#auth

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SICAM A8000 Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to traverse directories, download arbitrary files, or escalate privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens SICAM A8000, a remote terminal unit, are affected: CP-8031 MASTER MODULE (6MF2803-1AA00): All versions prior to CPCI85 V05.11 CP-8050 MASTER MODULE (6MF2805-0AA00): All versions prior to CPCI85 V05.11 3.2 Vulnerability Overview 3.2.1 Improper Limitation of a Pathname to a Restricted Directory ('Path...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SICAM PAS/PQS Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain persistence or potentially escalate privileges in the context of the application process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens SICAM PAS/PQS are affected: SICAM PAS/PQS: Version 8.00 up to but not including 8.22. 3.2 Vulnerability Overview 3.2.1 Incorrect Permission Assignment for Critical Resource CWE-732 The affected application is installed with specific fi...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Vulnerabilities: SQL Injection, Cross-site Scripting, Improper Input Validation, Incorrect Authorization, Session Fixation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to execute arbitrary SQL queries or injected code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: RUGGEDCOM APE1808 with Nozomi Guardian / CMC: versions prior to V22.6.2 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: low attack complexity Vendor: Schneider Electric Equipment: IGSS (Interactive Graphical SCADA System) Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow arbitrary code execution or loss of control of the SCADA system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports these vulnerabilities affect the following IGSS (Interactive Graphical SCADA System) products: IGSS Update Service (IGSSupdateservice.exe): v16.0.0.23211 and prior. 3.2 Vulnerability Overview 3.2.1 Missing Authentication for Critical Function CWE-306 A missing authentication for critical function vulnerability that could allow a local attacker to change the update source exists in the IGSS Update Service, which could lead to remote code execution the attacker force an update containing malicious content. CVE-2023-4516 has been assigned to this vulnerability. A CV...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Forgot Password Module Vulnerability: Observable Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to determine if a user is valid or not, enabling a brute force attack with valid users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: Mendix Forgot Password (Mendix 7 compatible): All versions prior to V3.7.3. Mendix Forgot Password (Mendix 8 compatible): All versions prior to V4.1.3. Mendix Forgot Password (Mendix 9 compatible): All...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Hikvision Equipment: Access Control and Intercom Products Vulnerabilities: Session Fixation, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker hijacking a session and gaining device operation permissions or result in an attacker modifying device network configuration by sending specific data packets to a vulnerable interface within the same local network. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Access Control and Intercom Products are affected: DS-K1T804AXX: V1.4.0_build221212 and prior. DS-K1T341AXX: V3.2.30_build221223 and prior. DS-K1T671XXX: V3.2.30_build221223 and prior. DS-K1T343XXX: V3.14.0_build230117 and prior. DS-K1T341C: V3.3.8_build230112 and prior. DS-K1T320XXX: V3.5.0_build220706 and prior. DS-KH63 Series: V2.2.8_build230219 and prior. DS-KH85 Series: V2.2.8_build230219 and prior. DS-KH62 Series: V1.4.62...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: CP-8050, CP-8031 Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with knowledge of the corresponding credential to login to the device via SSH. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected if activated with debug support: CP-8031 MASTER MODULE (6MF2803-1AA00): All versions prior to CPCI85 V05.11 CP-8050 MASTER MODULE (6MF2805-0AA00): All versions prior to CPCI85 V05.11 3.2 Vulnerability Overview 3.2.1 USE OF HARD-CODED CREDEN...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Weintek Equipment: cMT3000 CMI Web CGI Vulnerabilities: Stack-based Buffer Overflow, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to hijack control flow and bypass login authentication or execute arbitrary commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Weintek products are affected: cMT-FHD: OS version 20210210 or prior. cMT-HDM: OS version 20210204 or prior. cMT3071: OS version 20210218 or prior. cMT3072: OS version 20210218 or prior. cMT3103: OS version 20210218 or prior. cMT3090: OS version 20210218 or prior. cMT3151: OS version 20210218 or prior. 3.2 Vulnerability Overview 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass...

Cryptocurrency apps were the most high risk for exposing sensitive information, a reverse-engineering study shows.

Cross-Site Request Forgery (CSRF) vulnerability in LeadSquared, Inc LeadSquared Suite plugin <= 0.7.4 versions.