Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by Kaspersky ICS CERT researchers. While the affected vendor is working on a patch for these vulnerabilities, Kaspersky customers are protected from exploitation by security filters delivered ahead of public disclosure. Once the vendor patches the vulnerability, we publish an accompanying security advisory, which describes the issue, including links to the vendor’s fixes.

Filter

02 July 2021

CVE-2021-23848

KLCERT-21-016

KLCERT-21-016: Robert Bosch GmbH CPP HD/MP cameras. Multiple reflected XSS in URI handlers

02 July 2021

CVE-2021-23847

KLCERT-21-014

KLCERT-21-014: Robert Bosch GmbH CPP HD/MP cameras. Missing Authentication vulnerability for Critical Functions

11 May 2021

CVE-2020-27185

KLCERT-20-021

KLCERT-20-021: Moxa NPort IA5000A Series. Cleartext Transmission of Sensitive Information via Moxa Service

11 May 2021

CVE-2020-27184

KLCERT-20-020

KLCERT-20-020: Moxa NPort IA5000A Series. Using the Telnet service

11 May 2021

CVE-2020-27150

KLCERT-20-019

KLCERT-20-019: Moxa NPort IA5000A Series. Passwords stored in plaintext

11 May 2021

CVE-2020-27149

KLCERT-20-018

KLCERT-20-018: Moxa NPort IA5000A Series. Broken access control

02 March 2021

CVE-2021-22681

KLCERT-17-029

KLCERT-17-029: Authentication bypass in Rockwell Automation Logix controllers

09 October 2020

CVE-2020-26869

KLCERT-20-017

KLCERT-20-017: Session Information Exposure in ARC Informatique PcVue

09 October 2020

CVE-2020-26868

KLCERT-20-016

KLCERT-20-016: Denial-of-Service in ARC Informatique PcVue

23 June 2020

CVE-2020-10624

KLCERT-20-014

KLCERT-20-014: Session token exposed in Honeywell ControlEdge PLC and RTU

3

...

Select a date

Search by vendor

Materials

Advisories RSS feed

Back to top

Select a date

Search by vendor

Filter