Stay connected

Trending News

Cisco NX-OS Software Image Verification Bypass Vulnerability 
5 days ago 5 min read  
DTLS “ClientHello” Race Conditions in WebRTC Implementations 
3 weeks ago 16 min read  
Bosch Rexroth IndraDrive 
1 month ago 3 min read  
Delta Electronics DIAScreen 
1 month ago 3 min read  
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites 
2 months ago 3 min read  
Delta Electronics InfraSuite Device Master 
2 months ago 3 min read  
Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability
Critical vulnerabiliities, Cyber Security, Exploit, ICS, Market, News

Cisco Releases Security Advisory for IOS XR Software 

Cisco has released a security advisory for a vulnerability affecting IOS XR Software for ASR 9000 Series Routers. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.  CISA encourages users and administrators to…

IoT, 2 years ago 1 min read  
Critical vulnerabiliities, ICS, Industrial IoT (IIoT), Market, News, Recommendations

Siemens SIMATIC Industrial Products 

1. EXECUTIVE SUMMARY CVSS v3 7.9 ATTENTION: Low attack complexity  Vendor: Siemens  Equipment: SIMATIC industrial products  Vulnerability: Time-of-check Time-of-use (TOCTOU) Race Condition  2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a privileged user to potentially enable escalation of privilege via local access.  3. TECHNICAL DETAILS 3.1 AFFECTED…

IoT, 2 years ago 3 min read  
ICS, Market, News

Delta Electronics CNCSoft ScreenEditor 

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity  Vendor: Delta Electronics  Equipment: CNCSoft   Vulnerability: Stack-based Buffer Overflow  2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition, which could allow remote code execution.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

IoT, 2 years ago 2 min read  
ICS, Market, News, Recommendations

Hitachi Energy MicroSCADA Pro/X SYS600 Products 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity   Vendor: Hitachi Energy  Equipment: MicroSCADA X SYS600, MicroSCADA Pro  Vulnerability: Improper Input Validation  2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to execute administrator level scripts.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…

IoT, 2 years ago 2 min read  
Critical vulnerabiliities, Cyber Security, Industrial IoT (IIoT), Market, News, Reports, Security Patches...

Fortinet Releases Security Updates for FortiOS 

Fortinet has released security updates to address a heap-based buffer overflow vulnerability (CVE-2022-42475) in FortiOS. An attacker could exploit this vulnerability to take control of an affected system. FortiOS – heap-based buffer overflow in sslvpnd Summary A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN may…

IoT, 2 years ago 2 min read  
Market, News, Recommendations

Horner Automation Remote Compact Controller 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Horner Automation Equipment: Remote Compact Controller (RCC) 972  Vulnerabilities: Inadequate Encryption Strength, Use of Hard-coded Cryptographic Key, Excessive Reliance on Global Variables  2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain credentials…

IoT, 2 years ago 3 min read  
Critical vulnerabiliities, IoT Security, Market, News, Recommendations

Mitsubishi Electric MELSEC iQ-R Series 

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Mitsubishi Electric  Equipment: MELSEC iQ-R Series  Vulnerability: Improper Input Validation  2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to cause a denial-of-service condition on a target product by sending specially crafted…

IoT, 2 years ago 2 min read