Tag
#web
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk AssetCentre Vulnerabilities: Inadequate Encryption Strength, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to extract passwords, access, credentials, or impersonate other users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation FactoryTalk AssetCentre are affected: FactoryTalk AssetCentre: All versions prior to V15.00.001 3.2 Vulnerability Overview 3.2.1 INADEQUATE ENCRYPTION STRENGTH CWE-326 An encryption vulnerability exists in all versions prior to V15.00.001 of FactoryTalk AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application. CVE-2025-0477 has been assigned to this vulnerability. A CVSS v3.1 base scor...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: KEPServer Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device to crash. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation's KEPServer are affected: KEPServer: Versions 6.0 to 6.14.263 3.2 Vulnerability Overview 3.2.1 Uncontrolled Resource Consumption CWE-400 KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be nested to create complex arrays. It does not implement a check to see if such an object is recursively defined, so an attack could send a maliciously created message that the decoder would try to decode until the stack overflowed and the device c...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: New Rock Technologies Equipment: Cloud Connected Devices Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Neutralization of Wildcards or Matching Symbols 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker full control of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of New Rock Technologies Cloud Connected Devices are affected: OM500 IP-PBX: All versions MX8G VoIP Gateway: All versions NRP1302/P Desktop IP Phone: All versions 3.2 Vulnerability Overview 3.2.1 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-78 Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud. CVE-...
This new report from Cisco Talos Incident Response explores how threat actors increasingly deployed web shells against vulnerable web applications, and exploited vulnerable or unpatched public-facing applications to gain initial access.
Amateurish financial scams are common across Africa, and Namibia's influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.
The FBI has seized Nulled.to, Cracked.to, Sellix.io, and StarkRDP.io in Operation Talent, targeting cybercrime forums and illicit marketplaces.…
In this case, the "fast_float2::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses invalid memory address when it takes an empty string as its input. This approach violates Rust’s memory safety guarantees, as it can lead to invalid memory access if empty buffer is provided.
The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.
### Issue Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine. This vulnerability affects versions 2.0.12 through 4.2.0 on Linux and macOS. Snowflake fixed the issue in version 4.3.0. ### Vulnerability Details When downloading files from stages, the Snowflake Connector for .NET uses the OS temporary directory to save files before copying them to the destination directory. The files in the temporary directory, which are removed once the write to the destination directory concludes, have world-readable permissions on Linux and macOS. This could allow any user on the local machine to access them during their limited lifetime. ### Solution Snowflake released version 4.3.0 of the Snowflake Connector for .NET, which fixes this issue. We recommend users upgrade to version 4.3.0. ### Additional...
### Issue Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.connector.pandas_tools module is vulnerable to SQL injection. This vulnerability affects versions 2.2.5 through 3.13.0. Snowflake fixed the issue in version 3.13.1. ### Vulnerability Details A function from the snowflake.connector.pandas_tools module is not sanitizing all of its arguments, and queries using them are not parametrized. An attacker controlling these arguments could achieve SQL injection by passing crafted input. Any SQL executed that way by an attacker would still run in the context of the current session. ### Solution Snowflake released version 3.13.1 of the Snowflake Connector for Python, which fixes this issue. We recommend users upgrade to version 3.13.1. ### Additional Information If you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our [Vul...