Alerts and Advisories- 2019




January   February   March   April   May   June   July   August   September   October   November   December  


  • Vulnerability Summary (30 Dec 2019)

    Summary of vulnerabilities for the week of Dec 23, 2019.

  • Multiple vulnerabilities in imagemagick (29 Dec 2019)

    Multiple vulnerabilities have been discovered in imagemagick. Successful exploitation of these vulnerabilities could allow a remote attacker to cause denial of service or any other unspecified impact via crafted image data.

  • Multiple vulnerabilities in Tomcat8 (27 Dec 2019)

    Multiple vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which could result in session fixation attacks, information disclosure, cross-site scripting, denial of service via resource exhaustion and insecure redirects.

  • Vulnerability Summary (23 Dec 2019)

    Summary of vulnerabilities for the week of Dec 16, 2019.

  • Vulnerability in D-Link DCS-960L (23 Dec 2019)

    Stack-based Buffer Overflow Remote Code Execution vulnerability has been discovered in D-Link DCS-960L. This vulnerability allows malicious user to affect the device from the LAN-Side (in home) that would cause the device to malfunction.

  • TightVNC Security Updates (21 Dec 2019)

    Multiple vulnerabilities have been discovered in TightVNC. An attacker could exploit these vulnerabilities to trigger denial of service, access confidential data, and execute arbitrary code on the targeted system.

  • Vulnerability in VMware (20 Dec 2019)

    VMware Workstation and Horizon View Agent contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.

  • Vulnerability in Philips' Equipment (19 Dec 2019)

    Inadequate Encryption Strength vulnerability has been discovered in Philips' Equipments- Veradius Unity, Pulsera, and Endura Dual WAN Router. Successful exploitation of this vulnerability could compromise the management interface of the front end router impacting the availability of data transfer via wireless communication.

  • Vulnerability in Moxa's Equipment (19 Dec 2019)

    Uncontrolled Resource Consumption vulnerability has been discovered in Moxa's Equipments- EDS-G508E, EDS-G512E, and EDS-G516E Series Ethernet Switches. Successful exploitation of this vulnerability could cause the target device to go out of service.

  • Vulnerability in Equinox's Equipment (19 Dec 2019)

    SQL Injection vulnerability has been discovered in Equinox's Equipment- Control Expert. Successful exploitation of this vulnerability may allow remote code execution.

  • Vulnerability in WECON's Equipment (19 Dec 2019)

    Stack-based Buffer Overflow vulnerability has been discovered in WECON's Equipment- PLC Editor. Successful exploitation could allow an attacker to execute code under the privileges of the application.

  • Vulnerability in Reliable Controls' Equipment (19 Dec 2019)

    Cross-site Scripting vulnerability has been discovered in Reliable Controls' Equipment- MACH-ProWebCom/Sys. Successful exploitation of this vulnerability could allow an attacker to execute commands on behalf of the affected user.

  • Vulnerability in Omron's Equipment (19 Dec 2019)

    Use of Obsolete Function vulnerability has been discovered in Omron's Equipment- CX-Supervisor. Successful exploitation of this vulnerability could result in information disclosure, total compromise of the system, and system unavailability.

  • Vulnerability in AVEVA's and Schneider Electric's Equipment (19 Dec 2019)

    Stack-based Buffer Overflow vulnerability has been discovered in AVEVA's and Schneider Electric's Equipments. The IEC870IP driver for AVEVA’s Vijeo Citect and Citect SCADA and Schneider Electric’s Power SCADA Operation has a buffer overflow vulnerability that could result in a server-side crash.

  • Microsoft's CVE - KB Correlation (19 Dec 2019)

    List of knowledge base articles ID’s associated with the CVEs for the security updates released by Microsoft for December 2019.

  • Multiple vulnerabilities in Drupal (18 Dec 2019)

    Multiple vulnerabilities were identified in Drupal that could allow a local attacker to overwrite arbitrary files, gain unauthorised access, and reduce security. Also it could allow a remote attacker to trigger denial of service on the targeted system.

  • Microsoft SharePoint Server Information Disclosure vulnerability (17 Dec 2019)

    An information disclosure vulnerability exists in SharePoint Server. An attacker can exploit this vulnerability to read arbitrary files on the server.

  • Google releases security updates for Chrome (17 Dec 2019)

    Google has released security updates for Chrome version 79.0.3945.88 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.

  • Vulnerability in Joomla! (17 Dec 2019)

    A vulnerability has been discovered in Joomla! CMS versions 2.5.0 - 3.9.13. The lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors. An attacker could exploit this vulnerability to trigger unauthorised access and execute arbitrary code on the targeted system.

  • Vulnerability Summary (16 Dec 2019)

    Summary of vulnerabilities for the week of Dec 09, 2019.

  • WordPress releases security and maintenance updates (13 Dec 2019)

    WordPress 5.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.

  • Vulnerability in Philips' Equipment (12 Dec 2019)

    Inadequate Encryption Strength vulnerability has been discovered in Philips' Equipment- IntelliBridge EC40 and EC80. Successful exploitation of this vulnerability may allow an attacker unauthorized access to the IntelliBridge EC40/80 hub and may allow access to execute software, modify system configuration, or view/update files, including unidentifiable patient data.

  • Uncontrolled Resource Consumption vulnerability in Programmable Logic Controllers (12 Dec 2019)

    Uncontrolled Resource Consumption vulnerability has been discovered in ABB, Phoenix Contact, Schneider Electric, Siemens and WAGO's Equipment- Programmable Logic Controllers. High network load can consume CPU power in such a way that the normal operation of the device can be affected; that is, the configured cycle time can be influenced.

  • Vulnerability in Advantech's Equipment (12 Dec 2019)

    Stack-based Buffer Overflow vulnerability has been discovered in Advantech's Equipment- DiagAnywhere Server. Successful exploitation of this vulnerability may allow remote code execution.

  • Multiple vulnerabilities in Symantec Messaging Gateway (11 Dec 2019)

    Symantec Messaging Gateway has multiple vulnerabilities such as security-bypass, privilege-escalation and cross-site scripting. Attackers could exploit these vulnerabilities to bypass certain security restrictions and perform unauthorized actions, gain elevated privileges and execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.

  • Adobe releases security updates (10 Dec 2019)

    Adobe has released security updates to address vulnerabilities in multiple Adobe products- Adobe Acrobat and Reader, Photoshop CC, ColdFusion, and Brackets. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Google releases security updates for Chrome (10 Dec 2019)

    Google has released security updates for Chrome version 79.0.3945.79 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

  • Microsoft releases December 2019 security updates (10 Dec 2019)

    Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Multiple vulnerabilities in Interpeak's Equipments (10 Dec 2019)

    Multiple vulnerabilities such as Stack-based Buffer Overflow, Heap-based Buffer Overflow, Integer Underflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Race Condition, Argument Injection, and Null Pointer Dereference have been discovered in different Equipments- OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by Wind River. Successful exploitation of these vulnerabilities could allow remote code execution.

  • Multiple vulnerabilities in Siemens' Equipments (10 Dec 2019)

    Multiple vulnerabilities have been discovered in multiple products of Siemens. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Apple releases multiple security updates (10 Dec 2019)

    Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Samba releases security updates (10 Dec 2019)

    Samba has released security updates to address vulnerabilities in multiple versions. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Intel releases security updates (10 Dec 2019)

    Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges.

