Allen-Bradley Stratix 5950 network security appliances are affected by multiple vulnerabilities. The flaws, which are due to security issues in the Cisco ASA operating system used in the devices,...
DoS vulnerabilities have been identified in Siemens SIPROTEC 5 relays and the EN100 communication module. These vulnerabilities can be exploited by a remote attacker without requiring any...
WAGO has fixed multiple vulnerabilities in e!DISPLAY 7300T series HMA devices. Exploitation of these vulnerabilities could enable attackers to execute arbitrary code or overwrite critical files
Dragos has published information on a newly-identified APT group, which it calls RASPITE. According to Dragos, the group's activity overlaps significantly with that of Leafminer, a group...
Weak hashing algorithm allows attacker get passwords in clear text.
Several companies, including Cisco, Rockwell Automation, Sierra Wireless, ABB and Siemens, have reported vulnerabilities in their industrial devices. The vendors are preparing updates to close...
A remote attacker can get sensitive information that expands attack surface.
Serious vulnerabilities have been found in Intel processors. These flaws also affect industrial equipment. Intel has released the relevant updates and equipment vendors now need to integrate them...
A remote attacker can get administrative privileges using default credentials.
2017 was one of the most eventful years in terms of information security incidents affecting industrial systems, and it changed the way industrial companies think about protecting key operational...
Vulnerabilities in Siemens SWT 3000, a system used in the energy sector, allow attackers to gain access to sensitive information, circumvent authentication and conduct a DoS attack.
A remote attacker can craft a malicious link and send it to a privileged user. This can cause denial of service.
Siemens SCALANCE industrial solutions are affected by Dnsmasq vulnerabilities. An attacker could be able to execute arbitrary code or conduct a DoS attack.
A authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface.
Kaspersky Lab ICS CERT experts have held the first tech talk on industrial cyber security at UC Berkeley.
The Satori botnet has used embedded exploits to attack ports 37215 and 52869. After reaching the size of 280,000 active bots, the botnet has suddenly folded its operations.
Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software.
The TRITON attack demonstrates an important property of attacks on industrial enterprises: they may show no signs of malicious computer activity.
ENISA has released a new study: “Good Practices for Security of Internet of Things in the context of Smart Manufacturing. Kaspersky Lab ICS CERT experts contributed to the study.
Attackers can take advantage of vulnerabilities in the PAN-OS management interface to execute arbitrary code with superuser privileges.
Vulnerabilities in Intel, ARM64 and AMD processors allow unauthorized access to virtual memory contents. Vulnerable devices include industrial equipment.
Exploitation of vulnerabilities in Siemens SINUMERIK controllers cold allow remote code execution, privilege escalation and device denial-of-service conditions
LibVNCServer before a 0.9.12 release contains a heap out-of-bound write vulnerability in the server code of the file transfer extension, which can result in remote code execution.
An improper input validation vulnerability has been identified in the Nari PCS-9611 protection relay. Although an exploit for the vulnerability exists, the vendor has so far not commented on the problem.
A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical...
LibVNCServer before a 0.9.12 release contains multiple heap out-of-bound write vulnerabilities in VNC client code, which can result in remote code execution.
Remote exploitation of discovered vulnerabilities lead to full compromise the system with Saperion webclient.
A new variant of the Mirai botnet can set up proxy servers on infected IoT devices
LibVNCServer before a 0.9.12 release contains a heap out-of-bound write vulnerability in a structure in VNC client code, which can result in remote code execution.
28 industrial solutions by Siemens are affected by vulnerabilities in Intel ME, SPS and TXE technologies. The vendor has released patches for all of these products and made these patches available...