#auth

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SINUMERIK ONE, SINUMERIK 840D, SINUMERIK 828D Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate their privileges in the underlying system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens SINUMERIK products, an automation system, are affected: SINUMERIK 828D V4: All versions SINUMERIK 828D V5: All versions prior to V5.24 SINUMERIK 840D sl V4: All versions SINUMERIK ONE: All versions prior to V6.24 3.2 Vulnerability Overview 3.2.1...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Runtime Vulnerability: Observable Response Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated remote attackers to distinguish between valid and invalid usernames. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens Mendix Runtime, are affected: Mendix Runtime V8: All versions only if the basic authentication mechanism is used by the application Mendix Runtime V9: All versions prior to V9.24.26 only if the basic authentication mechanism is used by the application Mendix ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Edge Management Vulnerability: Authorization Bypass Through User-Controlled Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to impersonate other devices onboarded to the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: Industrial Edge Management Pro: Versions prior to V1.9.5 Industrial Edge Management Virtual: Versions prior to V2.3.1-1 3.2 Vulnerability Overview 3.2.1 AUTHORIZATION BYPASS THROUGH USER-CONTROLLED KEY CWE-639 Affe...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: AutomationDirect Equipment: DirectLogic H2-DM1E Vulnerabilities: Session Fixation, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject traffic into an ongoing authenticated session or authenticate as a valid user. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of DirectLogic H2-DM1E, a programmable logic controller, are affected: DirectLogic H2-DM1E: Versions 2.8.0 and prior 3.2 Vulnerability Overview 3.2.1 Authentication Bypass by Capture-replay CWE-294 The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into an ongoing auth...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthenticated remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation FactoryTalk View Site, are affected: FactoryTalk View Site Edition: Versions V12.0, V13.0, V14.0 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77 A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with path traversal, command injection, and XSS vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains patches to fix this issue. CVE-2024-45824 has been assigned to this vulnerability. A CVSS v3.1 ba...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC SCADA and PCS 7 Systems Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to execute arbitrary code with high privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: SIMATIC BATCH V9.1: All versions SIMATIC Information Server 2020: All versions SIMATIC Information Server 2022: All versions SIMATIC PCS 7 V9.1: All versions SIMATIC Process Historian 2020: All versions SIMATIC Process Historia...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Batch View Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker bypassing authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation FactoryTalk Batch View, a manufacturing process batch solution, are affected: FactoryTalk Batch View: 2.01.00 and prior 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHENTICATION CWE-287 An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during authentication. CVE-2024-45823 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/U...

The Irish Data Protection Commission (DPC) has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. "The statutory inquiry concerns the question of whether Google has complied

A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers.

With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.