  • Multiple vulnerabilities in OpenJDK (07 Dec 2019)

    Multiple vulnerabilities have been discovered in OpenJDK. Successful exploitation of these vulnerabilities could allow an attacker to trigger denial of service, sandbox bypass, information disclosure or the execution of arbitrary code.

  • Multiple vulnerabilities in Weidmueller's Equipment (05 Dec 2019)

    Multiple vulnerabilities such as Improper Restriction of Excessive Authentication Attempts, Uncontrolled Resource Consumption, Missing Encryption of Sensitive Data, Unprotected Storage of Credentials, and Predictable from Observable State have been discovered in Weidmueller's Equipment- Industrial Ethernet Switches. Successful exploitation of these vulnerabilities could allow a remote attacker to gain unauthorized access to the device, affecting the confidentiality, integrity, and availability of the device the attacker is targeting.

  • Vulnerability in Thales DIS' Equipment (05 Dec 2019)

    Link Following vulnerability has been discovered in Thales DIS' Equipment- SafeNet Sentinel LDK License Manager Runtime. Successful exploitation of this vulnerability could allow a local attacker to escalate privileges.

  • VMware releases security updates for ESXi and Horizon DaaS (05 Dec 2019)

    VMware has released security updates to address a vulnerability in ESXi and Horizon DaaS. An attacker could exploit this vulnerability to take control of an affected system.

  • Multiple vulnerabilities in Squid (04 Dec 2019)

    Multiple vulnerabilities have been discovered in Squid. A remote attacker could exploit these vulnerabilities to cause denial of service, provide misleading information, unauthorized access and reduced security in the targeted system.

  • Vulnerability in HAProxy (04 Dec 2019)

    Execution of arbitrary code vulnerability has been discovered in HAProxy. An attacker could exploit this vulnerability to take control of an affected system.

  • Multiple vulnerabilities in PAN-OS (04 Dec 2019)

    Multiple vulnerabilities have been discovered in PAN-OS. An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser.

  • Multiple vulnerabilities in Libonig (04 Dec 2019)

    Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.

  • Multiple vulnerabilities in Red Hat Kernel (03 Dec 2019)

    Multiple vulnerabilities have been identified in Red Hat Kernel, a remote attacker could exploit some of these vulnerabilities to trigger denial of service, remote code execution and sensitive information disclosure in the targeted system.

  • Microsoft releases security advisory for Windows Hello for Business (03 Dec 2019)

    Microsoft has released a security advisory to address an issue in Windows Hello for Business (WHfB). An attacker could exploit this issue on devices that were affected by CVE-2017-15361, also known as Return of Coppersmith’s Attack (ROCA), to take control of an affected system.

  • StrandHogg vulnerability affects Android (03 Dec 2019)

    StrandHogg vulnerability allows real-life malware to pose as legitimate apps, with users unaware they are being targeted. An attacker can ask for access to any permission, including SMS, photos, microphone, and GPS, allowing them to read messages, view photos, eavesdrop, and track the victim’s movements.

  • Vulnerability Summary (02 Dec 2019)

    Summary of vulnerabilities for the week of Nov 25, 2019.

  • Multiple vulnerabilities in Asterisk (30 Nov 2019)

    Multiple vulnerabilities have been identified in Asterisk, a remote attacker could exploit some of these vulnerabilities to trigger denial of service on the targeted system.

  • Multiple vulnerabilities in Fortinet products (29 Nov 2019)

    Multiple vulnerabilities have been identified in Fortinet products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service on the targeted system.

  • Multiple vulnerabilities in Vino (29 Nov 2019)

    Multiple vulnerabilities have been identified in the VNC code of Vino. A remote attacker could exploit some of these vulnerabilities to trigger denial of service and access privileged data on the targeted system.

  • Multiple vulnerabilities in SSVNC (29 Nov 2019)

    Multiple vulnerabilities have been identified in the VNC code of SSVNC. A remote attacker could exploit some of these vulnerabilities to trigger denial of service, access privileged data and execute arbitrary code on the targeted system.

  • Multiple vulnerabilities in Red Hat JBoss Enterprise Application (27 Nov 2019)

    Multiple vulnerabilities have been identified in Red Hat JBoss Enterprise Application Platform, a remote attacker could exploit some of these vulnerabilities to trigger denial of service and elevation of privilege on the targeted system.

  • TP-Link TL-WR841N vulnerability (26 Nov 2019)

    Remote Exploitation vulnerability was identified in TP-Link TL-WR841N, an attacker may be able to decrypt the router’s configuration file and take control of the router only if the attacker is locally connected and has administrator authority.

  • Improper Input Validation vulnerability in ABB's Equipment (26 Nov 2019)

    Improper Input Validation vulnerability has been discovered in ABB's Equipment- Relion 650 and 670 Series. Successful exploitation of this vulnerability may allow an attacker to reboot the device, causing a denial of service.

  • Path Traversal vulnerability in ABB's Equipment (26 Nov 2019)

    Path Traversal vulnerability has been discovered in ABB's Equipment- Relion 670 Series. Successful exploitation of this vulnerability may allow an attacker to read and delete files on the device.

  • Redmine vulnerabilities (26 Nov 2019)

    It has been discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. It has also been discovered that an SQL injection could allow users to access protected information via a crafted object query.

  • IBM WebSphere Application vulnerability (25 Nov 2019)

    A vulnerability has been identified in Apache Commons Beanutils that is used by WebSphere Application Server, a remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

  • Kaspersky products multiple vunerabilities (25 Nov 2019)

    Multiple vulnerabilities have been identified in Kaspersky products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service, security restriction bypass and information disclosure on the targeted system.

  • Vulnerability Summary (25 Nov 2019)

    Summary of vulnerabilities for the week of Nov 18, 2019.

  • Multiple vulnerabilities in Flexera's Equipment (19 Nov 2019)

    Multiple vulnerabilities such as Improper Input Validation, Memory Corruption have been discovered in Flexera's Equipment- FlexNet Publisher. These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product. The memory corruption vulnerability could allow remote code execution.

  • Microsoft releases Outlook for android security update (19 Nov 2019)

    Microsoft has released an update to address a vulnerability in Outlook for Android. An attacker could exploit this vulnerability to take control of an affected system.

  • Microsoft's CVE - KB Correlation (18 Nov 2019)

    List of knowledge base articles ID’s associated with the CVEs for the security updates released by Microsoft for November 2019.

  • Vulnerability in ABB's Equipment (14 Nov 2019)

    Vulnerability such as Authentication Bypass Using an Alternate Path or Channel has been discovered in ABB's Equipment- Power Generation Information Manager (PGIM) and Plant Connect. Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication and extract credentials from the device.

  • Vulnerability in Omron's Equipment (14 Nov 2019)

    Vulnerability such as Use of Obsolete Function has been discovered in Omron's Equipment- CX-Supervisor. Successful exploitation of this vulnerability could result in information disclosure, total compromise of the system, and system unavailability.

  • Vulnerability in Philips' Equipment (14 Nov 2019)

    Vulnerability such as Inadequate Encryption Strength has been discovered in Philips' Equipment- IntelliBridge EC40 and EC80. Successful exploitation of this vulnerability may allow an attacker unauthorized access to the IntelliBridge EC40/80 hub and may allow access to execute software, modify system configuration, or view/update files, including unidentifiable patient data.

  • Microsoft releases November 2019 security updates (12 Nov 2019)

    Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Intel releases security updates (12 Nov 2019)

    Intel has released security updates to address vulnerabilities in multiple products.

