vulnerabilities

Vulnerabilities in GE D60 Line Distance Relay devices

22 February 2018

Critical vulnerabilities have been identified in General Electric D60 Line Distance Relay devices. The vulnerabilities could allow attackers to execute code on vulnerable systems.
Critical vulnerability in WAGO PFC200 controllers closed

22 February 2018

WAGO has closed a critical vulnerability (improper authentication) in its PFC200 Series PLCs.
Serious vulnerabilities identified in Palo Alto firewalls

19 December 2017

Attackers can take advantage of vulnerabilities in the PAN-OS management interface to execute arbitrary code with superuser privileges.
Dnsmasq Vulnerabilities Affect Siemens SCALANCE Solutions

05 December 2017

Siemens SCALANCE industrial solutions are affected by Dnsmasq vulnerabilities. An attacker could be able to execute arbitrary code or conduct a DoS attack.
Vulnerabilities in Siemens SWT 3000 Devices

04 December 2017

Vulnerabilities in Siemens SWT 3000, a system used in the energy sector, allow attackers to gain access to sensitive information, circumvent authentication and conduct a DoS attack.
Intel Releases Updates to Close ME, SPS and TXE Vulnerabilities

24 November 2017

Serious vulnerabilities have been found in Intel processors. These flaws also affect industrial equipment. Intel has released the relevant updates and equipment vendors now need to integrate them into their products.
Siemens Industrial Solutions Are Vulnerable to Denial-of-Service Attacks

24 November 2017

Siemens has announced that some of its industrial solutions are vulnerable to DoS attacks. Vulnerable devices include industrial controllers, field devices and shop floor automation systems.
Serious Vulnerabilities Found in Siemens SICAM RTU Modules

17 November 2017

Serious vulnerabilities allowing attackers to execute code remotely and bypass authentication have been identified in Siemens SICAM RTU modules. Disabling the integrated web server is recommended to reduce risk.
Vulnerable System Update Statistics. General Electric

19 June 2017

This article is devoted to vulnerabilities in General Electric products. The article looks only at known vulnerabilities, a list of which was prepared based using the MITRE CVE database. All the vulnerabilities in question were uncovered in 2012 – 2016.
Vulnerability in Industrial Control software and quality of the patch management

09 December 2016

Kaspersky Lab ICS-CERT is launching a series of articles devoted to vulnerability analysis across the world. The articles aim to highlight patch management problems in the ICS world. Each article will focus on one popular ICS vendor and known vulnerabilities according to the MITRE Common Vulnerabilities and Exposures (CVE) database.