Stay connected

Trending News

Cisco Smart Software Manager On-Prem Password Change Vulnerability 
5 days ago 3 min read  
Cisco Secure Email Gateway Arbitrary File Write Vulnerability 
5 days ago 5 min read  
Siemens RUGGEDCOM APE 1808 
2 weeks ago 3 min read  
Siemens SIMATIC WinCC 
2 weeks ago 3 min read  
Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update D) 
2 weeks ago 5 min read  
Siemens SCALANCE XM-400, XR-500 
1 month ago 11 min read  
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users.
Critical vulnerabiliities, Cyber Security, IoT Security, Vulnerabilities

Cisco Smart Software Manager On-Prem Password Change Vulnerability 

Summary A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process. An attacker could…

(I) IoT, 5 days ago 3 min read  
Multiple vulnerabilities in the Cisco Crosswork Network Services Orchestrator (NSO) CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root or elevate privileges to root on the underlying operating system.
Critical vulnerabiliities, Cyber Security, IoT Security, Vulnerabilities

Cisco Crosswork Network Services Orchestrator Vulnerabilities 

Summary Multiple vulnerabilities in the Cisco Crosswork Network Services Orchestrator (NSO) CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root or elevate privileges to root on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.Cisco has…

(I) IoT, 2 months ago 6 min read  
ABB has internally identified a vulnerability in the ABB VPNI 1 feature of the S+ Control API component which may be used by several Symphony Plus products (e.g., S+ Operations, S+ Engineering and S+ Analyst).
Cyber Security, DER, Vulnerabilities

SECURITY – Denial of Service Vulnerability in Control API ‘VPNI’, impact on S+ Operations, S+Engineering and S+ AnalystCVE ID: CVE-2024-0335 

NoticeThe information in this document is subject to change without notice, and should not be construed as a commitment by ABB.ABB provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and…

(I) IoT, 3 months ago 9 min read  
An actively exploited vulnerability in Contec’s SolarView solar power monitoring product poses a significant threat to energy organizations, potentially exposing them to attacks.
Cyber Security, DER, Vulnerabilities

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks 

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks: An actively exploited vulnerability in Contec’s SolarView solar power monitoring product poses a significant threat to energy organizations, potentially exposing them to attacks. This news item highlights the vulnerability, its impact on the affected organizations,…

(I) IoT, 3 months ago 4 min read  
The Trio Licensed Radio products are designed to provide complete, versatile, and high availability system solutions for long range wireless data communications in SCADA and remote telemetry applications.
Cyber Security, DER, Vulnerabilities

Schneider Electric Security Notification Trio™ Licensed and License-free Data RadiosSchneider Electric Security Notification 

12 December 2023 (9 April 2024) Overview Schneider Electric is aware of multiple vulnerabilities in its Trio Licensed and License-Free DataRadio products.The Trio Licensed Radio products are designed to provide complete, versatile, and highavailability system solutions for long range wireless data communications in SCADA and…

(I) IoT, 3 months ago 3 min read  
The resulting Cyber Security Advisory intends to notify customers of the vulnerability and provide details on which products are impacted, how to mitigate the vulnerability or explain workarounds that minimize the potential risk as much as possible.
Cyber Security, DER, Vulnerabilities

AC500 V3Multiple DoS vulnerabilities – 2024-01-10 

CVE-2022-47391, CVE-2023-37545,CVE-2023-37546, CVE-2023-37547,CVE-2023-37548, CVE-2023-37549,CVE-2023-37550, CVE-2023-37551,CVE-2023-37552, CVE-2023-37553,CVE-2023-37554, CVE-2023-37555,CVE-2023-37556, CVE-2023-37557,CVE-2023-37558, CVE-2023-37559 Notice The information in this document is subject to change without notice, and should not be construed as a commitment by ABB. ABB provides no warranty, express or implied, including warranties of merchantability and fitness for…

(I) IoT, 3 months ago 8 min read