affected: InfraSuite Device Master: Versions 1.0.7 and prior 3.2 Vulnerability Overview 3.2.1 PATH TRAVERSAL CWE-35 In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution. CVE-2023-46690 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Electric Fueling Systems Equipment: Colibri Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain login credentials for other users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of FFS Colibri, a discontinued fuel inventory monitoring system, are affected: FFS Colibri: all versions. 3.2 Vulnerability Overview 3.2.1 Path Traversal CWE-35 The discontinued FFS Colibri product allows a remote user to access files on the system including files containing login credentials for other users. CVE-2023-5885 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Energy COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEA...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 2.9 ATTENTION: Exploitable locally Vendor: Mitsubishi Electric Corporation Equipment: GX Works2 Vulnerability: Denial-of-Service 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a Denial-of-service (DoS) due to improper input validation in the simulation function of GX Works2 by sending specially crafted packets. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS GX Works2: all versions 3.2 Vulnerability Overview 3.2.1 Improper Input Validation CWE-20 An attacker may be able to cause denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running. CVE-2023-5274 has been assigned to this vulnerability. A CVSS v3.1 base score of 2.9 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L). 3.2.2 Improper Input Validation CWE-20 An attacker may be able to c...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed, allow remote code execution, or overwrite files. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Fuji Electric reports that the following versions of Tellus Lite V-Simulator remote monitoring software are affected: Tellus Lite V-Simulator: versions prior to V4.0.19.0 3.2 Vulnerability Overview 3.2.1 Stack-based Buffer Overflow CWE-121 Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file. CVE-2023-35127 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). 3.2.2 Out-of-bounds Write CWE-787 When Fuji Ele...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 2.7 ATTENTION: low attack complexity Vendor: WAGO Equipment: PFC200 Series Vulnerability: Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative privileges to access sensitive files in an unintended, undocumented way. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS WAGO reports the following products are affected: Compact Controller CC100: Versions later than FW19, up to and including FW26 Edge Controller: Versions later than FW18, up to and including FW26 PFC100: Versions later than FW16, up to and including FW26 PFC200: Versions later than FW16, up to and including FW26 Touch Panel 600 Advanced Line: Versions later than FW16, up to and including FW26 Touch Panel 600 Marine Line: Versions later than FW16, up to and including FW26 Touch Panel 600 Standard Line: Versions later than FW16, up to and including FW26 3.2 Vulnerability Overvie...