Select your country/region in the menu or by clicking on the world map *
Country Selector Alternate Image
Support
                 
                 
                 

                Vulnerabilities

                 
                 
                Date (dd/mm/yyyy) Product Description Products and versions affected Links to Information
                30/10/2014 APC Products
                Shellshock - Bash Utility Vulnerability Multiple Products FA234833 
                16/09/2014 Modicon PLC Ethernet Comm Modules
                Authentication Bypass on Web Server Many products affected - see disclosure for more details SEVD-2014-260-01 
                04/09/2014 VAMPSET Software
                Software halt VAMPSET V2.2.136 and previous SEVD 2014-247-01 
                29/08/2014 SCADA Expert ClearSCADA
                Weak Self-signed Certificate SCADA Expert ClearSCADA, all versions prior to September 2014 (see disclosure for details) SEVD 2014-241-02 
                29/08/2014 SCADA Expert ClearSCADA
                Multiple Vulnerabilities SCADA Expert ClearSCADA, all versions prior to September 2014 (see disclosure for details) SEVD 2014-241-01A 
                18/08/2014 Wonderware Information Server
                Multiple Vulnerabilities Winderware Information Server, V5.5 and all versions prior (see disclosure for details) LFSEC00000102 
                30/04/2014 See disclosure
                HeartBleed - OpenSSL Heartbeat vulnerability See disclosure SEVD 2014-119-01 
                25/03/2014 OPC Factory Server
                Buffer Overflow OFS v3.5 and previous SEVD 2014-084-01 
                31/01/2014 OPC Factory Server
                Buffer Overflow in C++ Sample Code OPC Factory Server V3.35 and previous SEVD 2014-031-01 
                24/01/2014 SCADA Expert Vijeo Citect
                Vijeo Citect
                CitectSCADA
                PowerSCADA Expert
                PowerLogic SCADA
                Unhandled Exception
                • StruxureWare SCADA Expert Vijeo Citect v7.40
                • Vijeo Citect v7.20 to v7.30SP1
                • CitectSCADA v7.20 to v7.30SP1
                • StruxureWare PowerSCADA Expert v7.30 to v7.30SR1
                • PowerLogic SCADA v7.20 to v7.20SR1
                SEVD 2014-024-02 
                24/01/2014 SCADA Expert ClearSCADA
                File Parsing
                • ClearSCADA 2010 R3.1 or previous
                • SCADA Expert ClearSCADA R2 or previous
                SEVD 2014-024-01 
                15/01/2014 Floating License Manager
                Unquoted Service Path Versions 1.0.0 to 1.4.0 SEVD 2014-015-01 
                30/12/2013 Sage 3030 RTU
                Improper DNP3 Input Validation
                • SAGE 3030 C3413-500-001D3_P4
                • SAGE 3030 C3413-500-001F0_PB
                SEVD 2013-364-01 
                18/12/2013 Accutech Manager Configuration Software
                SQL Injection All versions prior to 2.00.4 SEVD 2013-352-01 
                11/12/2013 SCADAPack 33x, 35x
                VxWorks Debug Port
                • SCADAPack 33x V1.71 or previous
                • SCADAPack 35x V1.71 or previous
                SEVD 2013-345-01 
                10/12/2013 SUI Software
                Buffer Overflow
                • SUI V1.1 RC6
                • SUI V1.1 RC7
                SEVD 2013-344-01 
                05/12/2013 SCADA Expert ClearSCADA Software
                DNP3 Driver Fuzzing Vulnerability
                • ClearSCADA 2010 - see disclosure
                • SCADA Expert ClearSCADA 2013 - see disclosure
                SEVD 2013-339-01 
                13/09/2013 StruxureWare SCADA
                Expert ClearSCADA Software
                Incorrect Handling of Web Requests
                • SCADA Expert ClearSCADA 2013 R1
                • SCADA Expert ClearSCADA 2013 R1.1
                • SCADA Expert ClearSCADA 2013 R1.1a
                SEVD 2013-213-01 
                23/08/2013 OPC Factory Server (OFS) XML External Entity OFS v3.40 and all previous versions SEVD 2013-235-01 
                08/08/2013 Trio Radio AES Encryption Key Generation Trio J Series License Free Ethernet Radio V3.6.0, V3.6.1, V3.6.2 and V3.6.3 SEVD-2013-143-01 
