|
| 1 | +<?xml version="1.0" encoding="utf-8" ?><rss version="2.0" xml:base="https://ics-cert.us-cert.gov/advisories/advisories.xml" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"> |
| 2 | + <channel> |
| 3 | + <title>ICS-CERT Advisory Feed</title> |
| 4 | + <link>https://ics-cert.us-cert.gov/advisories/advisories.xml</link> |
| 5 | + <description></description> |
| 6 | + <language>en</language> |
| 7 | + <atom:link href="https://ics-cert.us-cert.gov/advisories/advisories.xml" rel="self" type="application/rss+xml" /> |
| 8 | + <item> |
| 9 | + <title>Schneider Electric ClearSCADA</title> |
| 10 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-068-01</link> |
| 11 | + <description>This advisory contains mitigation details for an input validation vulnerability in Schneider Electric&#039;s ClearSCADA.</description> |
| 12 | + <pubDate>Thu, 09 Mar 2017 10:00:21 EST</pubDate> |
| 13 | + <dc:creator>Advisory Document</dc:creator> |
| 14 | + <guid isPermaLink="false">/node/2265</guid> |
| 15 | + </item> |
| 16 | + <item> |
| 17 | + <title>Schneider Electric Wonderware Intelligence</title> |
| 18 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01</link> |
| 19 | + <description>This advisory contains mitigation details for a credentials management vulnerability in Schneider Electric&#039;s Wonderware Intelligence software.</description> |
| 20 | + <pubDate>Tue, 07 Mar 2017 10:00:00 EST</pubDate> |
| 21 | + <dc:creator>Advisory Document</dc:creator> |
| 22 | + <guid isPermaLink="false">/node/2261</guid> |
| 23 | + </item> |
| 24 | + <item> |
| 25 | + <title>Eaton xComfort Ethernet Communication Interface</title> |
| 26 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-061-01</link> |
| 27 | + <description>This advisory contains mitigation details for an improper access controls vulnerability in the Eaton xComfort Ethernet Communication Interface.</description> |
| 28 | + <pubDate>Thu, 02 Mar 2017 10:10:18 EST</pubDate> |
| 29 | + <dc:creator>Advisory Document</dc:creator> |
| 30 | + <guid isPermaLink="false">/node/2237</guid> |
| 31 | + </item> |
| 32 | + <item> |
| 33 | + <title>Schneider Electric Conext ComBox</title> |
| 34 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-061-02</link> |
| 35 | + <description>This advisory contains mitigation details for a resource exhaustion vulnerability in Schneider Electric’s Conext ComBox solar battery monitor.</description> |
| 36 | + <pubDate>Thu, 02 Mar 2017 10:05:00 EST</pubDate> |
| 37 | + <dc:creator>Advisory Document</dc:creator> |
| 38 | + <guid isPermaLink="false">/node/2239</guid> |
| 39 | + </item> |
| 40 | + <item> |
| 41 | + <title>Siemens SINUMERIK Integrate and SINUMERIK Operate</title> |
| 42 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-061-03</link> |
| 43 | + <description>This advisory contains mitigation details for a man-in-the-middle vulnerability in the Siemens SINUMERIK Integrate and SINUMERIK Operate.</description> |
| 44 | + <pubDate>Thu, 02 Mar 2017 10:00:00 EST</pubDate> |
| 45 | + <dc:creator>Advisory Document</dc:creator> |
| 46 | + <guid isPermaLink="false">/node/2245</guid> |
| 47 | + </item> |
| 48 | + <item> |
| 49 | + <title>Siemens RUGGEDCOM NMS</title> |
| 50 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-059-01</link> |
| 51 | + <description>This advisory contains mitigation details for cross-site request forgery and cross-site scripting vulnerabilities in the Siemens RUGGEDCOM NMS.</description> |
| 52 | + <pubDate>Tue, 28 Feb 2017 10:00:33 EST</pubDate> |
| 53 | + <dc:creator>Advisory Document</dc:creator> |
| 54 | + <guid isPermaLink="false">/node/2231</guid> |
| 55 | + </item> |
| 56 | + <item> |
| 57 | + <title>VIPA Controls WinPLC7</title> |
| 58 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-054-01</link> |
