Latest News

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Vulnerabilities: Missing Authentication for Critical Function, NULL Pointer Dereference, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain access to the management web interface or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: RUGGEDCOM APE1808: all ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ruijie Equipment: Reyee OS Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Exposure of Private Personal Information to an Unauthorized Actor, Premature Release of Resource During Expected Lifetime, Insecure Storage of Sensitive Information, Use of Weak Credentials, Improper Neutralization of Wildcards or Matching Symbols, Improper Handling of Insufficient Permissions or Privileges, Server-Side Request Forgery (SSRF), Use of Inherently Dangerous Function, Resource Leak 2. RISK EVALUATION Successful exploitation of this vulnerabilities could allow attackers to take near full control over the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Ruijie product is affected: Reyee OS: Versions 2.206.x up to but not including 2.320.x 3.2 Vulnerability Overview 3.2.1 Weak Password Recovery Mechanism for Forgotten Password CWE-640 Ruijie Reyee OS version...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS VS5Sim is a simulator of V-SFT Ver5 packaged with Fuji Electric Tellus Lite V-Simulator, a remote monitoring and operation software. The following versions are affected: Tellus Lite: Version 4.0.20.0 3.2 Vulnerability Overview 3.2.1 Out-of-bounds Write CWE-787 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64 Product Suite and Mitsubishi Electric MC Works64 Vulnerabilities: Uncontrolled Search Path Element, Dead Code 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ICONICS reports that the following versions of ICONICS and Mitsubishi Electric products are affected: GENESIS64 AlarmWorX Multimedia (AlarmWorX64 MMX): Versions prior to 10.97.3 (CVE-2024-8299 and CVE-2024-9852) GENESIS64: Version 10.97.2, 10.97.2 CFR1, 10.97.2 CFR2, and 10.97.3 (CVE-2024-8300) Mitsubishi Electric MC Works64: all versions (CVE-2024-8299, CVE-2024-9852) 3.2 Vulnerability Overview 3.2.1 Uncontrolled Search Path Element CWE-427 An uncontrolled search path element in the AlarmWorX64 MMX Phone agent can provide the potential for DLL hijacking and malicious code execution. CVE-202...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Open Automation Software Equipment: Open Automation Software Vulnerability: Incorrect Execution-Assigned Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker executing code with escalated privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Open Automation Software, an HMI, SCADA, and IoT solution, are affected: Open Automation Software: prior to V20.00.0076 3.2 Vulnerability Overview 3.2.1 INCORRECT EXECUTION-ASSIGNED PERMISSIONS CWE-279 A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation. CVE-2024-11220 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVS...

Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. "By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels of access

The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. "Phishing emails were sent mainly through email services in Japan and Korea until early September," South Korean cybersecurity company Genians said. "Then, from mid-September,

A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded by these trojans to install stealer

New zero-day attack bypasses antivirus, sandboxes, and spam filters using corrupted files. Learn how ANY.RUN’s sandbox detects and…

## Summary There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0. * Versions affected: 1.6.0 * Not affected: < 1.6.0 * Fixed versions: 1.6.1 ## Impact A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags in the following way: - the "noscript" element is explicitly allowed Code is only impacted if Rails is configured to use HTML5 sanitization, please see documentation for [`config.action_view.sanitizer_vendor`](https://guides.rubyonrails.org/configuring.html#config-action-view-sanitizer-vendor) and [`config.action_text.sanitizer_vendor`](https://guides.rubyonrails.org/configuring.html#config-action-text-sanitizer-vendor) for more information on these configuration options. The default configuration is to disallow all of these element...