Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ICS-CERT — Vulnerabilities & Security Advisories 93

Browse all 93 CVE security advisories affecting ICS-CERT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ICS-CERT, now known as the Cybersecurity and Infrastructure Security Agency’s Industrial Control Systems Cybersecurity Center, serves as the primary federal entity for coordinating defense against cyber threats targeting critical infrastructure. Its core mission involves monitoring, analyzing, and responding to vulnerabilities within industrial control systems used in energy, water, and transportation sectors. Historically, disclosed vulnerabilities in associated software and hardware frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from legacy protocols lacking modern encryption or authentication. While the agency itself is a defensive body rather than a commercial product with CVEs, the systems it protects have faced significant incidents like Stuxnet and Triton, highlighting risks of physical process disruption. The current record of 93 CVEs reflects ongoing efforts to patch legacy vulnerabilities in widely deployed SCADA and PLC environments, emphasizing the critical need for network segmentation and continuous monitoring to prevent operational downtime or safety hazards in essential services.

Found 1 results / 93Clear Filters
Top products by ICS-CERT: Moxa IKS, EDS CX-Supervisor LCDS Laquis SCADA Omron CX-Supervisor NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. Advantech WebAccess HMI Designer Omron CX-One IntelliVue Patient Monitors, Avalon Fetal/Maternal Monitors Delta Electronics WPLSoft WECON LeviStudioU Dräger Infinity Delta PR100088 Modbus gateway Niagara AX Framework and Niagara 4 Framework BeaconMedæs TotalAlert Scroll Medical Air Systems web application VGo Robot DeltaV AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update CNCSoft with ScreenEditor ABB IP GATEWAY Beckhoff TwinCAT PSI GridConnect GmbH (formerly known as PSI Nentec GmbH) Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy. BD FACSLyric GE PACSystems RX3i CPE305/310 version 9.20 and prior RX3i CPE330 version 9.21 and prior RX3i CPE 400 version 9.30 and prior PACSystems RSTi-EP CPE 100 all versionsPACSystems CPU320/CRU320 RXi all versions Delta Industrial Automation CNCSoft Eaton 9000X Drive Rockwell Automation Arena Pangea Communications Internet FAX ATA Cscape Schneider Electric InduSoft Web Studio and InTouch Machine Edition Yokogawa CENTUM and Exaopc
CVE IDTitleCVSSSeverityPublished
CVE-2019-6555 Horner Automation Cscape 输入验证错误漏洞 — CscapeCWE-20 7.8 -2019-02-28

This page lists every published CVE security advisory associated with ICS-CERT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.