  • Adobe releases security updates (12 Nov 2019)

    Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • VMware releases security updates (12 Nov 2019)

    VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Multiple vulnerabilities in Siemens' Equipment (12 Nov 2019)

    Multiple vulnerabilities such as Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Exposed Dangerous Method or Function, and Improper Input Validation were discovered in Siemens' Equipments- Industrial Products, SINAMICS, S7-1200 CPU, Mentor Nucleus Networking Module, and PROFINET Devices. Successful exploitation of these vulnerabilities could cause denial-of-service condition, expose additional diagnostic functionality to an attacker with physical access to the UART interface during boot process, and could allow an attacker to affect the integrity and availability of the device.

  • Multiple vulnerabilities in NVIDIA (06 Nov 2019)

    Multiple vulnerabilities have been discovered in NVIDIA Windows GPU display driver and GeForce Experience (GFE) software which could allow a local attacker to execute arbitrary code, obtain sensitive information, obtain elevated privileges and cause denial of service on the targeted system.

  • Cisco products multiple vulnerabilities (06 Nov 2019)

    Multiple vulnerabilities were identified in Cisco products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, cross-site scripting and bypass security restriction on the targeted system.

  • Red Hat Kernel multiple vulnerabilities (05 Nov 2019)

    Multiple vulnerabilities were identified in Red Hat Kernel, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, disclose sensitive information on the targeted system.

  • Untrusted Search Path vulnerability in Omron's Equipment (05 Nov 2019)

    Untrusted Search Path vulnerability has been discovered in Omron's Equipment- Network Configurator for DeviceNet. Successful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution under the privileges of the application.

  • Multiple vulnerabilities in Interpeak's Equipments (05 Nov 2019)

    Multiple vulnerabilities such as Stack-based Buffer Overflow, Heap-based Buffer Overflow, Integer Underflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Race Condition, Argument Injection, and Null Pointer Dereference have been discovered in different Equipments- OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by Wind River. Successful exploitation of these vulnerabilities could allow remote code execution.

  • Vulnerability in Omron's Equipment (05 Nov 2019)

    Use of Obsolete Function vulnerability has been discovered in Omron's Equipment- CX-Supervisor. Successful exploitation of this vulnerability could result in information disclosure, total compromise of the system, and system unavailability.

  • Android multiple vulnerabilities (04 Nov 2019)

    Multiple vulnerabilities were identified in Android, a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, sensitive information disclosure and remote code execution on the targeted system.

  • Multiple vulnerabilities in IBM Java Runtime (04 Nov 2019)

    Multiple vulnerabilities have been discovered in IBM Runtime Environment Java Versions 7 and 8 used by IBM Rational ClearCase on the AIX platform.

  • Security advisory for malware QSnatch (01 Nov 2019)

    The QSnatch malware is reportedly being used to target QNAP NAS devices. A remote attacker could trigger remote code execution, tampering, sensitive information disclosure and bypass security restriction on the targeted devices.

  • Microsoft's CVE - KB Correlation ( 31 Oct 2019)

    List of knowledge base articles ID’s associated with the CVEs for the security updates released by Microsoft for October 2019.

  • Google releases security updates for Chrome (31 Oct 2019)

    Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) was detected in exploits in the wild.

  • Multiple vulnerabilities in Advantech's Equipment (31 Oct 2019)

    Multiple vulnerabilities such as Path Traversal, Missing Authorization, Improper Restriction of XML External Entity Reference, and SQL Injection have been discovered in Advantech's Equipment- WISE-PaaS/RMM. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, and compromise system availability.

  • MS-ISAC releases EOS software report list (30 Oct 2019)

    USA's Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an end-of-support (EOS) software report list. Software that has reached its EOS date no longer receives security updates and patches from the vendor and is susceptible to exploitation from security vulnerabilities.

  • Apple releases security updates (30 Oct 2019)

    Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Vulnerability in IBM's Equipment (29 Oct 2019)

    Denial of service vulnerability has been discovered in IBM's Equipment- Liberty. Apache Commons Compress is vulnerable to a denial of service, caused by an error in the internal file name encoding algorithm. By persuading a victim to open specially crafted ZIP archive containing malicious input, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.

  • Vulnerability in Phoenix Contact's Equipment (29 Oct 2019)

    Improper Input Validation vulnerability has been discovered in Phoenix Contact's Equipment- Automation Worx Software Suite. Successful exploitation of this vulnerability could compromise the integrity, availability, or confidentiality of an application programming workstation. Automated systems programmed using one of the affected products are not impacted.

  • Samba releases security updates (29 Oct 2019)

    Team Samba has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to obtain sensitive information.

  • MS-ISAC releases advisory on PHP vulnerabilities (28 Oct 2019)

    USA's Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple PHP vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Microsoft reports new cyberattacks targeting sporting and anti-doping organizations (28 Oct 2019)

    Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center (MSTIC) routinely tracks malicious activity originating from the Russian advanced persistent threat (APT) group 28, also known as Fancy Bear, STRONTIUM, Swallowtail, Sofacy, Sednit, and Zebrocy. According to Microsoft, APT28 is targeting sporting and anti-doping organizations using spearphishing, password spraying, fake Microsoft internet domains, as well as open-source and custom malware to exploit internet-connected devices.

  • Vulnerability Summary (28 Oct 2019)

    Summary of vulnerabilities for the week of Oct 21, 2019.

  • ACSC releases advisory on Emotet Malware Campaign (25 Oct 2019)

    The Australian Cyber Security Centre (ACSC) has released an advisory on an ongoing, widespread Emotet malware campaign. Emotet is a Trojan commonly spread via malicious email attachments that attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. ACSC provides indicators of compromise and recommendations to help organizations defend against Emotet malware.

  • Vulnerability in Philips' Equipment (24 Oct 2019)

    Exposure of Resource to Wrong Sphere vulnerability has been discovered in Philips' Equipment- IntelliSpace Perinatal. Successful exploitation of this vulnerability may allow an attacker unauthorized access to system resources, including access to execute software or to view/update files, directories, or system configuration. This could impact confidentiality and integrity of the system and application.

  • Multiple vulnerabilities in Rittal's Equipment (24 Oct 2019)

    Multiple vulnerabilities such as Missing Authentication for Critical Function, and Use of Hard-coded Credentials have been discovered in Rittal's Equipment- Rittal Chiller SK 3232-Series. Successful exploitation of these vulnerabilities could disrupt the primary operations of the affected component, shut down cooling to other equipment, and allow changes to the temperature set point.

  • Vulnerability in Honeywell's Equipment (24 Oct 2019)

    Missing Authentication for Critical Function vulnerability has been discovered in Honeywell's Equipment- IP-AK2. Successful exploitation of this vulnerability could allow an attacker to download configuration files directly through a URL without authentication, exposing configuration and authorized visitor information.

  • Multiple vulnerabilities in Moxa's Equipment (24 Oct 2019)

    Multiple vulnerabilities such as Classic Buffer Overflow, Cross-site Request Forgery, Cross-site Scripting, Improper Access Controls, Improper Restriction of Excessive Authentication Attempts, Missing Encryption of Sensitive Data, Out-of-bounds Read, Unprotected Storage of Credentials, Predictable from Observable State, and Uncontrolled Resource Consumption have been discovered in Moxa's Equipment- IKS, and EDS. Successful exploitation of these vulnerabilities could allow the reading of sensitive information, remote code execution, arbitrary configuration changes, authentication bypass, sensitive data capture, reboot of the device, device crash, or full compromise of the device.

  • Multiple D-Link routers vulnerable to remote command execution (23 Oct 2019)

    Multiple D-Link routers are vulnerable to unauthenticated remote command execution. D-Link no longer provides support to the affected end-of-life devices, and updates will not be made available.

  • Mozilla releases security update for Thunderbird (22 Oct 2019)

    Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Mozilla releases security updates for Firefox and Firefox ESR (22 Oct 2019)

    Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Google releases security updates for Chrome (22 Oct 2019)

    Google has released Chrome version 78.0.3904.70 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

  • Multiple vulnerabilities in Schneider Electric's Equipment (22 Oct 2019)

    Multiple vulnerabilities such as Code Injection, Improper Restriction of Operations within the Bounds of a Memory Buffer, and Uncontrolled Search Path Element have been discovered in Schneider Electric's Equipment- Proclima. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system.

  • FTC releases an article warning consumers of Stalking Apps (22 Oct 2019)

    The Federal Trade Commission (FTC) has released an article warning consumers of “stalking apps”, a spyware that secretly monitors smartphones. These apps can share information like call history, text messages, photos, GPS locations, and browser history without the user's knowledge. Although this can be a useful tool, stalking apps can also be used maliciously.

  • FBI releases article on defending against E-Skimming (22 Oct 2019)

    The Federal Bureau of Investigation (FBI) has released an article to raise awareness on e-skimming threats. E-skimming occurs when an attacker injects malicious code onto a website to capture credit or debit card data or personally identifiable information (PII).

  • Vulnerability Summary (21 Oct 2019)

    Summary of vulnerabilities for the week of Oct 14, 2019.

  • Microsoft Ending Support for Windows 7 and Windows Server 2008 R2 (17 Oct 2019)

    On January 14, 2020, Microsoft will be ending the extended support for their Windows Server 2008 R2 and Windows 7 operating systems. After this date, both these products will not receive any free technical support, or software and security updates.

  • Multiple vulnerabilities in Pulse Secure VPN (16 Oct 2019)

    Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS). This includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway.

  • VMware releases security update for Harbor Container Registry for PCF (15 Oct 2019)

    VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry (PCF). An attacker could exploit this vulnerability to take control of an affected system.

  • Google releases security updates for Chrome (10 Oct 2019)

    Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

  • Multiple vulnerabilities in Philips' Equipment (10 Oct 2019)

    Multiple vulnerabilities such as Execution with Unnecessary Privileges, Exposure of Resource to Wrong Sphere and Use of Hard-coded Credentials have been discovered in Philips' Equipment- Brilliance CT Scanners and MX8000 Dual EXP. Successful exploitation of these vulnerabilities may allow an attacker to attain elevated privileges and access unauthorized system resources.

  • Multiple vulnerabilities in Interpeak's multiple Equipments (10 Oct 2019)

    Multiple vulnerabilities such as Stack-based Buffer Overflow, Heap-based Buffer Overflow, Integer Underflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Race Condition, Argument Injection and Null Pointer Dereference have been discovered in different Equipments- OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by Wind River. Successful exploitation of these vulnerabilities could allow remote code execution.

  • Juniper Networks releases security updates (09 Oct 2019)

    Juniper Networks has released security updates addressing multiple vulnerabilities in various Juniper products. These vulnerabilities could be exploited by a remote attacker to take control of an affected system.

  • Critical vulnerability in macOS terminal emulator iTerm2 (09 Oct 2019)

    A critical security vulnerability has been discovered in the macOS terminal emulator iTerm2. All users of iTerm2 should update immediately to the latest version (3.3.6).

  • ACSC has released a cybersecurity guide for small businesses (09 Oct 2019)

    The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide for small businesses. This guide provides checklists to help small businesses to protect themselves against common cyber attacks.

  • Siemens releases security advisories (08 Oct 2019)

    Siemens has released security updates to address vulnerabilities affecting multiple Siemens products.

  • Vulnerability in SMA Solar Technology AG's Equipment (08 Oct 2019)

    Cross-Site Request Forgery (CSRF) vulnerability has been discovered in SMA Solar Technology AG's Equipment- Sunny WebBox. Successful exploitation of this vulnerability could allow an attacker to generate a denial-of-service condition, modify passwords, enable services, achieve man-in-the-middle, and modify input parameters associated with devices such as sensors.

  • Use of Hard-coded Cryptographic Key vulnerability in Siemens' Equipment (08 Oct 2019)

    A vulnerability Use of Hard-coded Cryptographic Key has been discovered in Siemens' Equipment- SIMATIC IT Unified Architecture Discrete Manufacturing (UADM). Successful exploitation of this vulnerability could allow an attacker to gain read and write access to the related TeamCenter station.

  • Uncontrolled Resource Consumption vulnerability in Siemens' Equipment (08 Oct 2019)

    A vulnerability Uncontrolled Resource Consumption has been discovered in Siemens' Equipment- SIMATIC WinAC RTX (F) 2010. Successful exploitation of this vulnerability could allow an attacker to perform a denial-of-service attack that could compromise the availability of the service provided by the software.

  • Multiple vulnerabilties in GE's Equipment (08 Oct 2019)

    Multiple vulnerabilties such as Improper Authorization, Use of Hard-coded Credentials has been discovered in GE's Equiopment- Mark VIe Controller. Successful exploitation of these vulnerabilities could allow an attacker to create read/write/execute commands within the Mark VIe control system.

  • FBI releases article on Defending Against Phishing and Spear-phishing Attacks (08 Oct 2019)

    The Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.

  • Intel releases security updates for Intel NUC (08 Oct 2019)

    Potential security vulnerabilities in system firmware for Intel NUC may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities.

  • Intel releases security updates on Smart Connect Technology for Intel NUC (08 Oct 2019)

    A potential security vulnerability in Intel Smart Connect Technology for Intel NUC may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and is issuing a Product Discontinuation notice for Intel Smart Connect Technology for Intel NUC.

  • Intel releases security updates on Active System Console (08 Oct 2019)

    Intel has released security updates to address vulnerability in Intel Active System Console for Intel Server Boards and Systems that may allow an escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability.

  • Microsoft releases October 2019 security updates (08 Oct 2019)

    Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

  • Vulnerability Summary (07 Oct 2019)

    Summary of vulnerabilities for the week of Sep 30, 2019.

  • Apple releases security updates (07 Oct 2019)

    Apple has released security updates to address vulnerabilities in iCloud for Windows 10.7. Processing a maliciously crafted text file may lead to arbitrary code execution.

  • NSA releases advisory on mitigating recent VPN vulnerabilities (07 Oct 2019)

    The National Security Agency has released an advisory on advanced persistent threat (APT) actors that exploits multiple vulnerabilities in VPN applications. A remote attacker could exploit these vulnerabilities to take control of an affected system.

  • Microsoft reports cyberattacks on targeted email accounts (04 Oct 2019)

    The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus, that exploits the account recovery features to take control of targeted email accounts.

  • IC3 issues alert on ransomware (04 Oct 2019)

    The Internet Crime Complaint Center (IC3) has observed an increase in ransomware attacks across the world. They often infect organizations through email phishing or exploiting vulnerabilities in software or Remote Desktop Protocol (RDP).

  • NCSC releases Fact Sheet on DNS Monitoring (02 Oct 2019)

    The Dutch National Cyber Security Centre (NCSC) has released a fact sheet on the increasing difficulty of Domain Name System (DNS) monitoring.

