News Archives - Page 12 of 122 - (I)IoT Security News

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Mitsubishi Electric Multiple Factory Automation Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the…

IoT, 2 years ago 3 min read

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Hitachi Energy MSM Product

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MSM Product Vulnerability: Reliance on Uncontrolled Component 2. RISK EVALUATION Successful exploitation of this vulnerability could disrupt the functionality of the MSM web interface, steal sensitive user credentials, or cause a denial-of-service condition. 3….

IoT, 2 years ago 2 min read

ICS, IoT Security, News, Uncategorized

Siemens Linux-based Products (Update J)

1. EXECUTIVE SUMMARY 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-131-03 Siemens Linux-based Products (Update I) that was published August 11, 2022, to the ICS webpage at www.cisa.gov/ics. 3. RISK EVALUATION Successful exploitation of this vulnerability could compromise…

IoT, 2 years ago 5 min read

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70 Vulnerabilities: Heap-based Buffer Overflow, Wrap or Wraparound, Classic Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION The successful exploitation of these vulnerabilities on the affected products could…

IoT, 2 years ago 8 min read

Critical vulnerabiliities, IoT Security, News, Recommendations, Vulnerabilities

Siemens Datalogics File Parsing Vulnerability (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerability: Heap-based buffer Overflow 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-195-07 Siemens Datalogics file Parsing Vulnerability that was published July 14, 2022, on the ICS…

IoT, 2 years ago 3 min read

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Digi ConnectPort X2D

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Digi International, Inc. Equipment: ConnectPort X2D Gateway Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious actions resulting in code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED…

IoT, 2 years ago 2 min read

Critical vulnerabiliities, IoT Security, News, Vulnerabilities

Mitsubishi Electric GT SoftGOT2000

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GT SoftGOT2000 Vulnerabilities: Infinite Loop, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could create a denial-of-service condition or enable arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following…

IoT, 2 years ago 2 min read

News, Recommendations, Tools, Uncategorized

Siemens Industrial Products with OPC UA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET PC, SITOP Manager, TeleControl Server Basic Vulnerability: Null Pointer Dereference 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-132-08 Siemens Industrial Products with OPC UA that was…

IoT, 2 years ago 3 min read

Industrial IoT (IIoT), News, Recommendations, Reports

Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the affected application leading to a…

milica@ast.co.rs, 2 years ago 3 min read

Critical vulnerabiliities, News, Recommendations, Uncategorized, Vulnerabilities

Siemens PADS Standard/Plus Viewer

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: PADS Standard/Plus Viewer Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitations of these vulnerabilities could allow an attacker to trick a user into…

IoT, 2 years ago 8 min read

Stay connected

Trending News

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Mitsubishi Electric Multiple Factory Automation Products (Update B)

Hitachi Energy MSM Product

Siemens Linux-based Products (Update J)

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70

Siemens Datalogics File Parsing Vulnerability (Update A)

Digi ConnectPort X2D

Mitsubishi Electric GT SoftGOT2000

Siemens Industrial Products with OPC UA (Update A)

Siemens EN100 Ethernet Module

Siemens PADS Standard/Plus Viewer

Hot Topics

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Categories

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Latest

Popular

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

Advantech WebAccess Node

Fazecast jSerialComm

Apache Tomcat RCE by deserialization (CVE-2020-9484) – write-up and exploit0

JexBoss – JBoss Verify and EXploitation Tool