Stay connected

Trending News

Critical vulnerabiliities, Cyber Security, Industrial IoT (IIoT), Market, News, Reports, Security Patches...

Fortinet Releases Security Updates for FortiOS 

Fortinet has released security updates to address a heap-based buffer overflow vulnerability (CVE-2022-42475) in FortiOS. An attacker could exploit this vulnerability to take control of an affected system. FortiOS – heap-based buffer overflow in sslvpnd Summary A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN may…

Critical vulnerabiliities, IoT Security, Market, News, Recommendations

Mitsubishi Electric MELSEC iQ-R Series 

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Mitsubishi Electric  Equipment: MELSEC iQ-R Series  Vulnerability: Improper Input Validation  2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to cause a denial-of-service condition on a target product by sending specially crafted…

Critical vulnerabiliities, ICS, Market, News, Recommendations

Mitsubishi Electric GT SoftGOT2000 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: GT SoftGOT2000 Vulnerability: Operating System (OS) Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious OS commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Mitsubishi Electric…

Critical vulnerabiliities, Industrial IoT (IIoT), IoT Security, Market, News

Cradlepoint IBR600 

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity  Vendor: Cradlepoint Equipment: IBR600 Vulnerabilities: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code and native system commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Cradlepoint IBR600 are…

Critical vulnerabiliities, Industrial IoT (IIoT), Market, News, Recommendations, Standards, Uncategorized...

CISCO Identity Services Engine Unauthorized File Access Vulnerability 

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device.This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending…