Vulnerabilities
Findings from Q2 SCADA & HMI perimeter assessment
15 findings
Filters:
| Risk | Vulnerability | CVE | Device | Detected | CVSS | |
|---|---|---|---|---|---|---|
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | pcs7_engineering_01Siemens · PCS 7 V8.2 | 1968-12-06 | 6.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | switch_24Siemens · SCALANCE X-216 | 1969-10-01 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | ewon_flexy_02HMS · Ewon Flexy 14.x | 1969-08-02 | 7.5 | ||
Denial of Service Vulnerability in OpenSSL Affecting Industrial Products | CVE-2022-0778 | kuka_krc_03KUKA · KSS 8.x | 1967-07-27 | 7.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | hmi_mixer_03Siemens · SIMATIC HMI KTP1200 | 1968-11-02 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | cloudconnectorSiemens · Simatic Cloud Connect 7 | 1969-07-08 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | oldMachineControlSiemens · SIMATIC CPU 315-2 PN/DP | 1967-11-27 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | mix_switchSiemens · CPU 1215C AC/DC/Rly SIPLUS | 1967-10-12 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | powerlogic_ion9000Schneider · PowerLogic ION9000 | 1968-05-09 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | factorytalk_view_03Rockwell · FactoryTalk View SE 13.x | 1968-08-04 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | rexroth_indradrive_03Bosch Rexroth · IndraDrive C V6.x | 1969-12-19 | 6.5 | ||
Missing CSRF Protection in the Web Server on Single-Page-Of Industrial Controls | CVE-2023-38380 | sentron_meter_aSiemens · SENTRON PAC V9.x | 1967-10-17 | 6.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | switch_25Siemens · SCALANCE X-307-2 EEC | 1969-01-06 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | abb_robot_02ABB · RobotWare 7.x | 1969-06-08 | 3.5 | ||
Improper Check in Authenticator of Stack-Based Industrial Devices | CVE-2019-14309 | altivar_atv930_04Schneider · Altivar ATV930 V4.x | 1967-11-29 | 3.5 |
