#web

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: AutomationDirect Equipment: DirectLogic H2-DM1E Vulnerabilities: Session Fixation, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject traffic into an ongoing authenticated session or authenticate as a valid user. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of DirectLogic H2-DM1E, a programmable logic controller, are affected: DirectLogic H2-DM1E: Versions 2.8.0 and prior 3.2 Vulnerability Overview 3.2.1 Authentication Bypass by Capture-replay CWE-294 The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into an ongoing auth...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: AADvance Trusted SIS Workstation Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker executing code within the context of a current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AADvance Trusted SIS Workstation, a manufacturing controller management suite, are affected: AADvance Trusted SIS Workstation: 2.00.01 and prior 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 A vulnerability exists which could allow remote threat actors to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability because the target must visit a malicious page or open a malicious file. The specific vulnerability exists in the analysis of 7Z files. The problem results from the lack of proper validation of ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthenticated remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation FactoryTalk View Site, are affected: FactoryTalk View Site Edition: Versions V12.0, V13.0, V14.0 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77 A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with path traversal, command injection, and XSS vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains patches to fix this issue. CVE-2024-45824 has been assigned to this vulnerability. A CVSS v3.1 ba...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC SCADA and PCS 7 Systems Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to execute arbitrary code with high privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: SIMATIC BATCH V9.1: All versions SIMATIC Information Server 2020: All versions SIMATIC Information Server 2022: All versions SIMATIC PCS 7 V9.1: All versions SIMATIC Process Historian 2020: All versions SIMATIC Process Historia...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: ThinManager Vulnerability: Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation ThinManager, a visualization resource manager, are affected: ThinManager: Versions V13.1.0 to 13.1.2 ThinManager: Versions V13.2.0 to 13.2.1 3.2 Vulnerability Overview 3.2.1 EXTERNALLY CONTROLLED REFERENCE TO A RESOURCE IN ANOTHER SPHERE CWE-610 Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager processes a crafted POST request. If exploited, a user can install an executable file. CVE-2024-45826 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Batch View Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker bypassing authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation FactoryTalk Batch View, a manufacturing process batch solution, are affected: FactoryTalk Batch View: 2.01.00 and prior 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHENTICATION CWE-287 An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during authentication. CVE-2024-45823 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/U...

Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato’s global customers, between April and June 2024. Key Insights from the Q2 2024 Cato CTRL SASE Threat Report The report is packed with unique insights that are based on

Iraqi government networks have emerged as the target of an "elaborate" cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister's Office and the Ministry of Foreign Affairs, cybersecurity company Check Point said in a new analysis. OilRig, also called APT34, Crambus, Cobalt Gypsy, GreenBug,

The Vision Pro uses 3D avatars on calls and for streaming. These researchers used eye tracking to work out the passwords and PINs people typed with their avatars.

A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers.