Threatscape

All the following vulnerabilities were discovered either by Positive Research experts or by automated security products from Positive Technologies, including MaxPatrol and PT Application Inspector.
High (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Fix date: March 22, 2018
Vector: Remote
Systems affected: Schneider Electric Modicon Quantum
Schneider Electric Modicon Premium
Schneider Electric Modicon M340
Vendor: Schneider Electric
Notification status: 28.04.2017 - Vendor gets vulnerability details
22.03.2018 - Vendor releases fixed version and details
03.09.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 22, 2018
Vector: Remote
Systems affected: Schneider Electric Modicon BMXNOR0200
Vendor: Schneider Electric
Notification status: 28.04.2017 - Vendor gets vulnerability details
22.03.2018 - Vendor releases fixed version and details
03.09.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 22, 2018
Vector: Remote
Systems affected: Schneider Electric Modicon Quantum
Schneider Electric Modicon Premium
Schneider Electric Modicon M340
Schneider Electric Modicon BMXNOR0200
Vendor: Schneider Electric
Notification status: 28.04.2017 - Vendor gets vulnerability details
22.03.2018 - Vendor releases fixed version and details
03.09.2018 - Public disclosure
High (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Fix date: March 22, 2018
Vector: Remote
Systems affected: Schneider Electric Modicon Quantum
Schneider Electric Modicon Premium
Schneider Electric Modicon M340
Vendor: Schneider Electric
Notification status: 28.04.2017 - Vendor gets vulnerability details
22.03.2018 - Vendor releases fixed version and details
03.09.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 22, 2018
Vector: Remote
Systems affected: Schneider Electric Modicon Quantum
Schneider Electric Modicon Premium
Schneider Electric Modicon M340
Schneider Electric Modicon BMXNOR0200
Vendor: Schneider Electric
Notification status: 28.04.2017 - Vendor gets vulnerability details
22.03.2018 - Vendor releases fixed version and details
03.09.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 22, 2018
Vector: Remote
Systems affected: Schneider Electric Modicon Quantum
Schneider Electric Modicon Premium
Schneider Electric Modicon M340
Schneider Electric Modicon BMXNOR0200
Vendor: Schneider Electric
Notification status: 28.04.2017 - Vendor gets vulnerability details
22.03.2018 - Vendor releases fixed version and details
03.09.2018 - Public disclosure
High (8.8) (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 22, 2018
Vector: Remote
Systems affected: Schneider Electric Modicon Quantum
Vendor: Schneider Electric
Notification status: 28.04.2017 - Vendor gets vulnerability details
22.03.2018 - Vendor releases fixed version and details
03.09.2018 - Public disclosure
High (9.0) (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: May 16, 2018
Vector: Remote
Systems affected: FL SWITCH 3xxx
FL SWITCH 4xxx
FL SWITCH 48xxx
Vendor: PHOENIX CONTACT
Notification status: 22.02.2018 - Vendor gets vulnerability details
16.05.2018 - Vendor releases fixed version and details
29.08.2018 - Public disclosure
High (9.1) (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
Fix date: May 16, 2018
Vector: Remote
Systems affected: FL SWITCH 3xxx
FL SWITCH 4xxx
FL SWITCH 48xxx
Vendor: PHOENIX CONTACT
Notification status: 22.02.2018 - Vendor gets vulnerability details
16.05.2018 - Vendor releases fixed version and details
29.08.2018 - Public disclosure
Medium (5.3) (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Fix date: May 16, 2018
Vector: Remote
Systems affected: FL SWITCH 3xxx
FL SWITCH 4xxx
FL SWITCH 48xxx
Vendor: PHOENIX CONTACT
Notification status: 22.02.2018 - Vendor gets vulnerability details
16.05.2018 - Vendor releases fixed version and details
29.08.2018 - Public disclosure
High (8.1) (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: May 16, 2018
Vector: Remote
Systems affected: FL SWITCH 3xxx
FL SWITCH 4xxx
FL SWITCH 48xxx
Vendor: PHOENIX CONTACT
Notification status: 22.02.2018 - Vendor gets vulnerability details
16.05.2018 - Vendor releases fixed version and details
29.08.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 7, 2018
Vector: Remote
Systems affected: Ipswitch WhatsUp Gold 17.x
Vendor: Ipswitch
Notification status: 21.04.2017 - Vendor gets vulnerability details
07.03.2018 - Vendor releases fixed version and details
22.08.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 7, 2018
Vector: Remote
Systems affected: Ipswitch WhatsUp Gold 17.x
Vendor: Ipswitch
Notification status: 21.04.2017 - Vendor gets vulnerability details
07.03.2018 - Vendor releases fixed version and details
22.08.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: July 22, 2017
Vector: Remote
Systems affected: Ipswitch WhatsUp Gold 17.x
Vendor: Ipswitch
Notification status: 21.04.2017 - Vendor gets vulnerability details
22.07.2017 - Vendor releases fixed version and details
28.04.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: July 22, 2017
Vector: Remote
Systems affected: Ipswitch WhatsUp Gold 17.x
Vendor: Ipswitch
Notification status: 21.04.2017 - Vendor gets vulnerability details
22.07.2017 - Vendor releases fixed version and details
28.04.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 6, 2018
Vector: Remote
Systems affected: RSR
RS
RSB
MACH100
MACH1000
MACH4000
OCTOPUS
MS
Vendor: Hirschmann
Notification status: 16.03.2017 - Vendor gets vulnerability details
06.03.2018 - Vendor releases fixed version and details
28.04.2018 - Public disclosure
High (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
Fix date: March 8, 2018
Vector: Remote
Systems affected: EN100 Ethernet module IEC 61850 variant
EN100 Ethernet module PROFINET IO variant
EN100 Ethernet module Modbus TCP variant
EN100 Ethernet module DNP3 variant
EN100 Ethernet module IEC 104 variant
Vendor: Siemens
Notification status: 17.12.2015 - Vendor gets vulnerability details
08.03.2018 - Vendor releases fixed version and details
30.03.2018 - Public disclosure
High (9.0) (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: March 8, 2018
Vector: Remote
Systems affected: SIPROTEC 4 7SJ66
SIPROTEC Compact 7SK80
SIPROTEC Compact 7SJ80
SIPROTEC Compact
SIPROTEC 4
Vendor: Siemens
Notification status: 17.12.2015 - Vendor gets vulnerability details
08.03.2018 - Vendor releases fixed version and details
30.03.2018 - Public disclosure
High (10) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: March 8, 2018
Vector: Remote
Systems affected: DIGSI 4
EN100 Ethernet module IEC 61850 variant
EN100 Ethernet module PROFINET IO variant
EN100 Ethernet module DNP3 variant
EN100 Ethernet module IEC 104 variant
Vendor: Siemens
Notification status: 17.12.2015 - Vendor gets vulnerability details
08.03.2018 - Vendor releases fixed version and details
30.03.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: January 11, 2018
Vector: Remote
Systems affected: FL SWITCH 3xxx
FL SWITCH 4xxx
FL SWITCH 48xxx
Vendor: PHOENIX CONTACT
Notification status: 02.08.2017 - Vendor gets vulnerability details
11.01.2018 - Vendor releases fixed version and details
22.01.2018 - Public disclosure
Severity level
Date filters
Date range
Year
Month
Starts:
Year
Month
Ends:
Year
Month
Vendor
Company name
Systems affected
Software name
Positive Technologies Application Inspector
Editor’s Choice