  • Multiple vulnerabilities in Moxa's Equipment (02 Oct 2019)

    Multiple vulnerabilities such as Improper Input Validation, Improper Access have been discovered in Moxa's Equipment- EDR 810. Successful exploitation of these vulnerabilities could allow remote code execution or access to sensitive information.

  • Vulnerabilities exploited in multiple VPN applications (02 Oct 2019)

    The UK National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors that exploits the vulnerabilities in the VPN applications.

  • Cisco releases security updates (02 Oct 2019)

    Cisco ASA, FMC, and FTD Software Security Advisory Collection includes 10 Cisco Security Advisories that describe 18 vulnerabilities in Cisco ASA Software, Cisco FMC Software, and Cisco FTD Software.

  • Vulnerability in multiple equipments of Yokogawa (01 Oct 2019)

    Unquoted Search Path or Element vulnerability has been discovered in different equipments of Yokogawa- Exaopc, Exaplog, Exaquantum, Exasmoc, Exarqe, GA10, and InsightSuiteAE. Successful exploitation of this vulnerability could allow a local attacker to execute malicious files.

  • Vulnerability in AVEVA's Equipment (30 May 2019)

    Insufficiently Protected Credentials vulnerability has been discovered in AVEVA's Equipment- Vijeo Citect and CitectSCADA. Successful exploitation of this vulnerability could allow a locally authenticated user to obtain Citect user credentials.

  • Multiple vulnerabilities in Emerson's Equipment (28 May 2019)

    Multiple vulnerabilities such as Stack-based Buffer Overflow, Heap-based Buffer Overflow have been discovered in Emerson's Equipment- Ovation OCR400 Controller. Successful exploitation of these vulnerabilities may allow privilege escalation or remote code execution, or it may halt the controller.

  • Vulnerability Summary (27 May 2019)

    Summary of vulnerabilities for the Week of May 20, 2019.

  • Multiple vulnerabilities in Computrols' Equipment (21 May 2019)

    Multiple vulnerabilities such as Cross-site Request Forgery, Information Exposure Through Discrepancy, Cross-site Scripting, Command Injection, Information Exposure Through Source Code, Use of Hard-coded Cryptographic Key, SQL Injection, Authentication Bypass Using an Alternate Path or Channel, Inadequate Encryption Strength have been discovered in Computrols' Equipment- CBAS Web. Successful exploitation of these vulnerabilities could allow unauthorized actions with administrative privileges, disclosure of sensitive information, execution of code within a user’s browser, execution of unauthorized OS commands, unauthorized access to the database, execution of unauthorized SQL commands, authentication bypass, or decryption of passwords.

  • Vulnerability in Mitsubishi Electric's Equipment (21 May 2019)

    Uncontrolled Resource Consumption vulnerability has been discovered in Mitsubishi Electric's Equipment- MELSEC-Q series Ethernet module. Successful exploitation of this vulnerability may render the device unresponsive, requiring a physical reset of the PLC (Programmable Logic Controller).

  • Vulnerability Summary (20 May 2019)

    Summary of vulnerabilities for the Week of May 13, 2019.

  • Vulnerability in Schneider Electric's Equipment (16 May 2019)

    Use of Insufficiently Random Values vulnerability has been discovered in Schneider Electric's Equipment- Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum. Successful exploitation of this vulnerability could allow an attacker to hijack TCP connections or cause information leakage.

  • Vulnerability in Fuji Electric's Equipment (16 May 2019)

    Out-of-bounds Read vulnerability has been discovered in Fuji Electric's Equipment- Alpha7 PC Loader. Successful exploitation of this vulnerability could crash the device.

  • Vulnerability in Omron's Equipment (14 May 2019)

    Untrusted Search Path vulnerability has been discovered in Omron's Equipment- Network Configurator for DeviceNet. Successful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution under the privileges of the application.

  • Vulnerability in Siemens' SIMATIC WinCC and SIMATIC PCS 7 Equipment (14 May 2019)

    Missing Authentication for Critical Function vulnerability has been discovered in Siemens' Equipment- SIMATIC WinCC and SIMATIC PCS 7. Successful exploitation of this vulnerability could allow an unauthenticated attacker with access to the affected devices to execute arbitrary code.

  • Vulnerability in Siemens' LOGO! Soft Comfort Equipment (14 May 2019)

    Deserialization of Untrusted Data vulnerability has been discovered in Siemens' Equipment- LOGO! Soft Comfort. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code if the attacker tricks a legitimate user into opening a manipulated project.

  • Multiple vulnerabilities in Siemens' LOGO!8 BM Equipment (14 May 2019)

    Multiple vulnerabilities such as Missing Authentication for Critical Function, Improper Handling of Extra Values, Plaintext Storage of a Password have been discovered in Siemens' Equipment- LOGO!8 BM. Successful exploitation of these vulnerabilities could allow device reconfiguration, access to project files, decryption of files, and access to passwords.

  • Uncontrolled Resource Consumption vulnerability in Siemens' Equipment (14 May 2019)

    Uncontrolled Resource Consumption vulnerability has been discovered in Siemens' Equipment- SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II. Successful exploitation of this vulnerability could allow an attacker with access to the Ethernet Modbus Interface to cause a denial-of-service condition exceeding the number of available connections.

  • Improper Input Validation vulnerability in Siemens' Equipment (14 May 2019)

    Improper Input Validation vulnerability has been discovered in Siemens' Equipment- SINAMICS PERFECT HARMONY GH180 Fieldbus Network. Successful exploitation of this vulnerability could cause a denial-of-service condition.

  • Multiple vulnerabilities in Siemens' SCALANCE W1750D Equipment (14 May 2019)

    Multiple vulnerabilities such as Command Injection, Information Exposure, Cross-site Scripting have been discovered in Siemens' Equipment- SCALANCE W1750D. Successful exploitation of these vulnerabilities could allow an attacker execute arbitrary commands within the underlying operating system, discover sensitive information, take administrative actions on the device, or expose session cookies for an administrative session.

  • Multiple vulnerabilities in Siemens' Equipment- SIMATIC PCS 7, WinCC Runtime Professional, WinCC (TIA Portal) (14 May 2019)

    Multiple vulnerabilities such as SQL Injection, Uncaught Exception, Exposed Dangerous Method have been discovered in Siemens' Equipment- SIMATIC PCS 7, WinCC Runtime Professional, WinCC (TIA Portal). Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary commands on the affected system.

  • Multiple vulnerabilities in Siemens' Equipment (14 May 2019)

    Multiple vulnerabilities such as Use of Hard-coded Credentials, Insufficient Protection of Credentials, Cross-site Scripting have been discovered in Siemens' Equipment- SIMATIC WinCC Runtime Advanced, WinCC Runtime Professional, WinCC (TIA Portal); HMI Panels. Successful exploitation of these vulnerabilities could allow an attacker with network access to the device to read/write variables via SNMP.

  • Vulnerability Summary (13 May 2019)

    Summary of vulnerabilities for the Week of May 06, 2019.

  • Vulnerability Summary (06 May 2019)

    Summary of vulnerabilities for the Week of April 29, 2019.

  • Multiple vulnerabilities in Sierra Wireless' Equipment (02 May 2019)

    Multiple vulnerabilities such as OS Command Injection, Use of Hard-coded Credentials, Unrestricted Upload of File with Dangerous Type, Cross-site Scripting, Cross-site Request Forgery, Information Exposure, Missing Encryption of Sensitive Data have been discovered in Sierra Wireless' Equipment- AirLink ALEOS. Successful exploitation of these vulnerabilities could allow attackers to remotely execute code, discover user credentials, upload files, or discover file paths.

