Nothing Special   »   [go: up one dir, main page]

Stay connected

Trending News

Cisco NX-OS Software Image Verification Bypass Vulnerability
Critical vulnerabiliities, Cyber Security, IoT Security, Vulnerabilities

Cisco NX-OS Software Image Verification Bypass Vulnerability 

Summary A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This vulnerability is due to insecure bootloader settings. An…

Bosch Rexroth IndraDrive
ICS, News, Vulnerabilities

Bosch Rexroth IndraDrive 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service, rendering the device unresponsive by sending arbitrary UDP messages. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Bosch Rexroth reports that the following versions of IndraDrive, servo drive…

Delta Electronics DIAScreen
ICS, News, Vulnerabilities

Delta Electronics DIAScreen 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of DIAScreen, which is a component of Delta’s DIAStudio…

https://www.cisa.gov/news-events/ics-advisories/icsa-24-303-03
ICS, News, Vulnerabilities

Delta Electronics InfraSuite Device Master 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of InfraSuite Device Master, a real-time device monitoring software, are affected: 3.2 Vulnerability Overview 3.2.1 DESERIALIZATION…

VIMESA VHF/FM Transmitter Blue Plus
News, Vulnerabilities

VIMESA VHF/FM Transmitter Blue Plus 

1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform a Denial-of-Service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of VIMESA VHF/FM Transmitter Blue Plus, a VHF/FM Transmitter, is affected: 3.2 Vulnerability Overview 3.2.1 Improper Access Control…

Cisco Adaptive Security Appliance Software SSH Remote Command Injection Vulnerability
Critical vulnerabiliities, Cyber Security, IoT Security, News, Vulnerabilities

Cisco Adaptive Security Appliance Software SSH Remote Command Injection Vulnerability 

Summary A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted…

Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability
Critical vulnerabiliities, Cyber Security, IoT Security, News, Vulnerabilities

Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability 

Summary A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded…