Vulnerabilities

Findings from Q2 SCADA & HMI perimeter assessment

15 findings
Filters:
RiskVulnerabilityCVEDeviceDetectedCVSS
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
pcs7_engineering_01Siemens · PCS 7 V8.2
1968-12-066.5
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products
CVE-2022-0778
switch_24Siemens · SCALANCE X-216
1969-10-017.5
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products
CVE-2022-0778
ewon_flexy_02HMS · Ewon Flexy 14.x
1969-08-027.5
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products
CVE-2022-0778
kuka_krc_03KUKA · KSS 8.x
1967-07-277.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
hmi_mixer_03Siemens · SIMATIC HMI KTP1200
1968-11-026.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
cloudconnectorSiemens · Simatic Cloud Connect 7
1969-07-086.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
oldMachineControlSiemens · SIMATIC CPU 315-2 PN/DP
1967-11-276.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
mix_switchSiemens · CPU 1215C AC/DC/Rly SIPLUS
1967-10-126.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
powerlogic_ion9000Schneider · PowerLogic ION9000
1968-05-096.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
factorytalk_view_03Rockwell · FactoryTalk View SE 13.x
1968-08-046.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
rexroth_indradrive_03Bosch Rexroth · IndraDrive C V6.x
1969-12-196.5
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls
CVE-2023-38380
sentron_meter_aSiemens · SENTRON PAC V9.x
1967-10-176.5
Improper Check in Authenticator of Stack-Based Industrial Devices
CVE-2019-14309
switch_25Siemens · SCALANCE X-307-2 EEC
1969-01-063.5
Improper Check in Authenticator of Stack-Based Industrial Devices
CVE-2019-14309
abb_robot_02ABB · RobotWare 7.x
1969-06-083.5
Improper Check in Authenticator of Stack-Based Industrial Devices
CVE-2019-14309
altivar_atv930_04Schneider · Altivar ATV930 V4.x
1967-11-293.5