Remediation Archives - (I)IoT Security News

Critical vulnerabiliities, Market, News, Recommendations, Remediation, Reports

CVE-2022-41120 PoC released for Windows Sysmon Elevation of Privilege Vulnerability

A security researcher has published details and proof-of-concept (PoC) code for a Microsoft Windows Sysmon vulnerability that could be exploited to gain elevated privileges on the system. Tracked as CVE-2022-41120 (CVSS score of 7.8), the security defect was identified and reported in June, with a…

IoT, 2 years ago 1 min read

Cyber Security, News, Recommendations, Remediation

AVEVA Edge

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Digital Alert Systems Equipment: DASDEC Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities might result in false alerts being issued to broadcast or cable sites that are immediately connected to the…

IoT, 2 years ago 2 min read

Cyber Security, Market, News, Recommendations, Remediation, Security Patches, Vulnerabilities...

Apple Releases Security Update for Xcode

Apple has released a security update to address vulnerabilities in Xcode. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. About Apple security updates For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an…

IoT, 2 years ago 1 min read

ICS, Market, News, Recommendations, Remediation, Uncategorized

Nokia ASIK AirScale System Module

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Nokia Equipment: ASIK AirScale 5G Common System Module Vulnerabilities: Improper Access Control for Volatile Memory Containing Boot Code, Assumed-Immutable Data is Stored in Writable Memory 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in the execution…

IoT, 2 years ago 3 min read

Market, News, Recommendations, Remediation, Reports, Uncategorized

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware Cloud Foundation. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Multiple vulnerabilities were privately reported to VMware. Updates are available to address this vulnerability in affected…

IoT, 2 years ago 2 min read

Market, News, Recommendations, Remediation

Hitachi Energy Modular Switchgear Monitoring (MSM)

1. EXECUTIVE SUMMARY CVSS v3 5.0 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: Modular Switchgear Monitoring (MSM) Vulnerabilities: Cross-Site Request Forgery (CSRF), HTTP Response Splitting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform malicious command injection, trick a valid user into downloading malicious…

IoT, 2 years ago 3 min read

Cyber Security, Industrial IoT (IIoT), IoT Security, Remediation, Security Patches, Uncategorized, Vulnerabilities...

ICS Advisory (ICSA-22-090-01)

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: SCADAPack Workbench Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could result from exfiltration of data from local files to a remote system controlled by an attacker….

IoT, 3 years ago 3 min read

Stay connected

Trending News

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

CVE-2022-41120 PoC released for Windows Sysmon Elevation of Privilege Vulnerability

AVEVA Edge

Apple Releases Security Update for Xcode

Nokia ASIK AirScale System Module

VMware Releases Security Updates

Hitachi Energy Modular Switchgear Monitoring (MSM)

ICS Advisory (ICSA-22-090-01)

Hot Topics

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Trending Slider

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

iniNet Solutions SpiderControl SCADA PC HMI Editor

VIMESA VHF/FM Transmitter Blue Plus

Latest

Popular

Bosch Rexroth IndraDrive

Delta Electronics DIAScreen

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Delta Electronics InfraSuite Device Master

Advantech WebAccess Node

Fazecast jSerialComm

Apache Tomcat RCE by deserialization (CVE-2020-9484) – write-up and exploit0

JexBoss – JBoss Verify and EXploitation Tool

Categories