Browse all 93 CVE security advisories affecting ICS-CERT. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ICS-CERT, now known as the Cybersecurity and Infrastructure Security Agency’s Industrial Control Systems Cybersecurity Center, serves as the primary federal entity for coordinating defense against cyber threats targeting critical infrastructure. Its core mission involves monitoring, analyzing, and responding to vulnerabilities within industrial control systems used in energy, water, and transportation sectors. Historically, disclosed vulnerabilities in associated software and hardware frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from legacy protocols lacking modern encryption or authentication. While the agency itself is a defensive body rather than a commercial product with CVEs, the systems it protects have faced significant incidents like Stuxnet and Triton, highlighting risks of physical process disruption. The current record of 93 CVEs reflects ongoing efforts to patch legacy vulnerabilities in widely deployed SCADA and PLC environments, emphasizing the critical need for network segmentation and continuous monitoring to prevent operational downtime or safety hazards in essential services.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-17937 | gpsd和microjson 缓冲区错误漏洞 — gpsd and microjson (Open Source Project)CWE-121 | 8.8 | - | 2019-03-13 |
| CVE-2019-6565 | 多款Moxa产品跨站脚本漏洞 — Moxa IKS, EDSCWE-79 | 6.1 | - | 2019-03-05 |
| CVE-2019-6528 | 多款PSI GridConnect GmbH产品跨站脚本漏洞 — PSI GridConnect GmbH (formerly known as PSI Nentec GmbH) Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy.CWE-79 | 8.1 | - | 2019-03-05 |
| CVE-2019-6524 | 多款Moxa产品授权问题漏洞 — Moxa IKS, EDSCWE-307 | 9.8 | - | 2019-03-05 |
| CVE-2019-6522 | 多款Moxa产品缓冲区错误漏洞 — Moxa IKS, EDSCWE-125 | 9.1 | - | 2019-03-05 |
| CVE-2019-6520 | 多款 Moxa 产品安全漏洞 — Moxa IKS, EDSCWE-284 | 6.5 | - | 2019-03-05 |
| CVE-2019-6557 | 多款Moxa产品缓冲区错误漏洞 — Moxa IKS, EDSCWE-120 | 9.8 | - | 2019-03-05 |
| CVE-2019-6559 | 多款Moxa产品资源管理错误漏洞 — Moxa IKS, EDSCWE-400 | 6.5 | - | 2019-03-05 |
| CVE-2019-6561 | 多款Moxa产品跨站请求伪造漏洞 — Moxa IKS, EDSCWE-352 | 8.8 | - | 2019-03-05 |
| CVE-2019-6518 | 多款Moxa产品信息泄露漏洞 — Moxa IKS, EDSCWE-256 | 7.5 | - | 2019-03-05 |
| CVE-2019-6563 | 多款Moxa产品信息泄露漏洞 — Moxa IKS, EDSCWE-341 | 9.8 | - | 2019-03-05 |
| CVE-2019-6551 | Pangea Communications Internet FAX ATA 授权问题漏洞 — Pangea Communications Internet FAX ATACWE-288 | 7.5 | - | 2019-02-28 |
| CVE-2019-6547 | Delta Electronics Delta Industrial Automation CNCSoft ScreenEditor 缓冲区错误漏洞 — Delta Industrial Automation CNCSoftCWE-125 | 6.5 | - | 2019-02-28 |
| CVE-2019-6555 | Horner Automation Cscape 输入验证错误漏洞 — CscapeCWE-20 | 7.8 | - | 2019-02-28 |
| CVE-2018-19008 | ABB CP400PB TextEditor 输入验证错误漏洞 — ABB CP400 Panel Builder TextEditor 2.0CWE-20 | 7.8 | - | 2019-02-13 |
| CVE-2019-6545 | AVEVA InTouch Edge HMI 安全漏洞 — AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 UpdateCWE-99 | 9.1 | - | 2019-02-13 |
| CVE-2019-6543 | AVEVA Group plc InduSoft Web Studio和InTouch Edge HMI 访问控制错误漏洞 — AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 UpdateCWE-306 | 8.4 | - | 2019-02-13 |
| CVE-2019-6537 | WECON Technologies LeviStudioU 缓冲区错误漏洞 — WECON LeviStudioUCWE-121 | 7.8 | - | 2019-02-13 |
| CVE-2019-6539 | WECON Technologies LeviStudioU 缓冲区错误漏洞 — WECON LeviStudioUCWE-122 | 7.8 | - | 2019-02-13 |
| CVE-2019-6541 | WECON Technologies LeviStudioU 缓冲区错误漏洞 — WECON LeviStudioUCWE-119 | 7.8 | - | 2019-02-13 |
| CVE-2018-19018 | Omron CX-Supervisor 缓冲区错误漏洞 — CX-SupervisorCWE-824 | 7.8 | - | 2019-02-12 |
| CVE-2018-19020 | Omron CX-Supervisor 缓冲区错误漏洞 — CX-SupervisorCWE-125 | 2.8 | - | 2019-02-12 |
| CVE-2019-6549 | Kunbus PR100088 Modbus 信任管理问题漏洞 — PR100088 Modbus gatewayCWE-312 | 6.5 | - | 2019-02-12 |
| CVE-2019-6533 | Kunbus PR100088 Modbus 安全漏洞 — PR100088 Modbus gatewayCWE-306 | 9.1 | - | 2019-02-12 |
| CVE-2019-6527 | Kunbus PR100088 Modbus 授权问题漏洞 — PR100088 Modbus gatewayCWE-287 | 9.8 | - | 2019-02-12 |
| CVE-2019-6517 | BD FACSLyric 安全漏洞 — BD FACSLyricCWE-284 | 8.4 | - | 2019-02-06 |
| CVE-2018-18996 | LCDS LAquis SCADA 安全漏洞 — LCDS Laquis SCADACWE-74 | 9.8 | - | 2019-02-05 |
| CVE-2018-19000 | LCDS LAquis SCADA 授权问题漏洞 — LCDS Laquis SCADACWE-288 | 7.5 | - | 2019-02-05 |
| CVE-2018-18998 | LCDS LAquis SCADA 信任管理问题漏洞 — LCDS Laquis SCADACWE-798 | 9.8 | - | 2019-02-05 |
| CVE-2018-18992 | LCDS LAquis SCADA 注入漏洞 — LCDS Laquis SCADACWE-74 | 9.8 | - | 2019-02-05 |
This page lists every published CVE security advisory associated with ICS-CERT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.