ABB has identified multiple vulnerabilities in its T-MAC Plus version 4.0-24 software, which could allow attackers to exploit the system in various ways. These vulnerabilities include issues like file disclosure, broken access controls, cross-site scripting (XSS), and an insecure network protocol that could lead to denial-of-service attacks. Affected users are urged to update to version 4.0-25, which contains fixes for these issues. The vulnerabilities are considered serious, with CVSS scores ranging from 7.4 to 9.9, indicating that they pose significant risks to security. Companies using this software should prioritize applying the update to protect their systems from potential exploitation.
Articles tagged "Critical"
Found 887 articles
Rockwell Automation's 1715-AENTR EtherNet/IP Adapter has a serious vulnerability (CVE-2026-10577) affecting versions up to 3.003. This flaw exposes a debug port that lacks proper authentication controls, allowing attackers to gain unauthorized access to critical functions. If exploited, they could read or delete files, halt tasks, modify memory, and alter I/O states, threatening the device's confidentiality, integrity, and availability. This vulnerability is particularly concerning as it impacts sectors like energy and manufacturing, where security is crucial. Users are advised to upgrade to version 3.011 or later to mitigate the risks associated with this vulnerability.
ABB has identified a vulnerability in its Advant Master Online Builder products that could allow unauthorized code execution due to improper handling of search paths for loading dynamic link libraries (DLLs). Affected versions include Control Builder A versions up to 1.4/4 and multiple iterations of 800xA for Advant Master. To mitigate the risk, ABB has released updates that resolve the vulnerability, advising users to upgrade to specific patched versions. Importantly, the vulnerability requires physical access to the system, which limits its exploitability. However, users are still urged to manage access strictly and enforce strong security practices to prevent potential exploitation.
The Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, indicating they are being actively exploited in the wild. The vulnerabilities include two related to SonicWall SMA1000 Appliances, specifically a server-side request forgery and a code injection vulnerability. Additionally, there are two Microsoft vulnerabilities affecting Active Directory Federation Services and SharePoint Server, which involve insufficient access control and missing authentication for critical functions, respectively. These vulnerabilities pose significant risks, especially to federal agencies, as they can lead to total asset control by attackers post-exploitation. CISA's guidance encourages all organizations to prioritize remediation of these high-risk vulnerabilities to enhance their security posture.
SAP has issued a warning regarding 16 vulnerabilities in various products, with three of these classified as critical. The affected products include NetWeaver, Commerce Cloud, and AppRouter. These flaws could potentially allow attackers to exploit weaknesses in the systems, which is particularly concerning for organizations relying on these platforms for their operations. Users of these SAP products should take immediate action to address these vulnerabilities to protect their data and systems. The update comes as part of SAP's July 2026 security updates, emphasizing the ongoing need for vigilance in cybersecurity practices.
SAP has released patches for serious vulnerabilities found in its NetWeaver, Approuter, and Commerce Cloud products. These flaws could allow attackers to access and alter sensitive data, disrupt system availability, and create inconsistencies in request-response processes. This is a significant concern for businesses using these SAP solutions, as it could lead to data breaches or operational disruptions. Companies are urged to apply the patches promptly to safeguard their systems and data integrity. The vulnerabilities were disclosed recently, emphasizing the need for organizations to stay vigilant and proactive in updating their software.
SCM feed for Latest
In December 2025, an attack on Poland's power grid was attributed to Russia's FSB by both UK and EU authorities. The primary goal of the assault was to disrupt communication between renewable energy systems and power distribution operators, raising concerns about the security of critical infrastructure in the region. This incident is particularly alarming as it underscores the potential for state-sponsored cyber activities to impact essential services. The attack could have wide-reaching implications for energy security and stability in Poland and possibly beyond, as it highlights vulnerabilities in the infrastructure that supports renewable energy. Authorities are urging immediate action to bolster defenses against such cyber threats.
GigaWiper is a newly discovered modular malware that enables attackers to carry out both backdoor and wiper functions, allowing them to choose how destructive their attacks can be. This malware draws elements from various existing malware families, making it more versatile and dangerous. While specific targets have not been disclosed, the presence of such a tool poses a significant threat to organizations, as it can lead to data loss and operational disruptions. The ability to customize the attack increases the potential impact on victims, making it critical for companies to stay vigilant and enhance their cybersecurity measures. Understanding how GigaWiper operates can help in developing better defenses against such dual-purpose malware.
