Threatscape

All the following vulnerabilities were discovered either by Positive Research experts or by automated security products from Positive Technologies, including MaxPatrol and PT Application Inspector.
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: July 22, 2017
Vector: Remote
Systems affected: Ipswitch WhatsUp Gold 17.x
Vendor: Ipswitch
Notification status: 21.04.2017 - Vendor gets vulnerability details
22.07.2017 - Vendor releases fixed version and details
28.04.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: July 22, 2017
Vector: Remote
Systems affected: Ipswitch WhatsUp Gold 17.x
Vendor: Ipswitch
Notification status: 21.04.2017 - Vendor gets vulnerability details
22.07.2017 - Vendor releases fixed version and details
28.04.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 6, 2018
Vector: Remote
Systems affected: RSR
RS
RSB
MACH100
MACH1000
MACH4000
OCTOPUS
MS
Vendor: Hirschmann
Notification status: 16.03.2017 - Vendor gets vulnerability details
06.03.2018 - Vendor releases fixed version and details
28.04.2018 - Public disclosure
High (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
Fix date: March 8, 2018
Vector: Remote
Systems affected: EN100 Ethernet module IEC 61850 variant
EN100 Ethernet module PROFINET IO variant
EN100 Ethernet module Modbus TCP variant
EN100 Ethernet module DNP3 variant
EN100 Ethernet module IEC 104 variant
Vendor: Siemens
Notification status: 17.12.2015 - Vendor gets vulnerability details
08.03.2018 - Vendor releases fixed version and details
30.03.2018 - Public disclosure
High (9.0) (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: March 8, 2018
Vector: Remote
Systems affected: SIPROTEC 4 7SJ66
SIPROTEC Compact 7SK80
SIPROTEC Compact 7SJ80
SIPROTEC Compact
SIPROTEC 4
Vendor: Siemens
Notification status: 17.12.2015 - Vendor gets vulnerability details
08.03.2018 - Vendor releases fixed version and details
30.03.2018 - Public disclosure
High (10) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: March 8, 2018
Vector: Remote
Systems affected: DIGSI 4
EN100 Ethernet module IEC 61850 variant
EN100 Ethernet module PROFINET IO variant
EN100 Ethernet module DNP3 variant
EN100 Ethernet module IEC 104 variant
Vendor: Siemens
Notification status: 17.12.2015 - Vendor gets vulnerability details
08.03.2018 - Vendor releases fixed version and details
30.03.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: January 11, 2018
Vector: Remote
Systems affected: FL SWITCH 3xxx
FL SWITCH 4xxx
FL SWITCH 48xxx
Vendor: PHOENIX CONTACT
Notification status: 02.08.2017 - Vendor gets vulnerability details
11.01.2018 - Vendor releases fixed version and details
22.01.2018 - Public disclosure
Medium (5.3) (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Fix date: January 11, 2018
Vector: Remote
Systems affected: FL SWITCH 3xxx
FL SWITCH 4xxx
FL SWITCH 48xxx
Vendor: PHOENIX CONTACT
Notification status: 02.08.2017 - Vendor gets vulnerability details
11.01.2018 - Vendor releases fixed version and details
22.01.2018 - Public disclosure
Medium (5.4) (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)
Fix date: October 27, 2017
Vector: Remote
Systems affected: Kaspersky Security Center 10.x
Vendor: Kaspersky Labs
Notification status: 28.07.2017 - Vendor gets vulnerability details
27.10.2017 - Vendor releases fixed version and details
19.01.2018 - Public disclosure
High (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Fix date: October 18, 2017
Vector: Remote
Systems affected: Suricata 3.x
Vendor: Open Information Security Foundation
Notification status: 13.10.2017 - Vendor gets vulnerability details
18.10.2017 - Vendor releases fixed version and details
27.12.2017 - Public disclosure
High (10) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: July 17, 2017
Vector: Remote
Vendor: Dahua Technology
Notification status: 20.02.2017 - Vendor gets vulnerability details
31.05.2017 - Vulnerability details were sent to CERT
17.07.2017 - Vendor releases fixed version and details
27.12.2017 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: May 23, 2017
Vector: Remote
Systems affected: Rockwell Automation 1763 MicroLogix 1100 Controllers
Rockwell Automation 1766 MicroLogix 1400 Controllers
Vendor: Rockwell Automation
Notification status: 27.10.2015 - Vendor gets vulnerability details
23.05.2017 - Vendor releases fixed version and details
26.12.2017 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: May 23, 2017
Vector: Remote
Systems affected: Rockwell Automation 1763 MicroLogix 1100 Controllers
Rockwell Automation 1766 MicroLogix 1400 Controllers
Vendor: Rockwell Automation
Notification status: 27.10.2015 - Vendor gets vulnerability details
23.05.2017 - Vendor releases fixed version and details
26.12.2017 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
PT-2017-51
Fix date: no patches available
Vector: Remote
Vendor: Rockwell Automation
Notification status: 23.10.2017 - Vendor gets vulnerability details
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
PT-2017-50
Fix date: no patches available
Vector: Remote
Vendor: Rockwell Automation
Notification status: 23.10.2017 - Vendor gets vulnerability details
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
PT-2017-49
Fix date: no patches available
Vector: Remote
Vendor: Rockwell Automation
Notification status: 23.10.2017 - Vendor gets vulnerability details
High (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
PT-2017-48
Fix date: no patches available
Vector: Remote
Vendor: Rockwell Automation
Notification status: 23.10.2017 - Vendor gets vulnerability details
Medium (6.2) (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
PT-2017-47
Fix date: no patches available
Vector: Local
Vendor: Rockwell Automation
Notification status: 23.10.2017 - Vendor gets vulnerability details
Medium (5.3) (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
PT-2017-46
Fix date: no patches available
Vector: Remote
Vendor: Moxa
Notification status: 04.09.2017 - Vendor gets vulnerability details
High (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
PT-2017-45
Fix date: no patches available
Vector: Remote
Vendor: Moxa
Notification status: 04.09.2017 - Vendor gets vulnerability details
Severity level
Date filters
Date range
Year
Month
Starts:
Year
Month
Ends:
Year
Month
Vendor
Company name
Systems affected
Software name
Positive Technologies Application Inspector