Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by Kaspersky ICS CERT researchers. While the affected vendor is working on a patch for these vulnerabilities, Kaspersky customers are protected from exploitation by security filters delivered ahead of public disclosure. Once the vendor patches the vulnerability, we publish an accompanying security advisory, which describes the issue, including links to the vendor’s fixes.

Filter

18 October 2018

CVE-2018-18393

KLCERT-18-021

KLCERT-18-021: Moxa ThingsPro IIoT Gateway and Device Management Software Solutions: Password Management Issue

18 October 2018

CVE-2018-18392

KLCERT-18-020

KLCERT-18-020: Moxa ThingsPro IIoT Gateway and Device Management Software Solutions: Broken Access Control

18 October 2018

CVE-2018-18391

KLCERT-18-019

KLCERT-18-019: Moxa ThingsPro IIoT Gateway and Device Management Software Solutions: User Privilege Escalation

18 October 2018

CVE-2018-18390

KLCERT-18-018

KLCERT-18-018: Moxa ThingsPro IIoT Gateway and Device Management Software Solutions: User Enumeration

02 October 2018

CVE-2018-14804

KLCERT-18-017

KLCERT-18-017: DeltaV Remote Code Execution

17 August 2018

CVE-2018-15360

KLCERT-18-016

KLCERT-18-016: Eltex ESR-200 Router Default Password Usage

17 August 2018

CVE-2018-15359

KLCERT-18-015

KLCERT-18-015: Eltex ESR-200 Router Unsecure sudo Configuration

17 August 2018

CVE-2018-15358

KLCERT-18-014

KLCERT-18-014: Eltex ESR-200 Router Build-in user with highest privileges

17 August 2018

CVE-2018-15357

KLCERT-18-013

KLCERT-18-013: Eltex ESR-200 Router Information Disclosure

17 August 2018

CVE-2018-15356

KLCERT-18-012

KLCERT-18-012: Eltex ESR-200 Router command injection

10

Select a date

Search by vendor

Materials

Advisories RSS feed

Back to top

Select a date

Search by vendor

Filter