Recommendations Archives - Page 2 of 6

Cyber Security, Market, News, Recommendations, Remediation, Security Patches, Vulnerabilities...

Apple Releases Security Update for Xcode

Apple has released a security update to address vulnerabilities in Xcode. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. About Apple security updates For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an…

IoT, 3 months ago 1 min read

ICS, Market, News, Recommendations, Remediation, Uncategorized

Nokia ASIK AirScale System Module

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Nokia Equipment: ASIK AirScale 5G Common System Module Vulnerabilities: Improper Access Control for Volatile Memory Containing Boot Code, Assumed-Immutable Data is Stored in Writable Memory 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in the execution…

IoT, 3 months ago 3 min read

Market, News, Recommendations, Remediation, Reports, Uncategorized

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware Cloud Foundation. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Multiple vulnerabilities were privately reported to VMware. Updates are available to address this vulnerability in affected…

IoT, 3 months ago 2 min read

Critical vulnerabiliities, Industrial IoT (IIoT), Market, News, Recommendations, Standards, Uncategorized...

CISCO Identity Services Engine Unauthorized File Access Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device.This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending…

IoT, 3 months ago 4 min read

Market, News, Recommendations, Standards

Mitsubishi Electric MELSEC iQ-R Series (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerability: Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled “ICSA-21-287-03 Mitsubishi Electric MELSEC iQ-R Series” that was…

IoT, 3 months ago 2 min read

Market, News, Recommendations, Remediation

Hitachi Energy Modular Switchgear Monitoring (MSM)

1. EXECUTIVE SUMMARY CVSS v3 5.0 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: Modular Switchgear Monitoring (MSM) Vulnerabilities: Cross-Site Request Forgery (CSRF), HTTP Response Splitting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform malicious command injection, trick a valid user into downloading malicious…

IoT, 3 months ago 3 min read

Critical vulnerabiliities, News, Recommendations

Siemens LOGO! 8 BM Devices

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: LOGO! 8 BM Devices Vulnerabilities: Buffer Copy without Checking Size of Input; Improper Input Validation; Improper Validation of Specified Index, Position, or Offset in Input. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could…

IoT, 4 months ago 3 min read

News, Recommendations

Johnson Controls Metasys ADX Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: Metasys ADX (Extended Application and Data Server) Server running MVE (Metasys for Validated Environments) Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an Active Directory user to execute…

IoT, 4 months ago 2 min read

Critical vulnerabiliities, Cyber Security, News, Recommendations, Security Patches, Vulnerabilities

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page. Reporting or Obtaining Support for a Suspected Security…

IoT, 4 months ago 19 min read

News, Recommendations, Uncategorized

Measuresoft ScadaPro Server

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Measuresoft Equipment: ScadaPro Server Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges. 3….

IoT, 4 months ago 2 min read

Stay connected

Trending News

Hitachi Energy MicroSCADA Pro/X SYS600 Products

VMware Releases Security Updates for Multiple products

Fortinet Releases Security Updates for FortiOS

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

CISA Releases Phishing Infographic

Horner Automation Remote Compact Controller

Apple Releases Security Update for Xcode

Nokia ASIK AirScale System Module

VMware Releases Security Updates

CISCO Identity Services Engine Unauthorized File Access Vulnerability

Mitsubishi Electric MELSEC iQ-R Series (Update A)

Hitachi Energy Modular Switchgear Monitoring (MSM)

Siemens LOGO! 8 BM Devices

Johnson Controls Metasys ADX Server

Cisco Releases Security Updates for Multiple Products

Measuresoft ScadaPro Server

Hot Topics

Hitachi Energy MicroSCADA Pro/X SYS600 Products

VMware Releases Security Updates for Multiple products

Fortinet Releases Security Updates for FortiOS

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

CISA Releases Phishing Infographic

Horner Automation Remote Compact Controller

Categories

Hitachi Energy MicroSCADA Pro/X SYS600 Products

VMware Releases Security Updates for Multiple products

Fortinet Releases Security Updates for FortiOS

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

CISA Releases Phishing Infographic

Horner Automation Remote Compact Controller

Latest

Popular

Hitachi Energy MicroSCADA Pro/X SYS600 Products

VMware Releases Security Updates for Multiple products

Fortinet Releases Security Updates for FortiOS

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

Advantech WebAccess Node

Fazecast jSerialComm

Apache Tomcat RCE by deserialization (CVE-2020-9484) – write-up and exploit0

JexBoss – JBoss Verify and EXploitation Tool