Select your country/region in the menu or by clicking on the world map *
Country Selector Alternate Image
Support
               
               
               

              Vulnerabilities

               
               
              Date (dd/mm/yyyy) Product Description Products and versions affected Links to Information
              30/10/2014 APC Products
              Shellshock - Bash Utility Vulnerability Multiple Products FA234833 
              16/09/2014 Modicon PLC Ethernet Comm Modules
              Authentication Bypass on Web Server Many products affected - see disclosure for more details SEVD-2014-260-01 
              04/09/2014 VAMPSET Software
              Software halt VAMPSET V2.2.136 and previous SEVD 2014-247-01 
              29/08/2014 SCADA Expert ClearSCADA
              Weak Self-signed Certificate SCADA Expert ClearSCADA, all versions prior to September 2014 (see disclosure for details) SEVD 2014-241-02 
              29/08/2014 SCADA Expert ClearSCADA
              Multiple Vulnerabilities SCADA Expert ClearSCADA, all versions prior to September 2014 (see disclosure for details) SEVD 2014-241-01A 
              18/08/2014 Wonderware Information Server
              Multiple Vulnerabilities Winderware Information Server, V5.5 and all versions prior (see disclosure for details) LFSEC00000102 
              30/04/2014 See disclosure
              HeartBleed - OpenSSL Heartbeat vulnerability See disclosure SEVD 2014-119-01 
              25/03/2014 OPC Factory Server
              Buffer Overflow OFS v3.5 and previous SEVD 2014-084-01 
              31/01/2014 OPC Factory Server
              Buffer Overflow in C++ Sample Code OPC Factory Server V3.35 and previous SEVD 2014-031-01 
              24/01/2014 SCADA Expert Vijeo Citect
              Vijeo Citect
              CitectSCADA
              PowerSCADA Expert
              PowerLogic SCADA
              Unhandled Exception
              • StruxureWare SCADA Expert Vijeo Citect v7.40
              • Vijeo Citect v7.20 to v7.30SP1
              • CitectSCADA v7.20 to v7.30SP1
              • StruxureWare PowerSCADA Expert v7.30 to v7.30SR1
              • PowerLogic SCADA v7.20 to v7.20SR1
              SEVD 2014-024-02 
              24/01/2014 SCADA Expert ClearSCADA
              File Parsing
              • ClearSCADA 2010 R3.1 or previous
              • SCADA Expert ClearSCADA R2 or previous
              SEVD 2014-024-01 
              15/01/2014 Floating License Manager
              Unquoted Service Path Versions 1.0.0 to 1.4.0 SEVD 2014-015-01 
              30/12/2013 Sage 3030 RTU
              Improper DNP3 Input Validation
              • SAGE 3030 C3413-500-001D3_P4
              • SAGE 3030 C3413-500-001F0_PB
              SEVD 2013-364-01 
              18/12/2013 Accutech Manager Configuration Software
              SQL Injection All versions prior to 2.00.4 SEVD 2013-352-01 
              11/12/2013 SCADAPack 33x, 35x
              VxWorks Debug Port
              • SCADAPack 33x V1.71 or previous
              • SCADAPack 35x V1.71 or previous
              SEVD 2013-345-01 
              10/12/2013 SUI Software
              Buffer Overflow
              • SUI V1.1 RC6
              • SUI V1.1 RC7
              SEVD 2013-344-01 
              05/12/2013 SCADA Expert ClearSCADA Software
              DNP3 Driver Fuzzing Vulnerability
              • ClearSCADA 2010 - see disclosure
              • SCADA Expert ClearSCADA 2013 - see disclosure
              SEVD 2013-339-01 
              13/09/2013 StruxureWare SCADA
              Expert ClearSCADA Software
              Incorrect Handling of Web Requests
              • SCADA Expert ClearSCADA 2013 R1
              • SCADA Expert ClearSCADA 2013 R1.1
              • SCADA Expert ClearSCADA 2013 R1.1a
              SEVD 2013-213-01 
              23/08/2013 OPC Factory Server (OFS) XML External Entity OFS v3.40 and all previous versions SEVD 2013-235-01 
              08/08/2013 Trio Radio AES Encryption Key Generation Trio J Series License Free Ethernet Radio V3.6.0, V3.6.1, V3.6.2 and V3.6.3 SEVD-2013-143-01 