  • Multiple vulnerabilities in General Electric's Equipment (02 May 2019)

    Multiple vulnerabilities such as Uncontrolled Search Path, Use of Hard-coded Credentials, Improper Access Controls have been discovered in General Electric's Equipment- Communicator. Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges, manipulate widgets and UI elements, gain control over the database, or execute administrative commands.

  • Multiple vulnerabilities in Orpak's Equipment (02 May 2019)

    Multiple vulnerabilities such as Use of Hard-coded Credentials, Cross-site Scripting, SQL Injection, Missing Encryption of Sensitive Data, Code Injection, Stack-based Buffer Overflow have been discovered in Orpak's Equipment- SiteOmat. Successful exploitation of these vulnerabilities could result in arbitrary remote code execution resulting in possible denial-of-service conditions and unauthorized access to view and edit monitoring, configuration, and payment information.

  • Vulnerability in Rockwell Automation's Equipment (28 Mar 2019)

    Resource Exhaustion vulnerability has been discovered in Rockwell Automation's Equipment- PowerFlex 525 AC Drives. Successful exploitation of this vulnerability could result in resource exhaustion, denial of service, and/or memory corruption.

  • Vulnerability in ENTTEC's Equipment (26 Mar 2019)

    Missing Authentication for Critical Function vulnerability has been discovered in ENTTEC's Equipment- Datagate MK2, Storm 24, Pixelator. Successful exploitation of this vulnerability could reboot this device allowing a continual denial of service condition.

  • Vulnerability in Phoenix Contact's Equipment (26 Mar 2019)

    Command Injection vulnerability has been discovered in Phoenix Contact's Equipment- RAD-80211-XD. Successful exploitation of this vulnerability could allow an attacker to execute system level commands with administrative privileges.

  • Vulnerability in Siemens' Equipment (26 Mar 2019)

    Expected Behavior Violation vulnerability has been discovered in Siemens' Equipment- SCALANCE X. Successful exploitation of this vulnerability could allow an attacker to feed data over a mirror port and into the mirrored network.

  • Vulnerability Summary (25 Mar 2019)

    Summary of vulnerabilities for the Week of March 18, 2019.

  • Multiple vulnerabilities in Medtronic's Equipment (21 Mar 2019)

    Multiple vulnerabilities such as Improper Access Control, Cleartext Transmission of Sensitive Information have been discovered in Medtronic's Equipment- MyCareLink Monitor, CareLink Monitor, CareLink 2090 Programmer, specific Medtronic implanted cardiac devices. Successful exploitation of these vulnerabilities may allow an attacker with adjacent short-range access to one of the affected products to interfere with, generate, modify, or intercept the radio frequency (RF) communication of the Medtronic proprietary Conexus telemetry system, potentially impacting product functionality and/or allowing access to transmitted sensitive data.

  • Vulnerability in AVEVA's Equipment (19 Mar 2019)

    Uncontrolled Search Path Element vulnerability has been discovered in AVEVA's Equipment- InduSoft Web Studio, InTouch Edge HMI. Successful exploitation of this vulnerability could allow execution of unauthorized code or commands.

  • Multiple vulnerabilities in Columbia Weather Systems' Equipment (19 Mar 2019)

    Multiple vulnerabilities such as Cross-site Scripting, Path Traversal, Improper Authentication, Improper Input Validation, Code Injection have been discovered in Columbia Weather Systems' Equipment- Weather MicroServer. Successful exploitation of these vulnerabilities may allow disclosure of data, cause a denial-of-service condition, and allow remote code execution.

  • Vulnerability Summary (18 Mar 2019)

    Summary of vulnerabilities for the Week of March 11, 2019.

  • Vulnerability in PEPPERL+FUCHS's Equipment (14 Mar 2019)

    Path Traversal vulnerability has been discovered in PEPPERL+FUCHS's Equipment- WirelessHART-Gateways. Successful exploitation of this vulnerability could allow access to files and restricted directories stored on the device through the manipulation of file parameters.

  • Vulnerability in Gemalto's Equipment (14 Mar 2019)

    Uncontrolled Search Path Element vulnerability has been discovered in Gemalto's Equipment- Sentinel UltraPro. Successful exploitation of this vulnerability could allow execution of unauthorized code or commands.

  • Vulnerability in LCDS' Equipment (14 Mar 2019)

    Out-of-Bounds Write vulnerability has been discovered in LCDS' Equipment- LAquis SCADA. Successful exploitation of this vulnerability could allow remote code execution.

  • Multiple vulnerabilities in WIBU-SYSTEMS AG's Equipment (12 Mar 2019)

    Multiple vulnerabilities such as Information Exposure, Out-of-bounds Write, Heap-based Buffer Overflow have been discovered in WIBU-SYSTEMS AG's Equipment- WibuKey Digital Rights Management (DRM). Successful exploitation of these vulnerabilities may allow information disclosure, privilege escalation, or remote code execution.

  • Vulnerability Summary (11 Mar 2019)

    Summary of vulnerabilities for the Week of March 4, 2019.

  • Vulnerability in Rockwell Automation's Equipment (05 Mar 2019)

    Stack-based Buffer Overflow vulnerability has been discovered in Rockwell Automation's Equipment- RSLinx Classic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the target device.

  • Vulnerability Summary (04 Mar 2019)

    Summary of vulnerabilities for the Week of February 25, 2019.

  • Vulnerability in PSI GridConnect GmbH's Equipment (28 Feb 2019)

    Cross-site Scripting vulnerability has been discovered in PSI GridConnect GmbH's Equipment- Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy. Successful exploitation of this vulnerability could allow an attacker to execute dynamic scripts in the context of the application, which could allow cross-site scripting attacks.

  • Multiple vulnerabilities in Moxa's Equipment (26 Feb 2019)

    Multiple vulnerabilities such as Classic Buffer Overflow, Cross-site Request Forgery, Cross-site Scripting, Improper Access Controls, Improper Restriction of Excessive Authentication Attempts, Missing Encryption of Sensitive Data, Out-of-bounds Read, Unprotected Storage of Credentials, Predictable from Observable State, Uncontrolled Resource Consumption have been discovered in Moxa's Equipment- IKS, EDS. Successful exploitation of these vulnerabilities could allow the reading of sensitive information, remote code execution, arbitrary configuration changes, authentication bypass, sensitive data capture, reboot of the device, device crash, or full compromise of the device.

  • Vulnerability Summary (25 Feb 2019)

    Summary of vulnerabilities for the Week of February 18, 2019.

  • Vulnerability in Horner Automation's Equipment (19 Feb 2019)

    Improper Input Validation vulnerability has been discovered in Horner Automation's Equipment- Cscape. Successful exploitation of this vulnerability could crash the device being accessed, which may allow the attacker to read confidential information and remotely execute arbitrary code.

  • Vulnerability in Rockwell Automation's Equipment (19 Feb 2019)

    Cross-site Scripting and Authentication Bypass vulnerability have been discovered in Rockwell Automation's Equipment- Allen-Bradley PowerMonitor 1000. Successful exploitation of these vulnerabilities could allow a remote attacker to affect the confidentiality, integrity, and availability of the device.

  • Vulnerability in Delta Electronics' Equipment (19 Feb 2019)

    Out-of-bounds Read vulnerability has been discovered in Delta Electronics' Equipment- Delta Industrial Automation CNCSoft. Successful exploitation of this vulnerability could cause a buffer overflow condition that may allow information disclosure or crash the application.