| 59 | + <description>This advisory contains mitigation details for a stack buffer overflow vulnerability in VIPA Controls&#039; WinPLC7.</description> |
| 60 | + <pubDate>Thu, 23 Feb 2017 10:10:24 EST</pubDate> |
| 61 | + <dc:creator>Advisory Document</dc:creator> |
| 62 | + <guid isPermaLink="false">/node/2211</guid> |
| 63 | + </item> |
| 64 | + <item> |
| 65 | + <title>Red Lion Controls Sixnet-Managed Industrial Switches, AutomationDirect STRIDE-Managed Ethernet Switches Vulnerability</title> |
| 66 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-054-02</link> |
| 67 | + <description>This advisory contains mitigation details for a hard-coded cryptographic key vulnerability in Red Lion Controls&#039; Sixnet-Managed Industrial Switches and AutomationDirect&#039;s STRIDE-Managed Ethernet Switches.</description> |
| 68 | + <pubDate>Thu, 23 Feb 2017 10:05:53 EST</pubDate> |
| 69 | + <dc:creator>Advisory Document</dc:creator> |
| 70 | + <guid isPermaLink="false">/node/2208</guid> |
| 71 | + </item> |
| 72 | + <item> |
| 73 | + <title>Schneider Electric Modicon M340 PLC</title> |
| 74 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03</link> |
| 75 | + <description>This advisory contains mitigation details for a resource exhaustion vulnerability in Schneider Electric&#039;s Modicon M340 PLC.</description> |
| 76 | + <pubDate>Thu, 23 Feb 2017 10:00:38 EST</pubDate> |
| 77 | + <dc:creator>Advisory Document</dc:creator> |
| 78 | + <guid isPermaLink="false">/node/2217</guid> |
| 79 | + </item> |
| 80 | + <item> |
| 81 | + <title>Advantech WebAccess</title> |
| 82 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-045-01</link> |
| 83 | + <description>This advisory contains mitigation details for a DLL hijacking vulnerability in Advantech&#039;s WebAccess.</description> |
| 84 | + <pubDate>Tue, 14 Feb 2017 10:15:18 EST</pubDate> |
| 85 | + <dc:creator>Advisory Document</dc:creator> |
| 86 | + <guid isPermaLink="false">/node/2159</guid> |
| 87 | + </item> |
| 88 | + <item> |
| 89 | + <title>Geutebrück IP Cameras</title> |
| 90 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02</link> |
| 91 | + <description>This advisory contains mitigation details for authentication bypass and improper neutralization of special elements vulnerabilities in Geutebrück IP cameras.</description> |
| 92 | + <pubDate>Tue, 14 Feb 2017 10:10:02 EST</pubDate> |
| 93 | + <dc:creator>Advisory Document</dc:creator> |
| 94 | + <guid isPermaLink="false">/node/2165</guid> |
| 95 | + </item> |
| 96 | + <item> |
| 97 | + <title>Siemens SIMATIC Authentication Bypass</title> |
| 98 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-045-03</link> |
| 99 | + <description>This advisory contains mitigation details for an authentication bypass in Siemens&#039; SIMATIC.</description> |
| 100 | + <pubDate>Tue, 14 Feb 2017 10:05:59 EST</pubDate> |
| 101 | + <dc:creator>Advisory Document</dc:creator> |
| 102 | + <guid isPermaLink="false">/node/2167</guid> |
| 103 | + </item> |
| 104 | + <item> |
| 105 | + <title>Hanwha Techwin Smart Security Manager</title> |
| 106 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-040-01</link> |
| 107 | + <description>This advisory contains mitigation detail for remote code execution vulnerabilities in Hanwha Techwin&#039;s Smart Security Manager.</description> |
| 108 | + <pubDate>Thu, 09 Feb 2017 10:10:36 EST</pubDate> |
| 109 | + <dc:creator>Advisory Document</dc:creator> |
| 110 | + <guid isPermaLink="false">/node/2153</guid> |
| 111 | + </item> |
| 112 | + <item> |
| 113 | + <title>Sielco Sistemi Winlog SCADA Software</title> |
| 114 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01</link> |
| 115 | + <description>This advisory contains mitigation details for an uncontrolled search path vulnerability in Sielco Sistemi&#039;s Winlog SCADA Software.</description> |
| 116 | + <pubDate>Tue, 07 Feb 2017 10:10:27 EST</pubDate> |
| 117 | + <dc:creator>Advisory Document</dc:creator> |
| 118 | + <guid isPermaLink="false">/node/2151</guid> |
| 119 | + </item> |
| 120 | + <item> |
| 121 | + <title>BD Alaris 8000 Insufficiently Protected Credentials Vulnerability</title> |
| 122 | + <link>https://ics-cert.us-cert.gov/advisories/ICSMA-17-017-01</link> |
| 123 | + <description>This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. This advisory contains mitigation details for an insufficiently protected credentials vulnerability in BD’s Alaris 8000 Point of Care unit, which provides a common user interface for programming intravenous infusions.</description> |
| 124 | + <pubDate>Tue, 07 Feb 2017 10:05:29 EST</pubDate> |
| 125 | + <dc:creator>Advisory Document</dc:creator> |
| 126 | + <guid isPermaLink="false">/node/2147</guid> |
| 127 | + </item> |
| 128 | + <item> |
| 129 | + <title>BD Alaris 8015 Insufficiently Protected Credentials Vulnerabilities</title> |
| 130 | + <link>https://ics-cert.us-cert.gov/advisories/ICSMA-17-017-02</link> |
| 131 | + <description>This advisory was originally posted to the NCCIC Portal on January 17, 2017, and is being released to the NCCIC/ICS-CERT web site. This advisory contains mitigation details for protected credentials vulnerabilities in BD’s Alaris 8015 Point of Care unit, which provides a common user interface for programming intravenous infusions.</description> |
| 132 | + <pubDate>Tue, 07 Feb 2017 10:00:17 EST</pubDate> |
| 133 | + <dc:creator>Advisory Document</dc:creator> |
| 134 | + <guid isPermaLink="false">/node/2141</guid> |
| 135 | + </item> |
| 136 | + <item> |
| 137 | + <title>Honeywell XL Web II Controller Vulnerabilities</title> |
| 138 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-033-01</link> |
| 139 | + <description>This advisory contains mitigation details for vulnerabilities in Honeywell’s XL Web II controller application.</description> |
| 140 | + <pubDate>Thu, 02 Feb 2017 10:00:34 EST</pubDate> |
| 141 | + <dc:creator>Advisory Document</dc:creator> |
| 142 | + <guid isPermaLink="false">/node/2132</guid> |
| 143 | + </item> |
| 144 | + <item> |
| 145 | + <title>BINOM3 Electric Power Quality Meter (Update A)</title> |
| 146 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A</link> |
| 147 | + <description>This updated advisory is a follow-up to the original advisory titled ICSA-17-031-01 BINOM3 Electric Power Quality Meter that was published January 31, 2017, on the NCCIC/ICS-CERT web site. This updated advisory contains mitigation details for vulnerabilities in BINOM3&#039;s electric power quality meter.</description> |
| 148 | + <pubDate>Tue, 31 Jan 2017 10:10:28 EST</pubDate> |
| 149 | + <dc:creator>Advisory Document</dc:creator> |
| 150 | + <guid isPermaLink="false">/node/2122</guid> |
| 151 | + </item> |
| 152 | + <item> |
| 153 | + <title>Ecava IntegraXor</title> |
| 154 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-031-02</link> |
| 155 | + <description>This advisory contains mitigation details for an SQL injection vulnerability in the Ecava IntegraXor web server.</description> |
| 156 | + <pubDate>Tue, 31 Jan 2017 10:05:13 EST</pubDate> |
| 157 | + <dc:creator>Advisory Document</dc:creator> |
| 158 | + <guid isPermaLink="false">/node/2126</guid> |
| 159 | + </item> |
| 160 | + <item> |
| 161 | + <title>Eaton ePDU Path Traversal Vulnerability</title> |
| 162 | + <link>https://ics-cert.us-cert.gov/advisories/ICSA-17-026-01</link> |
| 163 | + <description>This advisory contains mitigation details for a path traversal vulnerability in certain legacy Eaton ePDUs.</description> |
| 164 | + <pubDate>Thu, 26 Jan 2017 10:10:30 EST</pubDate> |
| 165 | + <dc:creator>Advisory Document</dc:creator> |
| 166 | + <guid isPermaLink="false">/node/2085</guid> |
| 167 | + </item> |
| 168 | + </channel> |
| 169 | +</rss> |
0 commit comments