#web

Categories: Business How can organizations stay secure amidst the ceaseless tide of change? (Read more...) The post Webinar: Bridging digital transformation & cybersecurity appeared first on Malwarebytes Labs.

WatchGuard Firebox Web Update Unpacker is a small utility for extracting file system images from sysa-dl update files. The unpacker has been tested on firmware for the M400 and M500 series.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Products Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute code, which could result in information disclosure, tampering with and deletion of information, or a denial-of-service (DoS) condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mitsubishi Electric FA Engineering Software Products are affected: GX Works3: All versions 3.2 Vulnerability Overview 3.2.1 INCORRECT DEFAULT PERMISSIONS CWE-276 In all versions of Mitsubishi Electric GX Works3, code execution is possible due to permission issues. This could allow an attacker to cause information disclosure, tampering with and deletion of information, or a denial-of-service (DoS) condition. CVE-2023-4088 has been assigned to this vulnerability. A CVSS v3 base score of 9.3 has...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: Suprema Inc. Equipment: BioStar 2 Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform a SQL injection to execute arbitrary commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Suprema BioStar 2, an access control system, are affected: BioStar 2: version 2.8.16 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89 Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via value parameters. CVE-2023-27167 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Multiple COUNTRIES/AREAS DEP...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Advantech Equipment: EKI-1524-CE, EKI-1522-CE, EKI-1521-CE Vulnerabilities: Cross-Site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code in the context of the session. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Advantech serial device servers are affected: EKI-1524-CE series: versions 1.24 and prior EKI-1522-CE series: versions 1.24 and prior EKI-1521-CE series: versions 1.24 and prior 3.2 Vulnerability Overview 3.2.1 Cross-Site Scripting CWE-79 Advantech EKI-1524, EKI-1522, EKI-1521 devices through version 1.21 are affected by a stored cross-site scripting vulnerability, which can be triggered by authenticated users in the device name field of the web-interface. CVE-2023-4202 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Asset Suite 9 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to enter an arbitrary password to execute equipment tag out actions. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports these vulnerabilities affect the following products: Asset Suite: Versions 9.6.3.11.1 and prior Asset Suite: Version 9.6.4 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHENTICATION CWE-287 A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user performing an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baker Hughes - Bently Nevada Equipment: Bently Nevada 3500 System Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Cleartext Transmission of Sensitive Information, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to steal sensitive information and gain access to the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of the Bently Nevada 3500 System, a real-time monitoring solution, are affected: Bently Nevada 3500 Rack (TDI Firmware): version 5.05 3.2 Vulnerability Overview 3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 has a vulnerability in their password retrieval functionality which could be used by an attacker to access passwords stored on the device. CVE...

An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android apps that target a broader list of apps than its predecessors. Some of the other targeted prominent

How To Use This Report Enhance situational awareness of techniques used by threat actors Identify potential attacks targeting your industry Gain insights to help improve and accelerate your organization’s threat response Summary of Findings The Network Effect Threat Report offers insights based on unique data from Fastly’s Next-Gen WAF from Q2 2023 (April 1, 2023 to June 30, 2023). This report

A "multi-year" Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future's Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to "Chinese military intelligence and poses a significant threat to academic, aerospace and defense, government,