Stay connected

Trending News

Critical vulnerabiliities, Cyber Security, ICS

Siemens SINEC INS 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service condition, intercept credentials, or escalate privileges on the affected device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: 3.2 Vulnerability Overview 3.2.1 IMPROPER…

Critical vulnerabiliities, ICS, Vulnerabilities

Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d 

Executive SummaryCVSS v3 5.4ALERT: Vulnerable to exploitation with adjacent access/low attack complexityManufacturer: Zebra TechnologiesDevices: ZTC Industrial ZT410, ZTC Desktop GK420dIssue: Potential Authentication Bypass via Alternate Path or Channel Risk AssessmentSuccessful exploitation of this vulnerability could permit an unauthorized individual to manipulate credentials by sending specifically…

Marvin attack
White Papers

Everlasting ROBOT: the Marvin Attack 

Abstract. In this paper we show that Bleichenbacher-style attacks onRSA decryption are not only still possible, but also that vulnerable implementations are common. We have successfully attacked multiple implementations using only timing of decryption operation and shown thatmany others are vulnerable. To perform the attack…

Critical vulnerabiliities, ICS, Vulnerabilities

Siemens SIMATIC PCS neo 

SIMATIC PCS neo: Versions before V4.13.2 Vulnerability Overview3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306Affected products’ PUD Manager fails to authenticate users properly within its web service. This allows an unauthenticated attacker from an adjacent network to generate a privileged token and upload additional documents.CVE-2023-46096 has…