Stay connected

Trending News

ICS, News, Reports

Mitsubishi Electric FA Engineering Software 

2. RISK ASSESSMENTExploiting this vulnerability successfully could enable a local attacker to execute code, potentially leading to information exposure, unauthorized data alterations, or triggering a denial-of-service (DoS) scenario. 3. TECHNICAL SPECIFICATIONS 3.1 IMPACTED PRODUCTSThe subsequent versions of Mitsubishi Electric’s FA Engineering Software Solutions are affected:…

Exploit, ICS, IoT Security

APSystems Altenergy Power Control 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION ​Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ​The following versions of Altenergy Power Control software are affected:  3.2 VULNERABILITY OVERVIEW 3.2.1 ​IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS…

Critical vulnerabiliities, ICS, IoT Security, Market, News

Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers 

Security Assessment of Schneider Electric Products Summary of Findings: During a security assessment of Schneider Electric’s EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers, several vulnerabilities were discovered. These vulnerabilities involve improper checks for unusual or exceptional conditions and could potentially lead to unauthorized access,…

Critical vulnerabiliities, Cyber Security, Recommendations

ISC Releases Security Advisories for Multiple Versions of BIND 9 

The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions. CISA encourages users and administrators to review the following…

Critical vulnerabiliities, Cyber Security, Security Patches

Fortinet Releases Security Updates for FortiOS and FortiProxy 

Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system. Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign Affected Platforms: FortiOSImpacted Users: Targeted at government, manufacturing,…