News Archives - Page 8 of 122 - (I)IoT Security News

ICS, Industrial IoT (IIoT), Market, News

Siemens RADIUS Client of SIPROTEC 5 Devices

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens ProductCERT Equipment: RADIUS client of SIPROTEC 5 devices Vulnerability: Loop with Unreachable Exit Condition (‘Infinite Loop’) 2. RISK EVALUATION The RADIUS client implementation of the VxWorks platform in SIPROTEC 5 devices contains a denial-of-service vulnerability that…

IoT, 2 years ago 5 min read

Critical vulnerabiliities, Cyber Security, Exploit, ICS, Market, News

Cisco Releases Security Advisory for IOS XR Software

Cisco has released a security advisory for a vulnerability affecting IOS XR Software for ASR 9000 Series Routers. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to…

IoT, 2 years ago 1 min read

Critical vulnerabiliities, Cyber Security, ICS, News

AVEVA Plant SCADA and AVEVA Telemetry Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: AVEVA Plant SCADA and AVEVA Telemetry Server Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated user to read data, cause a denial of service, and tamper with…

IoT, 2 years ago 2 min read

Cyber Security, News, Vulnerabilities

CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping

CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions,…

IoT, 2 years ago 4 min read

Critical vulnerabiliities, ICS, Industrial IoT (IIoT), Market, News, Recommendations

Siemens SIMATIC Industrial Products

1. EXECUTIVE SUMMARY CVSS v3 7.9 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC industrial products Vulnerability: Time-of-check Time-of-use (TOCTOU) Race Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a privileged user to potentially enable escalation of privilege via local access. 3. TECHNICAL DETAILS 3.1 AFFECTED…

IoT, 2 years ago 3 min read

Critical vulnerabiliities, Cyber Security, ICS, News

Siemens SCALANCE X200 IRT

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X200 IRT Products Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products…

IoT, 2 years ago 3 min read

ICS, Industrial IoT (IIoT), IoT Security, News

Johnson Controls System Configuration Tool (SCT)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: System Configuration Tool Vulnerabilities: Sensitive Cookie Without ‘HttpOnly’ Flag, Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access cookies and take over the…

IoT, 2 years ago 2 min read

ICS, Market, News

Delta Electronics CNCSoft ScreenEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition, which could allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

IoT, 2 years ago 2 min read

ICS, News, Recommendations

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems (ICS) advisories on January 26, 2023.These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-026-01 Delta Electronics CNCSoft…

IoT, 2 years ago 1 min read

ICS, Market, News, Recommendations

Hitachi Energy MicroSCADA Pro/X SYS600 Products

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA X SYS600, MicroSCADA Pro Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to execute administrator level scripts. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…

IoT, 2 years ago 2 min read

Stay connected

Trending News

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Siemens RADIUS Client of SIPROTEC 5 Devices

Cisco Releases Security Advisory for IOS XR Software

AVEVA Plant SCADA and AVEVA Telemetry Server

CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping

Siemens SIMATIC Industrial Products

Siemens SCALANCE X200 IRT

Johnson Controls System Configuration Tool (SCT)

Delta Electronics CNCSoft ScreenEditor

CISA Releases Eight Industrial Control Systems Advisories

Hitachi Energy MicroSCADA Pro/X SYS600 Products

Hot Topics

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Categories

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Latest

Popular

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

Advantech WebAccess Node

Fazecast jSerialComm

Apache Tomcat RCE by deserialization (CVE-2020-9484) – write-up and exploit0

JexBoss – JBoss Verify and EXploitation Tool