  • Multiple vulnerabilities in Intel's Equipment (19 Feb 2019)

    Multiple vulnerabilities such as Improper Authentication, Protection Mechanism Failure, Permission Issues, Key Management Errors, Insufficient Control Flow Management have been discovered in Intel's Equipment- Data Center Manager SDK. Successful exploitation of these vulnerabilities may allow escalation of privilege, denial of service, or information disclosure.

  • Vulnerability Summary (18 Feb 2019)

    Summary of vulnerabilities for the Week of February 11, 2019.

  • Vulnerability in Pangea Communications' Equipment (14 Feb 2019)

    Authentication Bypass Using an Alternate Path or Channel vulnerability has been discovered in Pangea Communications' Equipment- Internet FAX Analog Telephone Adapter (ATA). Successful exploitation of this vulnerability could cause the device to reboot and create a continual denial-of-service condition.

  • Vulnerability in gpsd Open Source Project's Equipment (14 Feb 2019)

    Stack-based Buffer Overflow vulnerability has been discovered in Open Source Project's Equipment- gpsd, microjson. Successful exploitation of this vulnerability could allow remote code execution, data exfiltration, or denial-of service via device crash.

  • Vulnerability in OSIsoft's Equipment (12 Feb 2019)

    Cross-site Scripting vulnerability has been discovered in OSIsoft's Equipment- PI Vision. Successful exploitation of this vulnerability could allow an attacker to read and modify the contents of the PI Vision web page and data related to the PI Vision application in the victim’s browser.

  • Vulnerability in Siemens' EN100 Ethernet Communication Module and SIPROTEC 5 Relays Equipment (12 Feb 2019)

    Improper Input Validation vulnerability has been discovered in Siemens' Equipment- EN100 Ethernet Communication Module and SIPROTEC 5 Relays. The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by a security vulnerability that could allow an attacker to conduct a denial-of-service attack over the network.

  • Improper Input Validation vulnerability in Siemens' Equipment (12 Feb 2019)

    Improper Input Validation vulnerability has been discovered in Siemens' Equipment- WibuKey Digital Rights Management (DRM) used with SICAM 230. Successful exploitation of these vulnerabilities may allow information disclosure, privilege escalation, or remote code execution.

  • Vulnerability in Siemens' SIMATIC S7-300 CPU Equipment (12 Feb 2019)

    Improper Input Validation vulnerability has been discovered in Siemens' Equipment- SIMATIC S7-300 CPU. Successful exploitation of this vulnerability could crash the device being accessed, resulting in a denial-of-service condition.

  • Multiple vulnerabilities in Siemens' Intel AMT of SIMATIC IPCs Equipment(12 Feb 2019)

    Multiple vulnerabilities such as Cryptographic Issues, Improper Restriction of Operations within the Bounds of a Memory Buffer, Resource Management Errors have been discovered in Siemens' Equipment- Intel Active Management Technology (AMT) of SIMATIC IPCs. Successful exploitation of these vulnerabilities may allow arbitrary code execution, a partial denial-of-service condition, or information disclosure.

  • Multiple vulnerabilities in Siemens' CP1604 and CP1616 Equipment (12 Feb 2019)

    Multiple vulnerabilities such as Cleartext Transmission of Sensitive Information, Cross-site Scripting, Cross-site Request Forgery have been discovered in Siemens' Equipment- CP1604 and CP1616. Successful exploitation of these vulnerabilities could result in a denial-of-service condition and information exposure. An attacker could inject arbitrary JavaScript in a specially crafted URL request to execute on unsuspecting user’s systems, allowing an attacker to trigger actions via the web interface that a legitimate user is allowed to perform.

  • Vulnerability Summary (11 Feb 2019)

    Summary of vulnerabilities for the Week of February 4, 2019.

  • Vulnerability in Siemens' Equipment (07 Feb 2019)

    Improper Input Validation vulnerability has been discovered in Siemens' Equipment- EN100 Ethernet module. The EN100 Ethernet module for the SWT 3000 management platform is affected by security vulnerabilities that could allow an attacker to conduct a denial-of-service attack over the network.

  • Vulnerability in Siemens' Equipment (07 Feb 2019)

    Uncaught Exception vulnerability has been discovered in Siemens' Equipment- SICAM A8000 RTU. The SICAM A8000 RTU series is affected by a security vulnerability that could allow unauthenticated remote users to cause a denial-of-service condition on the web server of affected products.

  • Vulnerability in Kunbus' Equipment (05 Feb 2019)

    Multiple vulnerabilities such as Improper Authentication, Missing Authentication for Critical Function, Improper Input Validation have been discovered in Kunbus' Equipment- PR100088 Modbus gateway. Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution and/or cause a denial-of-service condition.

  • Vulnerability in Siemens' Equipment (05 Feb 2019)

    Improper Input Validation vulnerability has been discovered in Siemens' Equipment- SIMATIC S7-1500 CPU. Successful exploitation of these vulnerabilities could allow a denial of service condition of the device.

  • Vulnerability in WECON's Equipment (05 Feb 2019)

    Multiple vulnerabilities such as Stack-based Buffer Overflow, Heap-based Buffer Overflow, Memory Corruption have been discovered in WECON's Equipment- LeviStudioU. Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code.

  • Vulnerability in Rockwell Automation's Equipment (05 Feb 2019)

    Improper Input Validation vulnerability has been discovered in Rockwell Automation's Equipment- EtherNet/IP Web Server Modules. Successful exploitation of this vulnerability could allow a remote attacker to deny communication with Simple Network Management Protocol (SNMP) service.

  • Multiple vulnerabilities in AVEVA's Equipment (05 Feb 2019)

    Multiple vulnerabilities such as Missing Authentication for Critical Function, Resource Injection have been discovered in AVEVA's Equipment- InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition). Successful exploitation of these vulnerabilities could allow a remote attacker to execute an arbitrary process using a specially crafted database connection configuration file.

  • Vulnerability Summary (04 Feb 2019)

    Summary of vulnerabilities for the Week of January 28, 2019.

  • Multiple vulnerabilities in Schneider Electric's Equipment (31 Jan 2019)

    Multiple vulnerabilities such as Use of Hard-coded Credentials, Code Injection, SQL Injection have been discovered in Schneider Electric's Equipment- EVLink Parking. Successful exploitation of these vulnerabilities could allow an attacker to stop the device and prevent charging, execute arbitrary commands, and access the web interface with full privileges.

  • Multiple vulnerabilities in IDenticard's Equipment (31 Jan 2019)

    Multiple vulnerabilities such as Use of Hard-coded Credentials, Use of Hard-coded Password, Inadequate Encryption Strength have been discovered in IDenticard's Equipment- PremiSys. Successful exploitation of these vulnerabilities could allow an attacker to view sensitive information via backups, obtain access to credentials, and/or obtain full access to the system with admin privileges.

  • Global Positioning System Week Number Rollover Event (30 Jan 2019)

    Advisory on possible effects of the April 6, 2019 GPS Week Number Rollover on Coordinated Universal Time.

  • Vulnerability in AVEVA's Equipment (29 Jan 2019)

    Insufficiently Protected Credentials vulnerability has been discovered in AVEVA's Equipment- Wonderware System Platform. This vulnerability could allow unauthorized access to the credentials for the ArchestrA Network User Account.

  • Vulnerability in Mitsubishi Electric's Equipment (29 Jan 2019)

    Resource Exhaustion vulnerability has been discovered in Mitsubishi Electric's Equipment- MELSEC-Q series PLCs. Successful exploitation of this vulnerability could allow a remote attacker to send specially crafted packets to the device, causing Ethernet communication to stop.

