#auth

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated local attacker to execute arbitrary code with system privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following versions of SINEMA Remote Connect management platform are affected: SINEMA Remote Connect Client: versions prior to V3.2 HF1 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77 The syst...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ThinManager ThinServer Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The vulnerabilities exist in the following versions of ThinManger ThinServer: ThinManager ThinServer: Versions 11.1.0, 11.2.0, 12.0.0, 12.1.0, 13.0.0, 13.1.0, 13.2.0 (CVE-2024-5988, CVE-2024-5989) ThinManager ThinServer: Versions 11.1.0, 11.2.0, 12.0.0, 12.1.0, 13.0.0, 13.1.0 (CVE-2024-5990) 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the affected device. CVE-2024-5988 has been assigned t...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Incorrect Privilege Assignment, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation could allow an attacker to obtain user credentials, the MACSEC key, or create a remote shell to the affected system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: RUGGEDCOM i800: Versions prior to V4.3.10 (CVE-2023-52237) RUGGEDCOM i800NC: Versions prior to V4.3.10 (CVE-2023-52...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Remote Connect Server Vulnerabilities: Incorrect User Management, Unrestricted Upload of File with Dangerous Type, Forced Browsing, Improper Check for Unusual or Exceptional Conditions, Client-Side Enforcement of Server-Side Security, Incorrect Authorization, Creation of Temporary File With Insecure Permissions, Improper Restriction of Excessive Authentication Attempts, Incorrect Permission Assignment for Critical Resource, Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE 1808 Vulnerabilities: Stack-based Buffer Overflow, Use of Password Hash With Insufficient Computational Effort, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized code or commands via specially crafted CLI commands and access to decrypting the CLI backup file. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: Siemens RUGGEDCOM APE1808: All versions with Fortinet NGFW 3.2 Vulnerability Overview 3.2.1 STACK-BASED BUFF...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE, RUGGEDCOM, SIPLUS, and SINEC Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow on-path attackers to gain access to the network with the attackers desired authorization without needing legitimate credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: RUGGEDCOM CROSSBOW: All versions RUGGEDCOM i800: All versions RUGGEDCOM i800NC: All versions RUGGEDCOM i801: All versions RUGGEDCOM i801NC: Al...

Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit

Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on anti-analysis,

Data breaches have become one of the most crucial threats to organizations across the globe, and they’ve only become more prevalent and serious over time.

**Why is the Red Hat Inc. the assigning CNA (CVE Numbering Authority)?** CVE-2024-6387 is regarding a vulnerability in OppenSSH's server (sshd). Red Hat created this CVE on its behalf.