ABB Ability™ Symphony® Plus Historian Security Vulnerabilities

Ransomware Attacks Are Getting Worse

Plus: US lawmakers have nothing to say about an Israeli influence campaign aimed at US voters, a former LA Dodgers owner wants to fix the internet, and...

CVE-2024-37369

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the...

CVE-2024-5659

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device...

CVE-2024-37369 Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the...

CVE-2024-37369 Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the...

CVE-2024-37368

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...

CVE-2024-37368

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...

CVE-2024-37367

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication...

CVE-2024-37367

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication...

CVE-2024-37368 Rockwell Automation FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...

Ability to by-pass second factor

Description Impact Under some circumstance it was possible to bypass the second factor of 2FA after successfully providing the user credentials. Patches It is recommended that the Nextcloud Server is upgraded to 26.0.13, 27.1.8 or 28.0.4 It is recommended that the Nextcloud Enterprise Server is...

CVE-2024-37367 Rockwell Automation FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication...

CVE-2024-2472

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function in all versions up to and including 4.9.9. This makes it possible for unauthenticated attackers to...

CVE-2024-2472

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function in all versions up to and including 4.9.9. This makes it possible for unauthenticated attackers to...

CVE-2024-2472 LatePoint Plugin <= 4.9.9 - Missing Authorization and Sensitive Information Exposure via IDOR

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function in all versions up to and including 4.9.9. This makes it possible for unauthenticated attackers to...

CVE-2024-2472 LatePoint Plugin <= 4.9.9 - Missing Authorization and Sensitive Information Exposure via IDOR

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function in all versions up to and including 4.9.9. This makes it possible for unauthenticated attackers to...

CVE-2023-47855

A flaw was found in intel-microcode. Improper input validation in some Intel® TDX module software may allow a privileged user to enable escalation of privileges via local access. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat.....

(Pwn2Own) Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 3, 2024 to June 9, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services

In the ever-evolving landscape of cybersecurity, staying ahead of threats is not just a goal—it's a necessity. At Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform and service offerings, transforming the way security operations centers (SOCs) around the globe....

AI and the Indian Election

As India concluded the world's largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies--and what lessons that holds for the rest of the world. The campaigns made extensive use of...

Cinterion EHS5 3G UMTS/HSPA Module Research

Modems play an important role in enabling connectivity for a wide range of devices. This includes not only traditional mobile devices and household appliances, but also telecommunication systems in vehicles, ATMs and Automated Process Control Systems (APCS). When integrating the modem, many...

(0Day) Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass

Summary By combining two vulnerabilities (an Open Redirect and session token sent as URL query parameter) in Strapi framework is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click)....

@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass

Summary By combining two vulnerabilities (an Open Redirect and session token sent as URL query parameter) in Strapi framework is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click)....

CVE-2024-1576

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through...

CVE-2024-1576

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through...

CVE-2024-1576 SQL Injection in MegaBIP

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through...

CVE-2024-1576 SQL Injection in MegaBIP

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions through...

Using AI for Political Polling

Public polling is a critical function of modern political campaigns and movements, but it isn't what it once was. Recent US election cycles have produced copious postmortems explaining both the successes and the flaws of public polling. There are two main reasons polling fails. First, nonresponse.....

Exploit for CVE-2024-27348

Remote Code Execution vulnerability in Apache HugeGraph...

(Pwn2Own) Microsoft Windows cldflt Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt kernel...

RHEL 8 : kernel (RHSA-2024:3810)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3810 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in...

(Pwn2Own) Microsoft Windows UnserializePropertySet Privilege Context Switching Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

(Pwn2Own) Microsoft Windows DirectComposition Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition......

(Pwn2Own) Microsoft Windows NtQueryInformationToken Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation.....

(Pwn2Own) Microsoft Windows UnserializePropertySet Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Microsoft Windows Menu DC Brush Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

(Pwn2Own) Microsoft Windows mskssrv Driver Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Microsoft...

(Pwn2Own) Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escape the sandbox on affected installations of Mozilla Firefox. An attacker must first obtain the ability to execute low-privileged code in the renderer process in order to exploit this vulnerability. The specific flaw exists within the SessionStore...

Microsoft Windows Menu DC Pen Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

(Pwn2Own) Microsoft Windows win32kfull Improper Input Validation Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. (CVE-2023-29267)

Summary IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. Vulnerability Details ** CVEID: CVE-2023-29267 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as a trap...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables. (CVE-2024-31881)

Summary IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. Vulnerability Details ** CVEID: CVE-2024-31881 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted statement. (CVE-2024-31880)

Summary IBM® Db2® is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. Vulnerability Details ** CVEID: CVE-2024-31880 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2...

Security Bulletin: IBM® Db2® federated server is affected by vulnerabilities in the open source commons-configuration2 library. (CVE-2024-29131, CVE-2024-29133)

Summary IBM® Db2® federated server is affected by vulnerabilities in the open source commons-configuration2 library when using the NoSQL Hadoop wrapper. Vulnerability Details ** CVEID: CVE-2024-29131 DESCRIPTION: **Apache Commons Configuration could allow a remote attacker to execute arbitrary...

Security Bulletin: IBM® Db2® federated server is affected by a vulnerability in the open source netty-codec-http library. (CVE-2024-29025)

Summary IBM® Db2® federated server is affected by a vulnerability in the open source netty-codec-http library when using the NoSQL Blockchain wrapper. Vulnerability Details ** CVEID: CVE-2024-29025 DESCRIPTION: **Netty is vulnerable to a denial of service, caused by a flaw when using the...

Security Bulletin: IBM® Db2® NSE (Net Search Extender) is affected by a vulnerability in the open source Expat library. (CVE-2024-28757)

Summary IBM® Db2® NSE (Net Search Extender) is affected by a vulnerability in the open source Expat library. Vulnerability Details ** CVEID: CVE-2024-28757 DESCRIPTION: **libexpat could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query under certain conditions. (CVE-2024-28762)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query under certain conditions. Vulnerability Details ** CVEID: CVE-2024-28762 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) is vulnerable to denial of service with a specially...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service when a specially crafted request is used via CLI. (CVE-2023-45178)

Summary IBM® Db2® is vulnerable to a denial of service when a specially crafted request is used via CLI. Vulnerability Details ** CVEID: CVE-2023-45178 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) CLI is vulnerable to a denial of service when a specially...