Updated just now · 3 advisories
An attacker could read tenant email addresses and associated account information in plaintext, or cause the Pivot client application to stop responding, disrupting communication and collaboration features that depend on it.
A user with standard privileges on a system running CEM AC2000 could escalate to higher permissions, potentially gaining control over building automation functions like HVAC, lighting, or access control systems.
An unauthenticated attacker can execute arbitrary code with root privileges on your Palo Alto Networks firewall by exploiting a buffer overflow in the User-ID Authentication Portal, potentially allowing complete control of firewall traffic and access policies.
An attacker with local access to a GRASSMARLIN system could read sensitive information from the application's memory or configuration files, potentially exposing network topology data or credentials used for network analysis.
An attacker with local access and user interaction could alter or delete files in PCM600, potentially compromising the integrity of power system configuration data. This could lead to incorrect relay settings or control logic if malicious changes are introduced.
CVE-2026-3868 allows an unauthenticated attacker to crash the Secure Router's web management interface with a specially crafted request, requiring a device reboot to restore operations. CVE-2026-3867 allows an authenticated user with low privileges to extract the administrative password hash if a configuration file has been exported, enabling potential account takeover.
An attacker who previously compromised your Cisco firewall through VPN vulnerabilities has planted a persistence mechanism in the underlying FXOS operating system that survives firmware updates, allowing them to regain access and maintain control of your network perimeter even after applying security patches.
A malicious web request can cause PASvisu Runtime to become unresponsive or crash, disrupting access to safety-critical visualization and control interfaces in your automation system.
An attacker can exhaust available TCP connections in EtherNet/IP adapters by sending malformed traffic, preventing new legitimate connections and causing denial of service to the industrial control system. Existing connections remain operational, but the inability to establish new connections can disrupt communication with field devices and process interruptions.
An attacker within wireless range could unlock and start a Yadea T5 Electric Bicycle without authorization, resulting in theft of the vehicle.
An attacker with network access to the Emergency Gateway could read, modify, or delete files on the device, potentially disrupting 911 call handling, routing, or emergency response coordination.
An attacker could bypass authentication and gain remote access to the IP camera, allowing them to view live feeds, access stored video, and potentially intercept sensitive surveillance data from your facility.
An attacker could access sensitive information stored in the booking system, potentially exposing passenger personal data, payment information, or booking details.
An attacker with network access to a Milesight camera could run commands on the device to crash it or alter its configuration, potentially disabling surveillance at critical facility locations or pivoting to downstream systems like access control networks.
An attacker could remotely alter critical functions or disable the VASCO-B GNSS receiver, disrupting positioning and timing services that surveying and construction operations depend on.
An attacker with access to upload firmware or signed objects could execute arbitrary code on industrial gateways, routers, controllers, and network appliances, potentially disrupting communications, altering process control, or stopping facility operations.
An attacker with network access could decrypt sensitive communications on your WALL IE industrial Ethernet switch, potentially exposing process data, credentials, or control signals used to manage plant operations.
An attacker who gains access to the X3050 device could take complete control of it, potentially altering sensor readings, disrupting data collection, or manipulating system operations. This could compromise the integrity of any process or safety system that relies on the device for monitoring or control.
An attacker within Bluetooth range could pair with your motorcycle without authorization and modify firmware or access Bluetooth functions, potentially disabling the bike or altering its operation.
An attacker without credentials could execute arbitrary code on SD-330AC network appliances or AMC Manager systems over the network, potentially disrupting network communication, altering device configuration, or causing service outages in connected industrial networks.
An attacker could crash the Salia EV charge controller or potentially execute arbitrary code on it, interrupting electric vehicle charging operations and potentially affecting grid stability if multiple chargers are compromised.
An attacker on the network can send spoofed NTP packets to block time synchronization on your Moxa Ethernet switches, preventing them from maintaining accurate time. This could disrupt time-dependent operations and logging, and may interfere with SCADA communications or control logic that relies on synchronized clocks.
An attacker could execute arbitrary code on a workstation running ASDA-Soft, potentially compromising engineering workflows and allowing unauthorized changes to drive configuration or parameters in connected Delta motor drives and power equipment.
An attacker with network access to Cscape or XL4/XL7 PLCs could gain unauthorized access and control over the affected systems without authentication, potentially allowing them to alter process logic or interrupt manufacturing operations.
An attacker could modify simulation parameters and training records without authentication, potentially corrupting operator training data or creating misleading simulation scenarios. This could degrade the effectiveness of operator training programs and introduce inaccurate operational reference data.
