Read more about the article Cisco Releases Security Advisories for Multiple Products

Cisco Releases Security Advisories for Multiple Products

  • Post author:
  • Post category:

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Catalyst SD-WAN Manager Vulnerabilities cisco-sa-sdwan-vman-sc-LRLfu2z Cisco IOS XE Software Web

Continue ReadingCisco Releases Security Advisories for Multiple Products
Read more about the article CISA Releases Three Industrial Control Systems Advisories

CISA Releases Three Industrial Control Systems Advisories

  • Post author:
  • Post category:

CISA released three Industrial Control Systems (ICS) advisories on September 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-271-01 Rockwell Automation PanelView 800 ICSA-23-271-02 DEXMA DexGate ICSA-23-143-02 Hitachi Energy’s RTU500 Series Product (UPDATE A) CISA encourages users and administrators to review the newly released ICS advisories for technical

Continue ReadingCISA Releases Three Industrial Control Systems Advisories
Read more about the article ICS Advisory: DEXMA DexGate

ICS Advisory: DEXMA DexGate

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: DEXMA Equipment: DEXGate Vulnerabilities: Cross-Site Scripting, Cross-Site Request Forgery, Improper Authentication, Cleartext Transmission of Sensitive Information, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in the attacker impersonating a user, executing

Continue ReadingICS Advisory: DEXMA DexGate
Read more about the article ICS Advisory: Rockwell Automation PanelView 800

ICS Advisory: Rockwell Automation PanelView 800

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PanelView 800 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify data, or cause a denial-of-service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of

Continue ReadingICS Advisory: Rockwell Automation PanelView 800
Read more about the article CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog

  • Post author:
  • Post category:

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2018-14667 Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click

Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog