Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 and CompactLogix 5370 Controllers Vulnerability: Open Redirect 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to input a malicious link redirecting users to a…
New zero-day vulnerability CVE-2019-0859 in win32k.sys
In March 2019, our automatic Exploit Prevention (EP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this event led to us discovering a zero-day vulnerability in win32k.sys. It was the fifth consecutive exploited Local Privilege Escalation…
New DNS Hijacking Attacks
DNS hijacking isn’t new, but this seems to be an attack of uprecidented scale: Researchers at Cisco’s Talos security division on Wednesday revealed that a hacker group it’s calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations. In the…
Cisco addresses a critical bug in ASR 9000 series Routers
Cisco released security patches for 30 vulnerabilities, including a critical flaw in ASR 9000 Series Aggregation Services Routers running IOS XR 64-bit. The critical vulnerability in ASR 9000 Series Aggregation Services Routers running IOS XR 64-bit is tracked as CVE-2019-1710 (CVSS score of 9.8). The…
Delta Industrial Automation CNCSoft
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics (Delta) Equipment: Delta Industrial Automation CNCSoft Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote…
WAGO Series 750-88x and 750-87x
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WAGO Equipment: Series 750-88x and 750-87x Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION This vulnerability allows a remote attacker to change the settings or alter the programming of the device. 3. TECHNICAL DETAILS 3.1…
PLC Cycle Time Influences
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO Equipment: Programmable Logic Controllers Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION High network load can consume CPU power in such a way that the normal…
CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor
A recently fixed local privilege escalation flaw in windows (CVE-2019-0803) had been exploited by bad actors to deliver PowerShell Backdoor. April 2019 Patch Tuesday security updates addressed a local privilege escalation flaw in Windows operating system, tracked as CVE-2019-0859 that had been exploited by threat actors…
MAR-10135536-8 – North Korean Trojan: HOPLIGHT
Summary Description This Malware Analysis Report (MAR) is the result of analytic efforts between Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. Government partners, DHS and FBI identified Trojan malware variants used by the North Korean government. This…
Siemens SIMOCODE pro V EIP
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMOCODE pro V EIP Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SIMOCODE…
Stay connected