-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathadvisories.xml
169 lines (169 loc) · 10.1 KB
/
advisories.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
<?xml version="1.0" encoding="utf-8" ?><rss version="2.0" xml:base="https://ics-cert.us-cert.gov/advisories/advisories.xml" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>ICS-CERT Advisory Feed</title>
<link>https://ics-cert.us-cert.gov/advisories/advisories.xml</link>
<description></description>
<language>en</language>
<atom:link href="https://ics-cert.us-cert.gov/advisories/advisories.xml" rel="self" type="application/rss+xml" />
<item>
<title>LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01</link>
<description>This advisory contains mitigation details for a path traversal vulnerability in the LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA software.</description>
<pubDate>Thu, 23 Mar 2017 10:05:21 EDT</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2297</guid>
</item>
<item>
<title>BD Kiestra PerformA and KLA Journal Service Applications Hard-Coded Passwords Vulnerability</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSMA-17-082-01</link>
<description>This advisory contains mitigation details for a hard-coded password vulnerability in the Becton, Dickinson and Company (BD) Kiestra PerformA and KLA Journal Service applications that access the BD Kiestra Database.</description>
<pubDate>Thu, 23 Mar 2017 10:00:52 EDT</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2302</guid>
</item>
<item>
<title>Rockwell Automation Connected Components Workbench</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01</link>
<description>This advisory was originally posted to the NCCIC Portal on February 16, 2017, and is being released to the ICS-CERT web site. This advisory contains mitigation details for a DLL hijack vulnerability in Rockwell Automation’s Connected Components Workbench.</description>
<pubDate>Tue, 21 Mar 2017 10:10:05 EDT</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2285</guid>
</item>
<item>
<title>Rockwell Automation FactoryTalk Activation</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-047-02</link>
<description>This advisory was originally posted to the NCCIC Portal on February 16, 2017, and is being released to the ICS-CERT web site. This advisory contains mitigation details for an unquoted search path or element vulnerability in Rockwell Automation’s FactoryTalk Activation.</description>
<pubDate>Tue, 21 Mar 2017 10:00:04 EDT</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2289</guid>
</item>
<item>
<title>LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01</link>
<description>This advisory contains mitigation details for an improper access control vulnerability in the LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA software.</description>
<pubDate>Thu, 16 Mar 2017 10:00:53 EDT</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2278</guid>
</item>
<item>
<title>Fatek Automation PLC Ethernet Module</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-073-01</link>
<description>This advisory contains mitigation details for a stack-based buffer overflow vulnerability in Fatek Automation&#039;s PLC Ethernet module.</description>
<pubDate>Tue, 14 Mar 2017 10:00:42 EDT</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2271</guid>
</item>
<item>
<title>Schneider Electric ClearSCADA</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-068-01</link>
<description>This advisory contains mitigation details for an input validation vulnerability in Schneider Electric&#039;s ClearSCADA.</description>
<pubDate>Thu, 09 Mar 2017 10:00:21 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2265</guid>
</item>
<item>
<title>Schneider Electric Wonderware Intelligence</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01</link>
<description>This advisory contains mitigation details for a credentials management vulnerability in Schneider Electric&#039;s Wonderware Intelligence software.</description>
<pubDate>Tue, 07 Mar 2017 10:00:00 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2261</guid>
</item>
<item>
<title>Eaton xComfort Ethernet Communication Interface</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-061-01</link>
<description>This advisory contains mitigation details for an improper access controls vulnerability in the Eaton xComfort Ethernet Communication Interface.</description>
<pubDate>Thu, 02 Mar 2017 10:10:18 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2237</guid>
</item>
<item>
<title>Schneider Electric Conext ComBox</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-061-02</link>
<description>This advisory contains mitigation details for a resource exhaustion vulnerability in Schneider Electric’s Conext ComBox solar battery monitor.</description>
<pubDate>Thu, 02 Mar 2017 10:05:00 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2239</guid>
</item>
<item>
<title>Siemens SINUMERIK Integrate and SINUMERIK Operate</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-061-03</link>
<description>This advisory contains mitigation details for a man-in-the-middle vulnerability in the Siemens SINUMERIK Integrate and SINUMERIK Operate.</description>
<pubDate>Thu, 02 Mar 2017 10:00:00 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2245</guid>
</item>
<item>
<title>Siemens RUGGEDCOM NMS</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-059-01</link>
<description>This advisory contains mitigation details for cross-site request forgery and cross-site scripting vulnerabilities in the Siemens RUGGEDCOM NMS.</description>
<pubDate>Tue, 28 Feb 2017 10:00:33 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2231</guid>
</item>
<item>
<title>VIPA Controls WinPLC7</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-054-01</link>
<description>This advisory contains mitigation details for a stack buffer overflow vulnerability in VIPA Controls&#039; WinPLC7.</description>
<pubDate>Thu, 23 Feb 2017 10:10:24 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2211</guid>
</item>
<item>
<title>Red Lion Controls Sixnet-Managed Industrial Switches, AutomationDirect STRIDE-Managed Ethernet Switches Vulnerability</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-054-02</link>
<description>This advisory contains mitigation details for a hard-coded cryptographic key vulnerability in Red Lion Controls&#039; Sixnet-Managed Industrial Switches and AutomationDirect&#039;s STRIDE-Managed Ethernet Switches.</description>
<pubDate>Thu, 23 Feb 2017 10:05:53 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2208</guid>
</item>
<item>
<title>Schneider Electric Modicon M340 PLC</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03</link>
<description>This advisory contains mitigation details for a resource exhaustion vulnerability in Schneider Electric&#039;s Modicon M340 PLC.</description>
<pubDate>Thu, 23 Feb 2017 10:00:38 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2217</guid>
</item>
<item>
<title>Advantech WebAccess</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-045-01</link>
<description>This advisory contains mitigation details for a DLL hijacking vulnerability in Advantech&#039;s WebAccess.</description>
<pubDate>Tue, 14 Feb 2017 10:15:18 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2159</guid>
</item>
<item>
<title>Geutebrück IP Cameras</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02</link>
<description>This advisory contains mitigation details for authentication bypass and improper neutralization of special elements vulnerabilities in Geutebrück IP cameras.</description>
<pubDate>Tue, 14 Feb 2017 10:10:02 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2165</guid>
</item>
<item>
<title>Siemens SIMATIC Authentication Bypass</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-045-03</link>
<description>This advisory contains mitigation details for an authentication bypass in Siemens&#039; SIMATIC.</description>
<pubDate>Tue, 14 Feb 2017 10:05:59 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2167</guid>
</item>
<item>
<title>Hanwha Techwin Smart Security Manager</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-040-01</link>
<description>This advisory contains mitigation detail for remote code execution vulnerabilities in Hanwha Techwin&#039;s Smart Security Manager.</description>
<pubDate>Thu, 09 Feb 2017 10:10:36 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2153</guid>
</item>
<item>
<title>Sielco Sistemi Winlog SCADA Software</title>
<link>https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01</link>
<description>This advisory contains mitigation details for an uncontrolled search path vulnerability in Sielco Sistemi&#039;s Winlog SCADA Software.</description>
<pubDate>Tue, 07 Feb 2017 10:10:27 EST</pubDate>
<dc:creator>Advisory Document</dc:creator>
<guid isPermaLink="false">/node/2151</guid>
</item>
</channel>
</rss>