Stay connected

Trending News

Cyber Security, Vulnerabilities

Orpak SiteOmat 

 EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: Orpak (acquired by Gilbarco Veeder-Root) Equipment: SiteOmat Vulnerabilities: Use of Hard-coded Credentials, Cross-site Scripting, SQL Injection, Missing Encryption of Sensitive Data, Code Injection, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities…

News

New Exploits for Unsecure SAP Systems 

Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. Technical Details A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP…

News, Vulnerabilities

Fujifilm FCR Capsula X/Carbon X 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fujifilm Equipment: FCR Capsula X/Carbon X Vulnerabilities: Uncontrolled Resource Consumption, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in a denial-of-service condition in affected cassette reader units, causing potential image…

News, Vulnerabilities

Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers 

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 and CompactLogix 5370 Controllers Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to input a malicious link redirecting users to a…

Hacks, News

New DNS Hijacking Attacks 

DNS hijacking isn’t new, but this seems to be an attack of uprecidented scale: Researchers at Cisco’s Talos security division on Wednesday revealed that a hacker group it’s calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations. In the…

News, Vulnerabilities

Delta Industrial Automation CNCSoft 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics (Delta) Equipment: Delta Industrial Automation CNCSoft Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote…