Your one-stop web resource providing safety and security information to manufacturers

Advantech Secures WebAccess/SCADA

Advantech has a new version to address multiple vulnerabilities in its WebAccess/SCADA, according to a report with NCCIC. The vulnerabilities are a path traversal, stack-based buffer overflow, heap-based buffer overflow, out-of-bounds read, out-of-bounds write, and an untrusted pointer dereference. RELATED STORIES SICK Handles MSC800 Issue ABB Clears CP635 HMI Vulnerability ABB Fixes CP651 HMI Hole […]

SICK Handles MSC800 Issue

SICK has new firmware to mitigate a use of hard-coded credentials vulnerability in its MSC800, according to a report with NCCIC. Successful exploitation of this vulnerability, discovered by Tri Quach of Amazon’s Customer Fulfillment Technology Security (CFTS) group , could allow a low-skilled remote attacker to reconfigure settings and/or disrupt the functionality of the device. […]

ABB Clears CP635 HMI Vulnerability

ABB has an update available to mitigate a use of hard-coded credentials vulnerability in its CP635 HMI, according to a report with NCCIC. Successful exploitation of this vulnerability, which is exploitable from an adjacent network, could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to […]

ABB Fixes CP651 HMI Hole

ABB has an update available to mitigate a use of hard-coded credentials vulnerability in its CP651 HMI, according to a report with NCCIC. Successful exploitation of this vulnerability, which is exploitable from an adjacent network, could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to […]

ABB Clears Panel Builder 600 Holes

ABB has new versions available to mitigate multiple vulnerabilities in its PB610 Panel Builder 600, according to a report from NCCIC. The vulnerabilities include a use of hard-coded credentials, improper authentication, relative path traversal, improper input validation, and a stack-based buffer overflow. Xen1thLabs, a Darkmatter Company, United Arab Emirates, and Abu Dhabi reported these vulnerabilities […]

Pin It on Pinterest