Security CERT Global
- JVN: 複数のHoneywell製品における複数の脆弱性
- JVN: Chirp Systems製スマートフォンアプリ「Chirp Access」におけるハードコードされたパスワードの使用の脆弱性
- JVN: Hitachi Energy製RTU500シリーズおよびMACH SCMにおける複数の脆弱性
- ALERT Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services: CVSS (Max): 8.6
- UPDATE Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0
- FreeRDP: CVSS (Max): 7.5
- unbound: CVSS (Max): 7.5
- putty: CVSS (Max): 8.1
- nghttp2: CVSS (Max): 7.5
- Siemens RUGGEDCOM APE1808 Devices: CVSS (Max): 10.0
- Honeywell Products: CVSS (Max): 8.1
- OpenShift Virtualization 4.14.5 Images: CVSS (Max): 7.5
- Service Telemetry Framework 1.5.4: CVSS (Max): 7.5
- yajl: CVSS (Max): 6.5
- MozillaThunderbird: CVSS (Max): 7.5
- buildah: CVSS (Max): 8.6
- CryptoJS: CVSS (Max): 9.1
- Zabbix: CVSS (Max): 5.4
- buildah: CVSS (Max): 8.6
- buildah: CVSS (Max): 8.6
- Hitachi Energy MACH SCM: CVSS (Max): 7.5
- Hitachi Energy RTU500 series: CVSS (Max): 8.2
- ALERT Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0
- nrpe: CVSS (Max): None
- UPDATE ALERT Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services: CVSS (Max): 8.6
- cockpit-wicked: CVSS (Max): 5.3
- FreeRDP: CVSS (Max): 9.8
- cockpit-wicked: CVSS (Max): 5.3
- libreswan: CVSS (Max): 5.0
- SUSE Manager Client Tools and Salt: CVSS (Max): 8.5
- tigervnc: CVSS (Max): 7.8
- Linux Kernel (Live Patch 23 for SLE 15 SP4): CVSS (Max): 7.8
- Linux Kernel (Live Patch 19 for SLE 15 SP4): CVSS (Max): 7.8
- Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0
- tigervnc: CVSS (Max): 7.8
- IBM WebSphere Application Server and IBM WebSphere Application Server Liberty: CVSS (Max): 5.9
- Cortex XDR: CVSS (Max): None
- tigervnc: CVSS (Max): 7.8
- SUSE Manager Client Tools: CVSS (Max): 5.4
- python-idna: CVSS (Max): 6.5
- tigervnc: CVSS (Max): 7.8
- tigervnc: CVSS (Max): 7.8
- opencryptoki: CVSS (Max): 5.9
- golang: CVSS (Max): 7.5
- less: CVSS (Max): 7.0
- grub2: CVSS (Max): 8.2
- postgresql-jdbc: CVSS (Max): 9.8
- linux-firmware: CVSS (Max): 5.6
- gnutls: CVSS (Max): 5.3
- thunderbird: CVSS (Max): 7.5
SEC Asset Discovery: Automated Asset Discovery in Industrial Control Systems – Exploring the Problem
..Vulnerabilities within Industrial Control Systems (ICS) and Critical National Infrastructure (CNI) represent a significant safety, ecological and economical risk to owners, operators and nation states. Numerous examples from recent years are available to demonstrate that these vulnerabilities are being exploited by threat actors…
http://ewic.bcs.org/upload/pdf/ewic_icscsr2015_paper8.pdf
Tags: Automated Asset Discovery,CNI,Critical National Infrastructure,ICS,ICS Asset Discovery,Industrial Control Systems,