Latest Intelligence
Siemens RUGGEDCOM ROX II
The Siemens RUGGEDCOM ROX II family has a critical vulnerability that allows local attackers to bypass authentication and gain root access through the Built-In-Self-Test (BIST) mode. The vulnerability affects multiple models in the RUGGEDCOM ROX II family, and no fix is currently available. Read Original »
Siemens SINEC OS
The article discusses vulnerabilities in Siemens products, particularly in the RUGGEDCOM and SCALANCE equipment, with various types of security flaws identified. These vulnerabilities could allow remote code execution and other serious security risks if exploited. Read Original »
Siemens SIMATIC RTLS Locating Manager
The Siemens SIMATIC RTLS Locating Manager has a critical vulnerability due to improper input validation, allowing authenticated remote attackers to execute arbitrary code with high privileges. Users are advised to update to version 3.2 or later to mitigate this risk. Read Original »
Siemens SIPROTEC 5
Siemens SIPROTEC 5 devices have a vulnerability that allows an attacker with physical access to exhaust the device's memory by sending high-bandwidth packets, potentially causing it to stop responding. This issue affects multiple versions of various SIPROTEC 5 models, necessitating updates to mitigate the risk. Read Original »
Rockwell Automation Studio 5000 Logix Designer
Rockwell Automation's Studio 5000 Logix Designer has a vulnerability due to improper input validation, which could allow an attacker to crash the device or execute malicious code. The affected versions range from 36.00.02 to 37.00.02, and users are advised to upgrade to version 37.00.02 or later to mitigate risks. Read Original »
Siemens SIMATIC RTLS Locating Manager
Siemens SIMATIC RTLS Locating Manager has two vulnerabilities that could allow local attackers to cause denial of service or escalate access rights. The vulnerabilities are related to insufficient input validation and credential protection, affecting all versions prior to 3.3. Read Original »
Rockwell FactoryTalk Linx
The article discusses a vulnerability in Rockwell Automation's FactoryTalk Linx, specifically an improper access control issue that allows attackers to manipulate FTLinx drivers by disabling token validation. The vulnerability has a CVSS v4 score of 8.4 and affects versions prior to 6.50. Read Original »
Siemens Web Installer
The Siemens Web Installer has a vulnerability that allows for uncontrolled search path elements, potentially enabling attackers to execute arbitrary code during application installation. As of January 10, 2023, CISA will not update advisories for these vulnerabilities, directing users to Siemens' ProductCERT for the latest information. Read Original »
Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER
Siemens products SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER are affected by a vulnerability that allows attackers to access arbitrary application files through improper XML external entity reference. CISA will no longer update advisories for these vulnerabilities, and users are advised to implement specific mitigations to reduce risk. Read Original »
Siemens SINEC Traffic Analyzer
The Siemens SINEC Traffic Analyzer has multiple vulnerabilities that could allow attackers to cause denial-of-service conditions or gain elevated access to sensitive resources. As of January 10, 2023, CISA will no longer update advisories for these vulnerabilities, and users are advised to update to version 3.0 or later to mitigate risks. Read Original »
Rockwell Automation Micro800
The Rockwell Automation Micro800 series has multiple critical vulnerabilities that could lead to remote code execution and privilege escalation due to dependencies on vulnerable third-party components and improper input validation. Users are advised to update their systems to mitigate these risks. Read Original »
Siemens COMOS
Siemens COMOS has a critical vulnerability classified as an out-of-bounds write, which could allow attackers to cause crashes or execute code. Users are advised to update to version 10.6 or later and ensure files are from trusted sources to mitigate risks. Read Original »
Have You Turned Off Your Virtual Oven?
The article discusses the importance of performing safety checks in daily life, particularly focusing on ensuring that appliances like ovens and stoves are turned off before leaving home. This behavior is rooted in the desire to prevent potentially dangerous situations such as fires or break-ins. Read Original »
‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks
The article discusses a new DDoS attack vector known as 'MadeYouReset', which exploits flaws in HTTP/2 implementations. This vulnerability has been likened to the previously known Rapid Reset attack. Read Original »
New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits
Researchers have identified a new Android trojan named PhantomCard that exploits NFC technology to carry out relay attacks, enabling fraudulent banking transactions. This malware specifically targets banking customers in Brazil by relaying data from victims' banking cards to the fraudster's device. Read Original »