HMI Archives - Security Affairs

Pierluigi Paganini January 28, 2021

CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite

The U.S. CISA published a security advisory for High-Severity flaws in some SCADA/HMI products made by Japanese company Fuji Electric. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security advisory to warn industrial organizations of some high severity flaws in SCADA/HMI products made by Japanese electrical equipment company Fuji Electric. The vulnerabilities affect […]

Pierluigi Paganini December 04, 2020

Iranian hackers access unsecured HMI at Israeli Water Facility

A group of Iranian hackers gained access to a un unprotected ICS at an Israeli Water Facility and posted a video as proof of the hack. Researchers from industrial cybersecurity firm OTORIO revealed that a group of Iranian hackers gained access to a un unprotected ICS at the Israeli Water Facility. The threat actors accessed […]

Pierluigi Paganini April 29, 2018

Researchers discovered the control console of a ski lift in Austria open online

Two security experts discovered that the control panel of a Ski lift in Austria was exposed online without any protection. The control panel of a Ski lift in Austria was exposed online, the disconcerting discovery was made on March 16 by the security experts Tim Philipp Schäfers and Sebastian Neef with security organization InternetWache.org. The ski lift is Patscherkofelbahn, a […]

Pierluigi Paganini February 02, 2018

Hundreds of ICS products affected by a critical flaw in CODESYS WebVisu

Researcher discovered a critical vulnerability in the web server component of 3S-Smart Software Solutions’ CODESYS WebVisu product currently used in 116 PLCs and HMIs from many vendors, Security researcher Zhu WenZhe from Istury IOT discovered a critical stack-based buffer overflow vulnerability in the web server component of 3S-Smart Software Solutions’ CODESYS WebVisu product that allows users to view […]

Pierluigi Paganini August 18, 2015

ICS-CERT warns for 0-Day vulnerabilities in SCADA systems

The ICS-CERT has recently published six security advisories to warn organizations about a number of 0-day flaws in SCADA systems. The ICS-CERT has published six advisories to warn organizations about the presence of Zero-Day Flaws in SCADA Systems. Aditya K. Sood, security researcher at Elastica, has revealed in a talk at the Def Con 2015 conference several vulnerabilities […]

Pierluigi Paganini January 11, 2015

Financial malware poses as ICS/SCADA Software

Researcher Kyle Wilhoit discovered a spike in traditional financial crimeware targeting ICS/SCADA networks attributing it to attack run by cyber criminals. The senior threat researcher with Trend Micro, Kyle Wilhoit, has recently discovered 13 different types of crimeware disguised as new versions for human machine interface (HMI) software for Siemens Simatic WinCC, GE Cimplicity, and Advantech device drivers. The […]

Pierluigi Paganini December 12, 2014

BlackEnergy exploits recently fixed flaws in Siemens WinCC

The ICS-CERT revealed that the BlackEnergy malware targeted SCADA HMI systems may be exploiting a recently patched flaw in the Siemens SIMATIC WinCC. Security experts at the Industrial Control System Cyber Emergency Response Team (ICS-CERT) reported that the BlackEnergy malware was used by threat actors in the wild to compromise HMI (human-machine interface) systems. The […]

Pierluigi Paganini November 27, 2014

Siemens fixed WinCC flaws likely being exploited in the wild

The industrial supplier Siemens has patched two critical vulnerabilities in its solutions, Siemens WinCC application in use must be updated urgently. The industrial supplier Siemens has patched two critical vulnerabilities in the Siemens application that bad actors are exploiting in the wild. Siemens has also informed its customers that its researchers are already working on updates […]

Pierluigi Paganini June 23, 2014

Impact of Windows XP End of life on Critical Infrastructure

Which is the impact of the Windows XP End of Life on the critical infrastructure? Which are the risks and the mitigation strategies that could be adopted? This week I had the pleasure and the honor to participate as a speaker for a seminar at Rome Security Summit 2014, the theme of the event was “Impact […]

Pierluigi Paganini January 18, 2014

ReVuln team founds a zero-day in SCADA component

At S4x14 Conference in Miami, a researcher at of ReVuln disclosed a buffer overflow zero-day flaw in HMI software produced by Malaysian company Ecava. During the S4x14 Conference in Miami, Luigi Auriemma of ReVuln disclosed a serious vulnerability in HMI software. The team of researchers at ReVuln discovered a buffer overflow vulnerability in the company’s […]

HMI

CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite

Iranian hackers access unsecured HMI at Israeli Water Facility

Researchers discovered the control console of a ski lift in Austria open online

Hundreds of ICS products affected by a critical flaw in CODESYS WebVisu

ICS-CERT warns for 0-Day vulnerabilities in SCADA systems

Financial malware poses as ICS/SCADA Software

BlackEnergy exploits recently fixed flaws in Siemens WinCC

Siemens fixed WinCC flaws likely being exploited in the wild

Impact of Windows XP End of life on Critical Infrastructure

ReVuln team founds a zero-day in SCADA component

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

Scattered Spider targets VMware ESXi in using social engineering

China-linked group Fire Ant exploits VMware and F5 flaws since early 2025

Allianz Life data breach exposed the data of most of its 1.4M customers

QUICK LINKS

HMI

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!