              31/07/2013 Many - see disclosure Default Passwords Many - see disclosure SEVD 2013-212-01 
              16/07/2013 Vijeo Citect
              Citect SCADA
              Power Logic SCADA
              XML External Entity
              • Vijeo Citect v7.2 and previous
              • Citect SCADA v7.2 and previous
              • PowerLogic SCADA v7.2 and previous
              SEVD 2013-197-01 
              06/06/2013 See disclosure Microsoft Common Controls See disclosure SEVD 2013-157-01 
              11/04/2013 Citect SCADA
              Citect Facilities
              Buffer Overflow affecting Mitsubishi MX Component v3 Trial provided on Distribution Disk
              • Citect SCADA v7.0
              • Citect Facilities v7.1
              SEVD-2013-101-01 
              08/04/2013 MiCOM S1 Studio Software Read/Write access to executables in the Program Files directory MiCOM S1 Studio Software, all versions
              11/03/2013 Modbus Serial Driver Buffer Overflow
              • TwidoSuite,
              • PowerSuite,
              • SoMove,
              • SoMachine,
              • Unity Pro,
              • Unity Loader,
              • OFS,
              • PL7,
              • Concept
              25/02/2013 TAC I/A G3 Series SW Directory Traversal TAC I/A G3 ver. 3.5 and 3.6
              23/01/2013 Quantum,
              Premium,
              M340 PLC Communication Modules
              Multiple vulnerabilities See SEVD 2013-023-01 for affected products
              21/01/2013 Accutech Manager Software Tool Heap Overflow Accutech Manager SW v2.00.1 and older
              17/01/2013 PacDrive M,
              LMC 10/20,
              BLC3,
              BLM3,
              BLS,
              TLM,
              TLC,
              TLCC,
              ATV-CI,
              SMC,
              Altivar ATV-IC
              Unauthorized Access to User Functions See SEVD 2013-017-01 for affected products
              10/01/2013 IGSS Buffer Overflow
              • IGSS V9
              • IGSS V10
              09/01/2013 Schneider Electric Software Update (SESU) Utility Non-signed client/server communication
              • IDS
              • PowerSuite
              • Smart Widget
              • SoMachine
              • Spacial.pro
              • Unity Pro
              • Vijeo Designer
              • Web Gate Client Files
              06/12/2012 EzyLog Monitor Multiple Vulnerabilities EzyLog Monitor, P/N PVSNVLOG all versions
              17/09/2012 NMC Device IP Wizard
              Netbotz Advanced View
              PowerChute Network Shutdown
              PowerChute Business Edition
              StruxureWare Data Center Expert
              StruxureWare Operations
              Java Vulnerability
              • NMC Device IP Wizard (Java Ver 7)
              • Netbotz Advanced View (Java Ver 6)
              • PowerChute Network Shutdown (Java Ver 6)
              • PowerChute Business Edition (Java Ver 6)
              • StruxureWare Data Center Expert (Java Ver 6)
              • StruxureWare Operations (Java Ver 6)
               FA162073 (pdf file, 152Kb)
              17/08/2012 TAC I/A Series G3 Software Multiple vulnerabilities All current versions of TAC I/A Series G3 Software
              17/02/2012 AQUIS DLL Hijacking AQUIS V1.5 and any previous version
               AQUIS Patch (exe file, 163Mb)
              17/02/2012 TERMIS DLL Hijacking TERMIS V2.10 and any previous version
              TERMIS Patch (exe file, 175Mb)
              16/02/2012 Quantum PLC Metasploit tools to exploit HTTP user/PW information All RES207443 
              16/01/2012 IGSS IGSS DLL Hijacking All versions prior to V9.0.0.11291 IGSS v9 Program Updates (zip, 25Mb)
              12/01/2012 Quantum PLC
              Premium PLC
              M340 PLC
              Advantys STB DIO
              Multiple vulnerabilities See Resolution 206895 RES206895 
              12/01/2012 Quantum PLC
              Premium PLC
              Multiple vulnerabilities See Resolutions 207378 and 297906 RES207378 and RES297906 
              21/12/2011 IGSS IGSS Buffer Overflow v9.0.0.11355 and previous IGSS v9 Program Updates (zip, 25Mb)