An attacker with network access could execute arbitrary code with administrative or root-level privileges on affected devices, allowing them to alter access control configurations, capture credentials, or disable security functions that protect facilities.
An authenticated administrator with compromised credentials could execute arbitrary commands on your ISE server or access sensitive files via path traversal, potentially compromising network access control and authentication infrastructure across your entire organization.
An attacker with admin access to the ISE CLI could inject commands to gain root privileges on the underlying operating system, potentially allowing full control of the identity management system and all connected network authentication.
An attacker with read-only admin credentials could execute arbitrary commands on your ISE server and escalate to full system control, potentially shutting down the entire identity authentication system and denying network access to all un-authenticated endpoints.
An attacker with network access to an Easergy MiCOM protection relay could use hard-coded credentials to log in and read sensitive device configuration and operational data. This could reveal critical information about your power system protection setup, but does not directly enable changes to relay settings or control actions.
An attacker with local access to a Windows system could spoof identities in Active Directory, potentially gaining unauthorized access to network resources and compromising authentication-dependent processes.
A user with local access to a Windows 11 system could exploit a kernel vulnerability to gain administrator-level privileges, potentially allowing them to alter SCADA software settings, disable monitoring, or install persistent malware.
An attacker could trick a user into connecting to a fake Remote Desktop Server by spoofing the connection warning, potentially capturing credentials or deploying malware on their workstation. This is a social engineering risk, not a direct threat to plant systems, but could compromise user devices used to manage or access OT systems.
A user with local access to a Windows server or workstation can exploit this WSUS race condition to gain administrative privileges, potentially allowing them to install software, modify configurations, or disrupt operations if the server plays a role in process management or monitoring.
An attacker on the network could execute code on Windows systems running vulnerable TCP/IP stacks, potentially allowing them to take control of the device and modify process setpoints, disable safety interlocks, or disrupt critical operations in water treatment or power distribution systems.
An attacker with network access to the IKE service could run arbitrary code on your Windows server or workstation with system privileges, potentially compromising SCADA networks, data historians, or engineering workstations that communicate via IPsec VPN.
An attacker with valid credentials and network access to a domain-joined Windows Server could bypass Kerberos authorization checks and escalate to higher privileges, potentially gaining full control of the server and the systems it manages.
An attacker with a local user account on a Windows Server or Windows 10/11 machine can exploit a missing authentication check in the Remote Desktop Licensing Service to gain system administrator privileges, allowing them to control the entire server and any connected systems.
An attacker with local access to a Windows-based HMI, engineering workstation, or server could escalate to system-level privileges and gain full control of that device, potentially allowing unauthorized modification of process parameters or shutdown of critical operations.
An attacker with local access to a Hyper-V host machine could run arbitrary code with the privileges of the Hyper-V process, potentially compromising virtual machines or the host system itself.
An attacker with network access to a Modicon switch using RADIUS authentication could forge RADIUS responses to bypass authentication, gain unauthorized access to the network switch, and potentially deny service to devices connected to it or intercept their communications.
A user with local access to a Windows system could exploit a kernel memory issue to gain administrative privileges, potentially allowing them to modify process settings, disable security controls, or shut down operations on that machine.
An attacker with a local user account on a Windows machine could exploit a race condition in the graphics subsystem to gain administrative privileges, potentially allowing them to modify system settings, install persistent malware, or alter industrial control configurations if the machine is used for OT monitoring or engineering.
An authorized user with local access to a Windows system could extract sensitive information from kernel logs, potentially exposing configuration details or system secrets. This is a local information disclosure with no impact on system availability or integrity.
A user with local access to a Windows system could execute commands with elevated privileges, potentially compromising the integrity of the entire device and any systems it manages or communicates with.
An attacker with local access to a Windows machine could exploit a heap buffer overflow in Hyper-V to run arbitrary code with system privileges, potentially compromising virtual machines or the host system itself.
An attacker with local access to a Windows 11 system could exploit this flaw in Windows Server Update Service to gain elevated system privileges, potentially allowing them to modify system settings, access sensitive data, or disrupt normal operations.
A user with standard access on a Windows server can run commands with system-level permissions through a flaw in the Remote Desktop Licensing Service, allowing them to take control of the server and potentially disrupt plant operations.
An attacker on your network could tamper with Windows updates being distributed through WSUS, potentially injecting malicious patches or blocking legitimate security updates from reaching your servers. This could compromise the security posture of your entire infrastructure downstream of the WSUS server.
A user with local access to a Windows system could read sensitive information from kernel log files, potentially exposing configuration details or credentials. This risk is primarily relevant if your OT systems run Windows-based engineering workstations, HMIs, or historian servers with untrusted users.