Stay connected

Trending News

Critical vulnerabiliities, Exploit, ICS, IoT Security, Market, News

Industrial Control Links ScadaFlex II SCADA Controllers 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to overwrite, delete, or create files.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Industrial Control Links ScadaFlex II SCADA Controllers are affected:  3.2 VULNERABILITY OVERVIEW 3.2.1 EXTERNAL…

Critical vulnerabiliities, Cyber Security, Exploit, ICS, Market, News

Cisco Releases Security Advisory for IOS XR Software 

Cisco has released a security advisory for a vulnerability affecting IOS XR Software for ASR 9000 Series Routers. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.  CISA encourages users and administrators to…

Critical vulnerabiliities, Cyber Security, Data breach, Exploit, Hacks, ICS, Industrial IoT (IIoT), ...

Mitsubishi Electric GOT and Tension Controller (Update A) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT and Tension Controller Vulnerabilities: Improper Handling of Exceptional Conditions, Improper Input Validation ——— Begin Update A Part 1 of 2 ——— Mitsubishi Electric PSIRT has informed CISA that further research has shown the…

Cleanly Escaping the Chrome Sandbox
Exploit

Cleanly Escaping the Chrome Sandbox 

This post will explain how we discovered and exploited Issue 1062091, a use-after-free (UAF) in the browser process leading to a sandbox escape in Google Chrome as well as Chromium-based Edge. Background Our goal is to make this post accessible to those unfamiliar with Chrome exploitation,…