Tag: ICS

security advisory

[ICS] BINOM3 Electric Power Quality Meter – Multiple Vulnerabilities

Hacking Binom3 Electric Power Quality Meters

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A

security advisory

[ICS] ELNet Energy meter & Electrical powermeter – multiple vulnerabilities

ELNet Energy meter & Electrical Powermeter vulnerabilities – another case of poor software security practices.

security advisory

[ICS] Multiple vulnerabilities – Powerlogic/Schneider Electric IONXXXX series Smart Meters

Multiple security issues in Powerlogic/Schneider Electric IONXXXX series power meters

The following IONXXXX series power meter versions are affected:
ION73XX series,
ION75XX series,
ION76XX series,
ION8650 series,
ION8800 series, and
PM5XXX series.

security advisory

mySCADAPro v7 Local Privilege Escalation

mySCADAPro v7 Local Privilege Escalation

Reporting a vulnerability in mySCADAPro version 7 (current version).

Vendor: mySCADA Technologies s.r.o.
Product web page: https://www.myscada.org/
Affected application: myscadaPro
Affected version: v7 (Current version)

security advisory

[ICS] ICS-ALERT-16-182-01 published – Sierra Wireless Raven XE & XT vulnerabilities

Couple of days back, I posted multiple vulnerabilities in Sierra Wireless Raven XE & XT devices on Full Disclosure list, and here:

http://ipositivesecurity.com/2016/06/25/ics-sierra-wireless-airlink-raven-xe-industrial-3g-gateway-multiple-vulnerabilities/

ICS-CERT team confirmed yesterday they have released an alert on this report as well now:
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-16-182-01

security advisory

[ICS] Papouch TME Temperature & Humidity Thermometers – Multiple Vulnerabilities

[ICS] Papouch TME Temperature & Humidity Thermometers – Multiple Vulnerabilities

Vulnerable Products
1. Papouch TME Ethernet thermometer
2. Papouch TME multi: Temperature and humidity via Ethernet

All versions are affected.

security advisory

[ICS] Meteocontrol WEB’log Multiple Vulnerabilities

[ICS] Meteocontrol WEB’log Multiple Vulnerabilities

About MeteoControl WEB’log
Meteocontrol is a Germany-based company that maintains offices in several countries around the world, including the US, China, Italy, Spain, France, Switzerland, and Israel.

The affected products, WEB’log, are web-based SCADA systems that provide functions to manage energy and power configurations in different connected (energy/industrial) devices.

Read on.