#web

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Manager Vulnerabilities: OS Command Injection, Missing Authentication for Critical Function, Cleartext Storage of Sensitive Information, Cross-Site Request Forgery (CSRF) 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary OS commands, upload files, and obtain sensitive information without providing associated credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following mySCADA products are affected: myPRO Manager: Versions prior to 1.4 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS Command ('OS COMMAND INJECTION') CWE-78 The affected product is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands. CVE-2025-25067 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been ...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIPROTEC 5 Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker with physical access to an affected device to execute arbitrary commands on the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens SIPROTEC 5 7SK85 (CP300): All versions prior to V9.90 Siemens SIPROTEC 5 7SJ81 (CP100): All versions Siemens SIPROTEC 5 7SL86 (CP300): All versions prior to V9.90 Siemens SIPROTEC 5 7SL86 (CP200): All versions Siemens SIPROTEC 5 7SJ86 (...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable locally Vendor: Siemens Equipment: SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to achieve privilege escalation or bypass security measures. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SMATIC IPC DiagMonitor: All versions SIMATIC IPC DiagBase: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732 The affected device do not properl...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Vulnerability: Observable Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to identify valid usernames. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the following SIMATIC products are affected: Siemens SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0): vers:all/<V4.7 Siemens SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0): vers:all/>=V3.1.0|<V3.1.2 Siemens SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0): vers:all/>=V3.1.0|<V3.1.2 Siemens SIPLUS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Outback Power Equipment: Mojave Inverter Vulnerabilities: Use of GET Request Method With Sensitive Query Strings, Exposure of Sensitive Information to an Unauthorized Actor, Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data or inject commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Outback Power Mojave Inverter, a system for managing power in a residential grid-connected battery backup system, are affected: Outback Power Mojave Inverter: All versions 3.2 VU;NERABILITY OVERVIEW 3.2.1 Use of GET Request Method With Sensitive Query Strings CWE-598 The Mojave Inverter uses the GET method for sensitive information. CVE-2025-26473 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: ORing Equipment: IAP-20 Vulnerabilities: Cross-site Scripting, Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to invoke commands to compromise the device via the management interface. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following ORing products are affected: IAP-420: Versions 2.01e and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 A stored cross-site scripting can be triggered by placing JavaScript code into the SSID input field of the web interface. An attacker could exploit this vulnerability by luring an authenticated user to visit a malicious website. CVE-2024-5410 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV...

An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier. Users are recommended to upgrade to version 2.4.0, which fixes the issue.

Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms.

### Impact Chains using affected versions of Packet Forward Middleware in their IBC Transfer stack are vulnerable to an attack in which there is a potential denial of service. This affects IBC transfers for any asset which is being transferred between another chain and its native chain. We recommend upgrading as soon as possible. __THIS IS A STATE BREAKING CHANGE__ ### Patches Versions [7.2.1](https://github.com/cosmos/ibc-apps/releases/tag/middleware%2Fpacket-forward-middleware%2Fv7.2.1) and [8.1.1](https://github.com/cosmos/ibc-apps/releases/tag/middleware%2Fpacket-forward-middleware%2Fv8.1.1) are patched. ### Workarounds N/A ### References N/A

### Impact _What kind of vulnerability is it? Who is impacted?_ Remote code execution is possible in web-accessible installations of hypercube. ### Patches _Has the problem been patched? What versions should users upgrade to?_ Not yet, though no patch is neccessary if your installation of the microservices is behind a firewall. See below. ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ The exploit requires making a request against Hypercube's endpoints; therefore, the ability to make use of the exploit is much reduced if the microservice is not directly accessible from the Internet, so: Prevent general access from the Internet from hitting Hypercube. Furthermore, if you've used any of the official installation methods, your Crayfish will be behind a firewall and there is no work neccessary. The webserver might be made to validate the structure of headers passed, but that would only be neccessary if you publicly exposed the en...