              20/12/2011 IGSS Data Server Denial of Service and Buffer Overflow v9.0.0.11200 and previous IGSS v9 Program Updates (zip, 25Mb)
              12/12/2011 ION Power Meters and ION Setup SW Remote factory-level access
              • ION 7500/7600/8300/
                8400/8500 all versions
              • ION 7550/7650 prior to v371
              • ION 8600 prior to v335
              • ION 8650 prior to v403
              • ION 8800 prior to v340
              • ION Setup SW prior to v3.0
              ION Meter Information
              ION 7550 Patch
              ION 7650 Patch
              ION 8600 Patch
              ION 8650 Patch
              ION 8800 Patch
              ION Setup SW
              11/12/2011 IGSS and Safenet Sentinel HASP Input sanitization
              • HASP SDK prior to v5.11
              • HASP run-time prior to v6.x
              • IGSS V7
              Sentinel updates 
              07/12/2011 PowerChute Cross-site Scripting (XSS) PowerChute Business Edition (prior to v8.5) PowerChute Information
              28/11/2011 Vijeo Historian
              Citect Historian
              Citect SCADA Reports
              Web Server multiple vulnerabilities
              • Vijeo Historian v4.3 and previous
              • Citect Historian v4.3 and previous
              • Citect SCADA Reports v4.1 and previous
              Citect Information and Patch 
              08/11/2011 Citect SCADA and Mitsubishi MX4 SCADA Batch Server Buffer overflow
              • CitectSCADA V7.10 and prior using the CitectSCADA Batch Server module
              • Mitsubishi MX4 SCADA V7.10 and prior using the MX4 SCADA Batch module
              Citect Information 
              20/10/2011 Unity Pro
              OPC Factory Server
              Vijeo Citect
              Telemecanique Driver Pack Monitor Pro
              PL7 Pro
              Unitelway Device Driver Buffer Overflow
              • Unity Pro v6 and previous
              • OPC Factory Server v3.34 and previous
              • Vijeo Citect v7.2 and previous
              • Telemecanique Driver Pack v2.6 and previous
              • Monitor Pro v7.6 and previous
              • PL7 Pro v4.5 and previous
              OFS Information and Patch 
              25/08/2011 ClearSCADA
              SCX6
              Remote Authentication Bypass
              • ClearSCADA 2010 R1.0
              • ClearSCADA 2009
              • ClearSCADA 2007
              • ClearSCADA 2005
              • SCX Version 6.69 R1 and earlier
              • SCX Version 6.68 and earlier
              • SCX Version 6.67 and earlier
              ClearSCADA and SCX6 Information and Patch 
              08/07/2011 IGSS ODBC Remote Memory Corruption IGSS prior to ver 9.11143 IGSS v9 Program Updates (zip, 25Mb)
              06/06/2011 IGSS IGSS Denial of Service Prior to v7.10033 IGSS v7 Program Updates (zip, 10Mb)
              06/06/2011 IGSS IGSS Denial of Service Prior to v8.11102 IGSS v8 program updates (zip, 18Mb)
              06/06/2011 IGSS IGSS Denial of Service Prior to v9.11143 IGSS v9 Program Updates (zip, 25Mb)
              06/05/2011 IGSS Multiple vulnerabilities Prior to ver 9.0.0.11083
              IGSS v9 Program Updates (zip, 25Mb)
              29/04/2011 IGSS Remote stack overflow IGSS ver. 9 and all previous versions IGSS Program Updates 
              21/03/2011 IGSS Multiple vulnerabilities IGSS ver 9.00.00.1 and previous IGSS Program Updates 
              16/02/2011 ClearSCADA Multiple Vulnerabilities
              • ClearSCADA 2005 (all versions)
              • ClearSCADA 2007 (all versions)
              • ClearSCADA 2009 (all versions)
              ClearSCADA Information and Patch 
              08/02/2011 IGSS ODBC Server Remote Heap Corruption IGSS vers. 8 & 9 IGSS Program Updates 
                
               
              To know more

              To know more 

              Watch our video

              Watch our video
               

              Download our white paper

               

              Product security information