RLE Nova-Wind Turbine HMI Unsecure Credentials Vulnerability (Update A)

CVSS 5.0 MEDIUM

CVEs (1)

CVE-2015-3951

ICS-CERT has attempted on multiple occasions to contact the vendor regarding this serious flaw and have according to our vulnerability disclosure policy now produced this advisory. Insecure credential vulnerabilities create a serious risk to asset owners. ICS-CERT strongly recommends ensuring that the impacted product is not connected to the Internet or any network as this vulnerability is remotely exploitable.

RLE International GmbH

RLE International GmbH · Nova-Wind Turbine HMI vers:all/*

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.