                31/07/2013 Many - see disclosure Default Passwords Many - see disclosure SEVD 2013-212-01 
                16/07/2013 Vijeo Citect
                Citect SCADA
                Power Logic SCADA
                XML External Entity
                • Vijeo Citect v7.2 and previous
                • Citect SCADA v7.2 and previous
                • PowerLogic SCADA v7.2 and previous
                SEVD 2013-197-01 
                06/06/2013 See disclosure Microsoft Common Controls See disclosure SEVD 2013-157-01 
                11/04/2013 Citect SCADA
                Citect Facilities
                Buffer Overflow affecting Mitsubishi MX Component v3 Trial provided on Distribution Disk
                • Citect SCADA v7.0
                • Citect Facilities v7.1
                SEVD-2013-101-01 
                08/04/2013 MiCOM S1 Studio Software Read/Write access to executables in the Program Files directory MiCOM S1 Studio Software, all versions
                11/03/2013 Modbus Serial Driver Buffer Overflow
                • TwidoSuite,
                • PowerSuite,
                • SoMove,
                • SoMachine,
                • Unity Pro,
                • Unity Loader,
                • OFS,
                • PL7,
                • Concept
                25/02/2013 TAC I/A G3 Series SW Directory Traversal TAC I/A G3 ver. 3.5 and 3.6
                23/01/2013 Quantum,
                Premium,
                M340 PLC Communication Modules
                Multiple vulnerabilities See SEVD 2013-023-01 for affected products
                21/01/2013 Accutech Manager Software Tool Heap Overflow Accutech Manager SW v2.00.1 and older
                17/01/2013 PacDrive M,
                LMC 10/20,
                BLC3,
                BLM3,
                BLS,
                TLM,
                TLC,
                TLCC,
                ATV-CI,
                SMC,
                Altivar ATV-IC
                Unauthorized Access to User Functions See SEVD 2013-017-01 for affected products
                10/01/2013 IGSS Buffer Overflow
                • IGSS V9
                • IGSS V10
                09/01/2013 Schneider Electric Software Update (SESU) Utility Non-signed client/server communication
                • IDS
                • PowerSuite
                • Smart Widget
                • SoMachine
                • Spacial.pro
                • Unity Pro
                • Vijeo Designer
                • Web Gate Client Files
                06/12/2012 EzyLog Monitor Multiple Vulnerabilities EzyLog Monitor, P/N PVSNVLOG all versions
                17/09/2012 NMC Device IP Wizard
                Netbotz Advanced View
                PowerChute Network Shutdown
                PowerChute Business Edition
                StruxureWare Data Center Expert
                StruxureWare Operations
                Java Vulnerability
                • NMC Device IP Wizard (Java Ver 7)
                • Netbotz Advanced View (Java Ver 6)
                • PowerChute Network Shutdown (Java Ver 6)
                • PowerChute Business Edition (Java Ver 6)
                • StruxureWare Data Center Expert (Java Ver 6)
                • StruxureWare Operations (Java Ver 6)
                 FA162073 (pdf file, 152Kb)
                17/08/2012 TAC I/A Series G3 Software Multiple vulnerabilities All current versions of TAC I/A Series G3 Software
                17/02/2012 AQUIS DLL Hijacking AQUIS V1.5 and any previous version
                 AQUIS Patch (exe file, 163Mb)
                17/02/2012 TERMIS DLL Hijacking TERMIS V2.10 and any previous version
                TERMIS Patch (exe file, 175Mb)
                16/02/2012 Quantum PLC Metasploit tools to exploit HTTP user/PW information All RES207443 
                16/01/2012 IGSS IGSS DLL Hijacking All versions prior to V9.0.0.11291 IGSS v9 Program Updates (zip, 25Mb)
                12/01/2012 Quantum PLC
                Premium PLC
                M340 PLC
                Advantys STB DIO
                Multiple vulnerabilities See Resolution 206895 RES206895 
                12/01/2012 Quantum PLC
                Premium PLC
                Multiple vulnerabilities See Resolutions 207378 and 297906 RES207378 and RES297906 
                21/12/2011 IGSS IGSS Buffer Overflow v9.0.0.11355 and previous IGSS v9 Program Updates (zip, 25Mb)
                20/12/2011 IGSS Data Server Denial of Service and Buffer Overflow v9.0.0.11200 and previous IGSS v9 Program Updates (zip, 25Mb)
                12/12/2011 ION Power Meters and ION Setup SW Remote factory-level access
                • ION 7500/7600/8300/
                  8400/8500 all versions
                • ION 7550/7650 prior to v371
                • ION 8600 prior to v335
                • ION 8650 prior to v403
                • ION 8800 prior to v340
                • ION Setup SW prior to v3.0
                ION Meter Information
                ION 7550 Patch
                ION 7650 Patch
                ION 8600 Patch
                ION 8650 Patch
                ION 8800 Patch
                ION Setup SW
                11/12/2011 IGSS and Safenet Sentinel HASP Input sanitization
                • HASP SDK prior to v5.11
                • HASP run-time prior to v6.x
                • IGSS V7
                Sentinel updates 
                07/12/2011 PowerChute Cross-site Scripting (XSS) PowerChute Business Edition (prior to v8.5) PowerChute Information
                28/11/2011 Vijeo Historian
                Citect Historian
                Citect SCADA Reports
                Web Server multiple vulnerabilities
                • Vijeo Historian v4.3 and previous
                • Citect Historian v4.3 and previous
                • Citect SCADA Reports v4.1 and previous
                Citect Information and Patch 
                08/11/2011 Citect SCADA and Mitsubishi MX4 SCADA Batch Server Buffer overflow
                • CitectSCADA V7.10 and prior using the CitectSCADA Batch Server module
                • Mitsubishi MX4 SCADA V7.10 and prior using the MX4 SCADA Batch module
                Citect Information 
                20/10/2011 Unity Pro
                OPC Factory Server
                Vijeo Citect
                Telemecanique Driver Pack Monitor Pro
                PL7 Pro
                Unitelway Device Driver Buffer Overflow
                • Unity Pro v6 and previous
                • OPC Factory Server v3.34 and previous
                • Vijeo Citect v7.2 and previous
                • Telemecanique Driver Pack v2.6 and previous
                • Monitor Pro v7.6 and previous
                • PL7 Pro v4.5 and previous
                OFS Information and Patch 
                25/08/2011 ClearSCADA
                SCX6
                Remote Authentication Bypass
                • ClearSCADA 2010 R1.0
                • ClearSCADA 2009
                • ClearSCADA 2007
                • ClearSCADA 2005
                • SCX Version 6.69 R1 and earlier
                • SCX Version 6.68 and earlier
                • SCX Version 6.67 and earlier
                ClearSCADA and SCX6 Information and Patch 
                08/07/2011 IGSS ODBC Remote Memory Corruption IGSS prior to ver 9.11143 IGSS v9 Program Updates (zip, 25Mb)
                06/06/2011 IGSS IGSS Denial of Service Prior to v7.10033 IGSS v7 Program Updates (zip, 10Mb)
                06/06/2011 IGSS IGSS Denial of Service Prior to v8.11102 IGSS v8 program updates (zip, 18Mb)
                06/06/2011 IGSS IGSS Denial of Service Prior to v9.11143 IGSS v9 Program Updates (zip, 25Mb)
                06/05/2011 IGSS Multiple vulnerabilities Prior to ver 9.0.0.11083
                IGSS v9 Program Updates (zip, 25Mb)
                29/04/2011 IGSS Remote stack overflow IGSS ver. 9 and all previous versions IGSS Program Updates 
                21/03/2011 IGSS Multiple vulnerabilities IGSS ver 9.00.00.1 and previous IGSS Program Updates 
                16/02/2011 ClearSCADA Multiple Vulnerabilities
                • ClearSCADA 2005 (all versions)
                • ClearSCADA 2007 (all versions)
                • ClearSCADA 2009 (all versions)
                ClearSCADA Information and Patch 
                08/02/2011 IGSS ODBC Server Remote Heap Corruption IGSS vers. 8 & 9 IGSS Program Updates 
                  
                 
                To know more

                To know more 

                Watch our video

                Watch our video
                 

                Download our white paper

                 

                Product security information