Vulnerabilities Archives - Page 4 of 105

Cyber Security, Market, News, Uncategorized, Vulnerabilities

CISA Releases RedEye: Red Team Campaign Visualization and Reporting Tool

CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye allows an operator to quickly assess complex data, evaluate mitigation strategies, and enable effective decision making. RedEye is an open-source analytic tool developed by CISA…

IoT, 2 years ago 3 min read

Critical vulnerabiliities, Cyber Security, News, Recommendations, Security Patches, Vulnerabilities

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page. Reporting or Obtaining Support for a Suspected Security…

IoT, 2 years ago 19 min read

Critical vulnerabiliities, Market, News, Recommendations, Vulnerabilities

Hitachi Energy AFF660/665 Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: AFF660/665 Firewall Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could overflow a buffer on the device and fully compromise it. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

IoT, 2 years ago 2 min read

Critical vulnerabiliities, Market, News, Recommendations, Uncategorized, Vulnerabilities

Delta Industrial Automation DIAEnergie

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Delta Industrial Automation Equipment: DIAEnergie Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Delta Industrial Automation reports the following versions…

IoT, 2 years ago 2 min read

News, Recommendations, Standards, Uncategorized, Vulnerabilities

AVEVA Edge 2020 R2 SP1 and all prior versions

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: AVEVA Edge 2020 R2 SP1 and all prior versions Vulnerabilities: Insufficient UI Warning of Dangerous Operations, Uncontrolled Search Path Element, Deserialization of Untrusted Data, Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation…

IoT, 2 years ago 4 min read

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Delta Electronics DOPSoft 2 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft 2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Heap-based Buffer Overflow 2. UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-252-02 Delta Electronics DOPSoft 2 that was published September 9,…

IoT, 2 years ago 3 min read

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Mitsubishi Electric Multiple Factory Automation Products (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT2000 compatible HMI software, CC-Link IE TSN Industrial Managed Switch, MELSEC iQ-R Series OPC UA Server Module Vulnerabilities: Infinite Loop, OS Command Injection 2. UPDATE INFORMATION This updated advisory is a follow-up to the…

IoT, 2 years ago 3 min read

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Hitachi Energy MSM Product

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MSM Product Vulnerability: Reliance on Uncontrolled Component 2. RISK EVALUATION Successful exploitation of this vulnerability could disrupt the functionality of the MSM web interface, steal sensitive user credentials, or cause a denial-of-service condition. 3….

IoT, 2 years ago 2 min read

Critical vulnerabiliities, News, Recommendations, Vulnerabilities

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70 Vulnerabilities: Heap-based Buffer Overflow, Wrap or Wraparound, Classic Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION The successful exploitation of these vulnerabilities on the affected products could…

IoT, 2 years ago 8 min read

Critical vulnerabiliities, IoT Security, News, Recommendations, Vulnerabilities

Siemens Datalogics File Parsing Vulnerability (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerability: Heap-based buffer Overflow 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-195-07 Siemens Datalogics file Parsing Vulnerability that was published July 14, 2022, on the ICS…

IoT, 2 years ago 3 min read

Stay connected

Trending News

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques-Part II

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

IOSIX IO-1020 Micro ELD

Cisco Access Point Software Secure Boot Bypass Vulnerability

Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability

GhostRace: Exploiting and Mitigating Speculative Race Conditions

CISA Releases RedEye: Red Team Campaign Visualization and Reporting Tool

Cisco Releases Security Updates for Multiple Products

Hitachi Energy AFF660/665 Series

Delta Industrial Automation DIAEnergie

AVEVA Edge 2020 R2 SP1 and all prior versions

Delta Electronics DOPSoft 2 (Update A)

Mitsubishi Electric Multiple Factory Automation Products (Update B)

Hitachi Energy MSM Product

Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70

Siemens Datalogics File Parsing Vulnerability (Update A)

Hot Topics

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques-Part II

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

IOSIX IO-1020 Micro ELD

Cisco Access Point Software Secure Boot Bypass Vulnerability

Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability

GhostRace: Exploiting and Mitigating Speculative Race Conditions

Categories

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques-Part II

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

IOSIX IO-1020 Micro ELD

Cisco Access Point Software Secure Boot Bypass Vulnerability

Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability

GhostRace: Exploiting and Mitigating Speculative Race Conditions

Latest

Popular

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques-Part II

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

IOSIX IO-1020 Micro ELD

Cisco Access Point Software Secure Boot Bypass Vulnerability

Advantech WebAccess Node

Fazecast jSerialComm

Apache Tomcat RCE by deserialization (CVE-2020-9484) – write-up and exploit0

JexBoss – JBoss Verify and EXploitation Tool