Security
Headlines
HeadlinesLatestCVEs

Source

us-cert

AVEVA Edge 2020 R2 SP1 and all prior versions

This advisory contains mitigations for Insufficient UI Warning of Dangerous Operations, Uncontrolled Search Path Element, and Deserialization of Untrusted Data, Improper Restriction of XML External Entity Reference vulnerabilities in versions of AVEVA Edge, an industrial software system.

us-cert
Open in Source
#vulnerability
Cognex 3D-A1000 Dimensioning System

This advisory contains mitigations for Missing Authentication for Critical Function, Improper Output Neutralization for Logs, and Client-side Enforcement of Server-side Security vulnerabilities in versions of Cognex 3DS-A1000 Dimensioning System, an industrial smart camera.

Hitachi Energy TXpert Hub CoreTec 4

This advisory contains mitigations for Authentication Bypass Using an Alternate Path or Channel and Improper Input Validation, Download of Code Without Integrity Check vulnerabilities in versions of Hitachi Energy TXpert Hub CoreTec 4, a digital transformer monitoring and diagnostics device.

Delta Electronics DOPSoft 2 (Update A)

This updated advisory is a follow-up to the advisory update titled ICSA-21-252-02 Delta Electronics DOPSoft2 that was published September 09, 2021, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Stack-based Buffer Overflow, Out-of-Bounds Write, and Heap-based Buffer Overflow vulnerabilities in Delta Electronics DOPSoft 2 HMI editing software.

Contec Health CMS8000

This advisory contains mitigations for Improper Access Control, Uncontrolled Resource Consumption, Use of Hard-Coded Credentials, Active Debug Code vulnerabilities in Contec Health CMS8000, a ICU CCU Vital Signs Patient Monitor.

Delta Electronics DOPSoft

This advisory contains mitigations for an Out-of-bounds Read vulnerability in versions of Delta Electronics DOPSoft, a software supporting the DOP-100 series HMI screens.

Hitachi Energy FACTS Control Platform (FCP) Product

This advisory contains mitigations for Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate Validation, Observable Discrepancy vulnerabilities in Hitachi Energy FACTS Control Platform (FCP).

Hitachi Energy Gateway Station (GWS) Product

This advisory contains mitigations for a Hitachi Energy Gateway Station (GWS) Product vulnerability in Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate Validation, Observable Discrepancy.

Hitachi Energy MSM Product

This advisory contains mitigations for a Hitachi Energy MSM Product vulnerability in Reliance on Uncontrolled Component.

Hitachi Energy RTU500 series

This advisory contains mitigations for a Hitachi Energy RTU500 series vulnerability in Improper Input Validation.