Tag: Weak Credential Management

security advisory

[ICS] Carlo Gavazzi VMUC-EM Energy Meter – Multiple Vulnerabilities

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-012-03

CVE-IDs
CVE-2017-5144
CVE-2017-5145
CVE-2017-5146

security advisory

[ICS] BINOM3 Electric Power Quality Meter – Multiple Vulnerabilities

Hacking Binom3 Electric Power Quality Meters

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A

security advisory

[ICS] ELNet Energy meter & Electrical powermeter – multiple vulnerabilities

ELNet Energy meter & Electrical Powermeter vulnerabilities – another case of poor software security practices.

security advisory

[ICS] Multiple vulnerabilities – Powerlogic/Schneider Electric IONXXXX series Smart Meters

Multiple security issues in Powerlogic/Schneider Electric IONXXXX series power meters

The following IONXXXX series power meter versions are affected:
ION73XX series,
ION75XX series,
ION76XX series,
ION8650 series,
ION8800 series, and
PM5XXX series.

security advisory

RS232-NET Converter (model JTC-200) – Multiple vulnerabilities

Exploiting RS232-NET Converter (model JTC-200)

Seen deployed in:
CHTD, Chunghwa Telecom Co., Ltd. (Taiwan)
HiNet (Taiwan & China)
PT Comunicacoes (Portugal)
Sony Network Taiwan Limited (Taiwan)
Vodafone Portugal (Portugal)

security advisory

[ICS] Sierra Wireless AirLink Raven XE Industrial 3G Gateway – Multiple Vulnerabilities

Multiple vulnerabilities in Sierra Wireless AirLink Raven XE Industrial 3G Gateway

About
http://www.sierrawireless.com/products-and-solutions/gateway-solutions/raven-series/

The Sierra Wireless Raven XE and XT wireless gateways are used in the following industries and applications: utilities, manufacturing, automation, oil and gas, Ethernet-based SCADA, and telemetry.

security advisory

EdgeCore – ES3526XA Manager – Multiple Vulnerabilities

EdgeCore – Layer2+ Fast Ethernet Standalone Switch ES3526XA Manager – Multiple Vulnerabilities

Also rebranded as: SMC TigerSwitch 10/100 SMC6128L2 Manager

security advisory

[ICS] Papouch TME Temperature & Humidity Thermometers – Multiple Vulnerabilities

[ICS] Papouch TME Temperature & Humidity Thermometers – Multiple Vulnerabilities

Vulnerable Products
1. Papouch TME Ethernet thermometer
2. Papouch TME multi: Temperature and humidity via Ethernet

All versions are affected.

security advisory

HP StoreEver MSL6480 Tape Library v4.10 – Multiple Vulnerabilities

While on a pentest, I found multiple vulnerabilities in HP StoreEver MSL6480 Tape Library v4.10.

Read on.

security advisory

[ICS] Meteocontrol WEB’log Multiple Vulnerabilities

[ICS] Meteocontrol WEB’log Multiple Vulnerabilities

About MeteoControl WEB’log
Meteocontrol is a Germany-based company that maintains offices in several countries around the world, including the US, China, Italy, Spain, France, Switzerland, and Israel.

The affected products, WEB’log, are web-based SCADA systems that provide functions to manage energy and power configurations in different connected (energy/industrial) devices.

Read on.