Source
us-cert
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Illustra Essentials Gen 4 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports that the following versions of Illustra Essentials Gen 4 IP camera are affected: Illustra Essentials Gen 4: all versions up to Illustra.Ess4.01.02.10.5982 3.2 Vulnerability Overview 3.2.1 Improper Input Validation CWE-20 Under certain circumstances the web interface will accept characters unrelated to the expected input. CVE-2024-32755 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, Commercial Facilities, Government Facilities, Transporta...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Illustra Essentials Gen 4 Vulnerability: Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability may allow web interface user's credentials to be recovered by an authenticated user. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports that the following versions of Illustra Essentials IP cameras are affected: Illustra Essential Gen 4: versions Illustra.Ess4.01.02.10.5982 and prior 3.2 Vulnerability Overview 3.2.1 Storing Passwords in a Recoverable Format CWE-257 Under certain circumstances, the web interface users credentials may be recovered by an authenticated user. CVE-2024-32932 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: ...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: SDG Technologies Equipment: PnPSCADA Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SDG Technologies PnPSCADA, a web-based SCADA HMI, are affected: PnPSCADA: Versions prior to 4 3.2 Vulnerability Overview 3.2.1 MISSING AUTHORIZATION CWE-862 SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system. CVE-2024-2882 has been assigned to this...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Johnson Controls, Inc. Equipment: Illustra Essentials Gen 4 Vulnerability: Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to recover credentials for other Linux users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports that the following versions of Illustra Essential Gen 4, an IP camera, are affected: Illustra Essentials Gen 4: versions up to Illustra.Ess4.01.02.10.5982 3.2 Vulnerability Overview 3.2.1 Storing Passwords in a Recoverable Format CWE-257 Under certain circumstances the Linux users credentials may be recovered by an authenticated user. CVE-2024-32756 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, Commer...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: FAST/TOOLS and CI Server Vulnerabilities: Cross-site Scripting, Empty Password in Configuration File 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to launch a malicious script and take control of affected products. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Yokogawa FAST/TOOLS and CI Server, SCADA software environments, are affected: FAST/TOOLS RVSVRN Package: Versions R9.01 through R10.04 FAST/TOOLS UNSVRN Package: Versions R9.01 through R10.04 FAST/TOOLS HMIWEB Package: Versions R9.01 through R10.04 FAST/TOOLS FTEES Package: Versions R9.01 through R10.04 FAST/TOOLS HMIMOB Package: Versions R9.01 through R10.04 CI Server: Versions R1.01.00 through R1.03.00 3.2 Vulnerability Overview 3.2.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-79 The affected...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Illustra Essentials Gen 4 Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to gain access to Linux user credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports that the following versions of Illustra Essential Gen 4 IP cameras are affected: Illustra Essential Gen 4: version Illustra.Ess4.01.02.10.5982 and prior 3.2 Vulnerability Overview 3.2.1 Insertion of Sensitive Information into Log File CWE-532 Under certain circumstances, unnecessary user details are provided within system logs CVE-2024-32757 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, C...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: ABB Equipment: 800xA Base Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause services to crash and restart. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the vulnerability only affects 800xA services in PC based client/server nodes. Controllers are not affected by this vulnerability: ABB 800xA Base: versions 6.1.1-2 and prior 3.2 Vulnerability Overview 3.2.1 Improper Input Validation CWE-20 An attacker who successfully exploited this vulnerability could cause services to crash and restart by sending specifically crafted messages. CVE-2024-3036 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.7 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). A CVSS v4 score has also been calculated for CVE-2024-3036. A base score of 6.9 has been calculated; the CVSS vector string...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Creo Elements/Direct License Server Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated remote attackers to execute arbitrary OS commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS PTC reports that the following versions of Creo Elements/Direct License Server are affected; note that this vulnerability does not impact "Creo License server": Creo Elements/Direct License Server: Version 20.7.0.0 and prior 3.2 Vulnerability Overview 3.2.1 Missing Authorization CWE-122 Creo Elements Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server. CVE-2024-6071 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Yokogawa Equipment: CENTUM Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary programs. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Yokogawa CENTUM, a distributed control system (DCS), are affected: CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class): Version R3.08.10 to R3.09.50 CENTUM VP (Including CENTUM VP Entry Class): Version R4.01.00 to R4.03.00 CENTUM VP (Including CENTUM VP Entry Class): Version R5.01.00 to R5.04.20 CENTUM VP (Including CENTUM VP Entry Class): Version R6.01.00 to R6.11.10 3.2 Vulnerability Overview 3.2.1 Improper Access Control CWE-284 If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute ...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: CAREL Equipment: Boss-Mini Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate an argument path, which would lead to information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of CAREL Boss-Mini, a local supervisor solution, are affected: Boss-Mini: Version 1.4.0 (Build 6221) 3.2 Vulnerability Overview Under certain conditions, a malicious actor already present in the same network segment of the affected product, could abuse Local File Inclusion (LFI) techniques to access unauthorized file system resources, such as configuration files, password files, system logs, or other sensitive data. This could expose confidential information and potentially lead to further threats. CVE-2023-3643 has been assigned to this vulnerability. A CVSS v3.1 base s...