Posted by Karn Ganeshen on Dec 24

XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability

*AFFECTED PRODUCTS*
XZERES is a US-based energy company that maintains offices in several
countries around the world, including the UK, Italy, Japan, Vietnam,
Philippines, and Myanmar.

The affected product, 442SR Wind Turbine, has a web-based interface system.
According to XZERES, the 442SR is deployed across the Energy sector. XZERES
estimates that this product is used worldwide….

Posted by Karn Ganeshen on Dec 24

*Nordex NC2 XSS Vulnerability*

*AFFECTED PRODUCTS*
Nordex Control 2 (NC2) SCADA V16 and prior versions.

Nordex is a company based in Germany that maintains offices in countries
around the world.

The affected product, Nordex Control 2, is a web-based SCADA system for
wind power plants. According to Nordex, NC2 is deployed across the Energy
sector. Nordex estimates that this product is used primarily in the United
States, Europe, and China….

Posted by Karn Ganeshen on Dec 24

*eWON sa Industrial router – Multiple Vulnerabilities*

eWON connects the machine across the Internet

Breaking the barrier between industrial applications and IT standards, the
mission of eWON is to connect industrial machines securely to the Internet,
enabling easy remote access and gathering all types of technical data
originating from industrial machines.

Typical applications within the scope of our mission include remote
maintenance,…