  • Vulnerability in Yokogawa's Equipment (29 Jan 2019)

    Unrestricted Upload of Files with Dangerous Type vulnerability has been discovered in Yokogawa's Equipment- License Manager Service. Successful exploitation of this vulnerability could allow an attacker to remotely upload files, allowing execution of arbitrary code.

  • Vulnerability in BD's Equipment (29 Jan 2019)

    Improper Access Control vulnerability has been discovered in BD's Equipment- FACSLyric. Successful exploitation of this vulnerability may allow an attacker to gain unauthorized access to administrative level privileges on a workstation, which could allow arbitrary execution of commands.

  • Vulnerability in Stryker's Equipment (29 Jan 2019)

    Reusing a Nonce vulnerability has been discovered in Stryker's Equipment- Secure II MedSurg Bed, S3 MedSurg Bed, and InTouch ICU Bed. Successful exploitation of this vulnerability could allow data traffic manipulation, resulting in partial disclosure of encrypted communication or injection of data.

  • Vulnerability Summary (28 Jan 2019)

    Summary of vulnerabilities for the Week of January 21, 2019.

  • Multiple vulnerabilities in PHOENIX CONTACT's Equipment (24 Jan 2019)

    Multiple vulnerabilities such as Cross-site Request Forgery, Improper Restriction of Excessive Authentication Attempts, Cleartext Transmission of Sensitive Information, Resource Exhaustion, Incorrectly Specified Destination in a Communication Channel, Insecure Storage of Sensitive Information, and Memory Corruption have been discovered in PHOENIX CONTACT's Equipment- FL SWITCH. Successful exploitation of these vulnerabilities may allow attackers to have user privileges, gain access to the switch, read user credentials, deny access to the switch, or perform man-in-the-middle attacks.

  • Multiple vulnerabilities in Advantech's Equipment (24 Jan 2019)

    Multiple vulnerabilities such as Improper Authentication, Authentication Bypass, SQL Injection have been discovered in Advantech's Equipment- WebAccess/SCADA. Successful exploitation of these vulnerabilities may allow an attacker to access and manipulate sensitive data.

  • Multiple vulnerabilities in Johnson Controls' Equipment (22 Jan 2019)

    Multiple vulnerabilities such as Path Traversal, Improper Authentication have been discovered in Johnson Controls' Equipment- Facility Explorer. Successful exploitation of these vulnerabilities could allow an attacker to read, write, and delete sensitive files to gain administrator privileges in the Facility Explorer system.

  • Multiple vulnerabilities in Dräger's Equipment (22 Jan 2019)

    Multiple vulnerabilities such as Improper Input Validation, Information Exposure Through Log Files, Improper Privilege Management have been discovered in Dräger's Equipment- Infinity Delta. Successful exploitation of these vulnerabilities could cause information disclosure of device logs, denial of service through device reboots of the patient monitors, and privilege escalation.

  • Vulnerability Summary (21 Jan 2019)

    Summary of vulnerabilities for the Week of January 14, 2019.

  • Multiple vulnerabilities in ControlByWeb's Equipment (17 Jan 2019)

    Multiple vulnerabilities such as Improper Authentication, Cross-site Scripting have been discovered in ControlByWeb's Equipment- X-320M. Successful exploitation of these vulnerabilities may allow arbitrary code execution and could cause the device being accessed to require a physical factory reset to restore the device to an operational state.

  • Vulnerability in ABB's Equipment (17 Jan 2019)

    Improper Input Validation vulnerability has been discovered in ABB's Equipment- CP400 Panel Builder TextEditor 2.0. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, and cause a denial-of-service condition within the Text Editor application.

  • Multiple vulnerabilities in Omron's Equipment (17 Jan 2019)

    Multiple vulnerabilities such as Code Injection, Command Injection, Use After Free, Type Confusion have been discovered in Omron's Equipment- CX-Supervisor. Successful exploitation of these vulnerabilities could result in a denial-of-service condition, and/or allow an attacker to achieve code execution with privileges within the context of the application.

  • Multiple vulnerabilities in LCDS' Equipment (15 Jan 2019)

    Multiple vulnerabilities such as Improper Input Validation, Out-of-Bounds Read, Code Injection, Untrusted Pointer Dereference, Out-of-Bounds Write, Relative Path Traversal, Injection, Use of Hard-Coded Credentials, Authentication Bypass Using an Alternate Path or Channel have been discovered in LCDS' Equipment- LAquis SCADA. Successful exploitation of these vulnerabilities could allow remote code execution, data exfiltration, or cause a system crash.

  • Vulnerability Summary (14 Jan 2019)

    Summary of vulnerabilities for the Week of January 07, 2019.

  • Vulnerability in Emerson's Equipment (10 Jan 2019)

    Authentication Bypass vulnerability has been discovered in Emerson's Equipment- DeltaV Distributed Control System Workstations. Successful exploitation of this vulnerability could allow an attacker to shut down a service, resulting in a denial of service.

  • Vulnerability in Omron's Equipment (10 Jan 2019)

    Type Confusion vulnerability has been discovered in Omron's Equipment- CX-Protocol within CX-One. Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application.

  • Vulnerability in Pilz's Equipment (10 Jan 2019)

    Clear-text Storage of Sensitive Information vulnerability has been discovered in Pilz's Equipment- PNOZmulti Configurator. Successful exploitation of this vulnerability could allow sensitive data to be read from the system.

  • Vulnerability in Tridium's Equipment (10 Jan 2019)

    Cross-site Scripting vulnerability has been discovered in Tridium's Equipment- Niagara Enterprise Security, Niagara AX, and Niagara 4. Successful exploitation of this vulnerability could allow an authenticated user to inject client-side scripts into some web pages that could then be viewed by other users.

  • Multiple vulnerabilities in Schneider Electric's Equipment (08 Jan 2019)

    Multiple vulnerabilities such as Path Traversal, Unrestricted Upload of File with Dangerous Type, XXE have been discovered in Schneider Electric's Equipment- IIoT Monitor. Successful exploitation of these vulnerabilities could allow a remote attacker to access files available to system users, arbitrarily upload and execute malicious files, and embed incorrect documents into the system output to expose restricted information.

  • Vulnerability in Schneider Electric's Equipment (08 Jan 2019)

    Use After Free vulnerability has been discovered in Schneider Electric's Equipment- Zelio Soft 2. Successful exploitation of this vulnerability could allow for remote code execution when opening a specially crafted project file.

  • Vulnerability Summary (07 Jan 2019)

    Summary of vulnerabilities for the Week of December 31, 2018.

  • Vulnerability in Hetronic's Equipment (03 Jan 2019)

    Authentication Bypass by Capture-Replay vulnerability has been discovered in Hetronic's Equipment- Nova-M. Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands, control the device, or stop the device from running.

  • Vulnerability in Yokogawa's Equipment (03 Jan 2019)

    Resource Management Error vulnerability has been discovered in Yokogawa's Equipment- Vnet/IP Open Communication Driver. Successful exploitation of this vulnerability could allow an attacker to cause Vnet/IP network communications to controlled devices to become unavailable.

  • Vulnerability in Schneider Electric's Equipment (03 Jan 2019)

    Improper Input Validation vulnerability has been discovered in Schneider Electric's Equipment- Pro-face GP-Pro EX. Successful exploitation of this vulnerability could allow an attacker to modify code to launch an arbitrary executable upon launch of the program.