BD Pyxis™ Rapid Rx Security Vulnerabilities

DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The agency attributed the campaign to a threat actor it calls UAC-0027. DirtyMoe, active since at least 2016, is capable of.....

CVE-2024-21866

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...

CVE-2024-22096

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...

CVE-2024-21866

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...

CVE-2024-22096

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...

CVE-2024-22016

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...

CVE-2024-21869

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...

CVE-2024-21869

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...

CVE-2024-22016

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...

CVE-2024-21764

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...

CVE-2024-21794

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...

CVE-2024-21794

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...

CVE-2024-21764

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...

Design/Logic Flaw

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...

Privilege escalation

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...

Path traversal

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...

Design/Logic Flaw

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...

Hardcoded credentials

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...

Authentication flaw

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...

K000138460: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2024-20960 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: RAPID). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access...

CVE-2024-21866 Generation of Error Message Containing Sensitive Information in Rapid SCADA

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...

CVE-2024-21869 Plaintext Storage of a Password in Rapid SCADA

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...

CVE-2024-21764 Use of Hard-Coded Credentials in Rapid SCADA

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...

CVE-2024-21794 Open Redirect in Rapid SCADA

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...

CVE-2024-22016 Incorrect Permission Assignment for Critical Resource in Rapid SCADA

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...

CVE-2024-21852

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...

CVE-2024-21852

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...

CVE-2024-22096 Relative Path Traversal in Rapid SCADA

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...

Remote code execution

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...

CVE-2024-21852 Rapid SCADA Path Traversal

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...

(RHSA-2024:0484) Important: OpenShift Container Platform 4.13.31 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.31. See the following advisory for the RPM...

How to Implement a Secure Incident Response Plan

Understanding the Basics of Secure Incident Response Plan A proactive strategy for coping with digital dangers calls for a well-planned process that can neutralize and diminish the harmful aftermath of unauthorized intrusion attempts and neglect of security principles. The primary aim of this...

containerd environment variable leak

Impact Containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If.....

containerd environment variable leak

Impact Containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If.....

How to Prepare for a Cyberattack

Deciphering the Cyber Invasion Terrain We exist in an era deeply entrenched in digital dependence, where cyber invasions present significant risks for companies, government establishments, and solitary users. As we hurdle deeper into the digital era, the art of cyber misdemeanors continues to...

(RHSA-2024:0485) Important: OpenShift Container Platform 4.12.48 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.48. See the following advisory for the RPM...

Qualys Patch Management: A Review of New Features in 2023 for Faster Elimination of Cyber Risk

The recent debut of Qualys’ Enterprise TruRisk Platform promises three key benefits: measuring, communicating, and eliminating cyber risk across the extended enterprise. Qualys Patch Management plays a pivotal role in this process towards the rapid elimination of cyber risk. Our focus during 2023.....

BIT-kong-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...

ICS and OT threat predictions for 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. Most of the below-described trends have been observed before, many for some years. However, some of them have reached a critical mass of creeping changes, which could lead to a qualitative shift in the threat landscape....

Jenkins cli Ampersand Replacement Arbitrary File Read

This module utilizes the Jenkins cli protocol to run the help command. The cli is accessible with read-only permissions by default, which are all thats required. Jenkins cli utilizes args4j's parseArgument, which calls expandAtFiles to replace any @ with the contents of a file. We are then able to....

Wiz recognized with top score for the current offering category in The Forrester Wave™: Cloud Workload Security, Q1, 2024

Learn why Forrester recognized Wiz as the top ranked in the current offering category on the market out of the top 13 providers, and how their analysis connects with the Wiz...

Kafka vs RabbitMQ

An Intro to Kafka and RabbitMQ: The Masters of Messaging In the realm of messaging systems, two names stand out: Kafka and RabbitMQ. These two powerhouses have become the go-to solutions for developers and organizations looking to handle high-volume, real-time data processing and messaging. But...

Deepfake Taylor Swift images circulate online, politicians call for laws to ban deepfake creation

Deepfake images of Taylor Swift have really made some serious waves. Explicit images of the popstar, generated by Artificial Intelligence (AI) were posted on social media and Telegram. The images were viewed millions of times. The impact of the deepfake was enormous. Social media platform X...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : MySQL vulnerabilities (USN-6615-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6615-1 advisory. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition 8.5.0 (CVE-2016-3449, CVE-2016-0264)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details If you run your own Java code using the IBM Java Runtime...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to denial of service due to the use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2023-22081, CVE-2023-5676)

Summary IBM Virtualization Engine TS7700 is susceptible to denial of service due to the use of IBM SDK Java Technology Edition, Version 8 (CVE-2023-22081, CVE-2023-5676). The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent....

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition (CVE-2014-3566, CVE-2014-6457, CVE-2014-6468)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 5 and 7 that is used by Content Manager Enterprise Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption (POODLE) SSLv3 vulnerability (CVE-2014-3566). These...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Manager Enterprise Edition CVE-2015-7575

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.7 that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. ...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition ((CVE-2015-0410, CVE-2014-6593, CVE-2015-0383, CVE-2015-0138))

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 7, that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring....

Security Bulletin: Security Vulnerabilities have been identified in IBM® SDK Java™ Technology Edition shipped with Content Management Enterprise Edition

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM Content Management Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Information about the security vulnerability affecting IBM SDK Java...