Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by Kaspersky ICS CERT researchers. While the affected vendor is working on a patch for these vulnerabilities, Kaspersky customers are protected from exploitation by security filters delivered ahead of public disclosure. Once the vendor patches the vulnerability, we publish an accompanying security advisory, which describes the issue, including links to the vendor’s fixes.

Filter

23 March 2020

CVE-2020-6970

KLCERT-20-324

KLCERT-20-324: Remote Code Execution on Emerson OpenEnterprise SCADA Server version 2.83 and all versions of OpenEnterprise 3.1 through 3.3.3

16 March 2020

CVE-2015-3269

KLCERT-20-002

KLCERT-20-002: XXE on Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1

16 March 2020

CVE-2017-5641

KLCERT-20-001

KLCERT-20-001: Remote Code Execution on Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1

30 October 2019

CVE-2019-15682

KLCERT-19-032

KLCERT-19-032: A denial-of-service condition in RDesktop before 1.8.5

13 August 2019

CVE-2019-9013

KLCERT-19-031

KLCERT-19-031: CODESYS V3 Password transmission vulnerability

05 June 2019

CVE-2019-8283

KLCERT-19-030

KLCERT-19-030: Hasplm cookie without HTTPOnly attribute

05 June 2019

CVE-2019-8282

KLCERT-19-029

KLCERT-19-029: Gemalto Admin Control Center uses cleartext communication with www3.safenet-inc.com

16 May 2019

CVE-2019-10922

KLCERT-19-027

KLCERT-19-027: Remote Code Execution Vulnerability in Siemens SIMATIC WinCC and SIMATIC PCS 7

16 May 2019

CVE-2019-10917

KLCERT-19-026

KLCERT-19-026: Siemens WinCC local denial of service

16 May 2019

CVE-2019-10916

KLCERT-19-025

KLCERT-19-025: Siemens SIMATIC WinCC and SIMATIC PCS 7 remote code execution using specially crafted project files

5

...

Select a date

Search by vendor

Materials

Advisories RSS feed

Back to top

Select a date

Search by vendor

Filter