The European Union, along with its member states and the United Kingdom, has taken significant steps against Russian officials believed to be involved in cyber espionage and destructive cyberattacks. Specifically, they have attributed winter cyberattacks against Poland's energy grid to Russia's Federal Security Service (FSB). This move reflects rising tensions and concerns over cyber threats emanating from Russia, particularly as these attacks could potentially disrupt critical infrastructure. By holding accountable those responsible, Europe aims to deter future cyber aggression and protect its energy security. This situation emphasizes the ongoing risks posed by state-sponsored cyber activities and the need for international cooperation in addressing such threats.
A recent investigation by SentinelLabs has revealed that both Chinese and Indian espionage efforts are targeting the same police force in Balochistan, Pakistan. This dual espionage poses significant risks not only to the sensitive information held by the police but also to national security, as it suggests a coordinated effort to gather intelligence on regional operations. The Balochistan police, already facing various challenges, now must contend with sophisticated cyber threats from rival nations. This incident raises concerns about the effectiveness of current security measures in protecting critical infrastructure from foreign interference. As the situation evolves, it will be crucial for authorities to bolster their cybersecurity defenses to safeguard against these ongoing threats.
The European Union has imposed sanctions on nine individuals and four entities connected to the Russian Federal Security Service (FSB) due to a lengthy cyberespionage and sabotage campaign that has reportedly been active since 2010. This operation has targeted critical infrastructure across Europe, raising significant concerns about national security and the safety of essential services. The sanctions are part of the EU's ongoing efforts to hold accountable those responsible for cyberattacks that threaten democratic institutions and public safety. By targeting these individuals and organizations, the EU aims to deter future cyber activities that could harm member states. This move underscores the seriousness of cyber threats linked to state actors and the need for robust international responses.
Infosecurity Magazine
Cybersecurity agencies from 12 countries have issued a warning about Russian state-backed hackers who are exploiting weak SNMP (Simple Network Management Protocol) credentials in routers worldwide. This attack targets devices with known vulnerabilities, allowing the hackers to potentially gain control over network infrastructure. The issue is particularly concerning as routers are critical components in both corporate and home networks, meaning that a successful attack could lead to data breaches or further exploitation. Organizations are urged to review their router security settings and strengthen SNMP credentials to reduce the risk of being compromised. This situation not only highlights the ongoing cyber threats posed by state-sponsored actors but also serves as a reminder for users to prioritize their network security.
Zimbra has patched a serious vulnerability that allows attackers to execute malicious code through specially crafted emails. When a user opens one of these emails, the embedded code runs without their consent, posing a significant security risk. This flaw affects users of Zimbra's email software, which is widely used by organizations for communication. The potential for exploitation makes it crucial for users to update their systems promptly. Patching this vulnerability helps protect against unauthorized access and data breaches, which could have serious consequences for affected organizations.
The European Union has taken action against several Russian intelligence officers believed to be involved in a long-term cyber espionage campaign. This campaign allegedly targeted various government entities and conducted sabotage operations aimed at critical infrastructure across the EU. The EU's decision to target these individuals and related entities is part of a broader strategy to counteract cyber threats originating from Russia. This incident underscores the ongoing tensions between Russia and the EU, particularly in the realm of cybersecurity, and highlights the risks posed by state-sponsored cyber activities. The ramifications of such actions could lead to increased cybersecurity measures and diplomatic responses from affected nations.
Cybersecurity agencies from the United States and eight allied nations have issued a warning about Russian state-sponsored hackers targeting vulnerable routers to gain access to critical infrastructure networks. These hackers are exploiting poorly configured devices, which could lead to significant disruptions if successful. The warning emphasizes the need for organizations to enhance their cybersecurity measures and ensure their network devices are properly secured. This attack method poses a serious risk to essential services and could potentially impact public safety. Agencies are urging businesses and government entities to remain vigilant and take proactive steps to protect their systems.