RD No. CVE Number / Case Number Date OEM Product Version/Part No. Vulnerability Status
Research Advisory - Vulnerable Disclosure 15 15.1 - 000160 , 15.2 - 000161 SSS(Synergy Systems & Solutions) 15.1 - RTU 15.2 - RTU Version - RTU 6049-E70 Undisclosed Confirmed
Research Advisory - Vulnerable Disclosure 14 14.1 - 000150 , 14.2 - 000151 SSS(Synergy Systems & Solutions) 14.1- RTU 14.2 - RTU Version - RTU 6049-E70 Undisclosed Confirmed
Research Advisory - Vulnerable Disclosure 13 13.1 - 000140 , 13.2 - 000141 SSS(Synergy Systems & Solutions) 13.1- RTU 13.2 - RTU Version - RTU 6049-E70 Undisclosed Confirmed
Research Advisory - Vulnerable Disclosure 12 0001655 Schneider Electric PLC Undisclosed Undisclosed Confirmed
Research Advisory - Vulnerable Disclosure 11 Rockwell Automation PLC Micrologix 1100 1. XSS 2. RFI Under Investigation
Research Advisory - Vulnerable Disclosure 10 ICSA-19-290-01 Aveva Aveva Vijeo Citect & Schneider Citect Version-7.50 Server Crash Confirmed
Research Advisory - Vulnerable Disclosure 9 Rockwell Automation PLC Undisclosed Undisclosed Under Investigation
Research Advisory - Vulnerable Disclosure 8 CVE-2019-10981 Aveva Aveva Vijeo Citect & Schneider Citect Version - 7.40 Credentials Leaking in Memory Dump. Confirmed
Research Advisory - Responsible Disclosure 7 - Multiple devices CVE-2019-6812 Schneider Electric Multiple Devices BMXP342020 and BMXNOR0200H Hard-coded credentials in Firmware Confirmed
Research Advisory - Responsible Disclosure 6 CVE-2019-6813 Schneider Electric RTU BMX-NOR-0200H Agitate RTU by SNMP Truncate packet Confirmed
Research Advisory - Responsible Disclosure 5 - Multiple devices CVE-2019-6812 Schneider Electric Multiple Devices BMXNOR0200H Hard-coded credentials in Firmware Confirmed
Research Advisory - Responsible Disclosure 4 4.1 - CVE-2019-6833 Schneider Electric HMI 4.1 - HMIGTO3510 4.1- Command stored in buffer 4.1 - Confirmed 4.2 - Pending
Research Advisory - Vulnerable Disclosure 3 - Multiple Vulnerabilities CVE-2019-6812 Schneider Electric RTU BMXP342020 Hard-coded credentials in Firmware Confirmed
Research Advisory - Vulnerable Disclosure 2 - Multiple Vulnerabilities 2.1 - CVE-2019-6831 2.2 - CVE-2019-6810 Schneider Electric 2.1 - RTU 2.2 - RTU 2.1 - BMX-NOR-0200H 2.2 - BMX-NOR-0200H 2.1 - DOS 2.2 - Unauthentic Command Execution 2.1 - Confirmed 2.2 - Confirmed 2.3 - Confirmed
Research Advisory - Responsible Disclosure 1 CVE-2018-7811 Schneider Electric PLC BMXP342020 CSRF Confirmed

Disclosure Timeline

 

 DisclosureTimeline 12

 

 

Disclosure Timeline 11

 

 

 Disclosure Timeline 10

 

 

 Disclosure Timeline 9

 

 

  Disclosure Timeline 8

 

 

  Disclosure Timeline 7

 

 

  Disclosure Timeline 6

 

 

  Disclosure Timeline 5

 

 

  Disclosure Timeline 4

 

 

  Disclosure Timeline 3

 

 

 

  Disclosure Timeline 2

 

 

  Disclosure Timeline 1

For any queries kindly mail us at  c3iadvisory@cse.iitk.ac.in

Download PGP Key

 

Copyright © 2020. All rights reserved

This site is under Maintenance