SINUMERIK 828D V4.7, SINUMERIK 840D Sl V4.7, SINUMERIK 840D Sl V4.8 Security Vulnerabilities

Debian DSA-5581-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5581 advisory. The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an...

glibc security update

[2.28-225.0.4.6] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2023-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet (RHEL-2435). - CVE-2023-4813: work around RHEL-8 limitation in test (RHEL-2435). Reviewed by: Jose...

Exploit for Deserialization of Untrusted Data in Apache Log4J

log4j-shell-poc A Proof-Of-Concept for the recently found...

Exploit for Insecure Storage of Sensitive Information in Ibm I Access Client Solutions

CVE-2023-45184 IBM i Access Client Solutions < 1.1.9.4 -...

Ubuntu 20.04 LTS / 22.04 LTS : LibreOffice vulnerabilities (USN-6546-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6546-2 advisory. Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute...

CVE-2023-50563

Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at...

CVE-2023-50563

Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at...

Sql injection

Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at...

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

During an incident response performed by Kaspersky's Global Emergency Response Team (GERT) and GReAT, we uncovered a novel multiplatform threat named "NKAbuse". The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and.....

Siemens SINUMERIK

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens OPC UA Implementation in SINUMERIK ONE and SINUMERIK MC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens User Management Component (UMC)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

CVE-2023-50563

Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at...

LibreOffice vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages libreoffice - Office productivity suite Details USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the corresponding updates for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: Reginaldo Silva discovered...

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Introduction The crimeware landscape is diverse. Cybercriminals try to capitalize on their victims in every possible way by distributing various types of malware designed for different platforms. In recent months, we have written private reports on a wide range of topics, such as new...

Unspecified Vulnerability in Siemens User Management Component (UMC)

Opcenter Quality is a quality management system (QMS) that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system (DCS). the SINUMERIK....

Siemens User Management Component (UMC) Classic Buffer Overflow Vulnerability

Opcenter Quality is a quality management system (QMS) that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system (DCS). the SINUMERIK....

Siemens SINUMERIK ONE and SINUMERIK-MC Denial of Service Vulnerability

SINUMERIK MC is a CNC system for customized machine solutions. SINUMERIK ONE is a digital native CNC. A denial of service vulnerability exists in Siemens SINUMERIK ONE and SINUMERIK-MC due to a failure of an affected device to methodically and correctly process specially crafted packets sent to...

Siemens User Management Component (UMC) Input Validation Improperity Vulnerability

Opcenter Quality is a quality management system (QMS) that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system (DCS). the SINUMERIK....

Siemens User Management Component (UMC) Cross-Site Scripting Vulnerability

Opcenter Quality is a quality management system (QMS) that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system (DCS). the SINUMERIK....

CVE-2023-46285

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-46283

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-46284

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-46281

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-46282

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-46156

Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal...

Design/Logic Flaw

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally...

Input validation

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally...

Design/Logic Flaw

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally...

Design/Logic Flaw

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally...

Cross site scripting

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally...

Debian: Security Advisory (DSA-5574-1)

The remote host is missing an update for the...

[SECURITY] [DSA 5574-1] libreoffice security update

Debian Security Advisory DSA-5574-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 11, 2023 https://www.debian.org/security/faq Package : libreoffice CVE ID : CVE-2023-6185 CVE-2023-6186...

Mageia: Security Advisory (MGASA-2023-0343)

The remote host is missing an update for...

Debian DSA-5574-1 : libreoffice - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5574 advisory. Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary...

LibreOffice vulnerabilities

Releases Ubuntu 23.10 Ubuntu 23.04 Packages libreoffice - Office productivity suite Details Reginaldo Silva discovered that LibreOffice incorrectly handled filenames when passing embedded videos to GStreamer. If a user were tricked into opening a specially crafted file, a remote attacker...

Mageia: Security Advisory (MGASA-2023-0342)

The remote host is missing an update for...

Ubuntu 23.04 / 23.10 : LibreOffice vulnerabilities (USN-6546-1)

The remote Ubuntu 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6546-1 advisory. Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary...

Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to multiple vulnerabilities (CVE-2019-11236, CVE-2020-26137, CVE-2021-33503)

Summary Urllib is used by IBM Cloud Pak for Data Scheduling as part of the Ansible operator used for installation of the Scheduler. Vulnerability Details ** CVEID: CVE-2019-11236 DESCRIPTION: **Python urllib3 is vulnerable to CRLF injection, caused by improper validation of user-supplied input...

Security Bulletin: IBM Cloud Pak for Data Scheduling image contains a vulnerable ncurses package ( CVE-2023-29491 )

Summary Ncurses is packaged, but not used, in the ibm-cpd-scheduling-operator image. Vulnerability Details ** CVEID: CVE-2023-29491 DESCRIPTION: **ncurses is vulnerable to a denial of service, caused by a memory corruption flaw when used by a setuid application. By sending a specially crafted...

Security Bulletin: IBM Cloud Pak for Data Scheduling contains a vulnerable kubectl package ( CVE-2019-11250 )

Summary Kubectl is used by IBM Cloud Pak for Data Scheduling as part of the Ansible operator used for installation of the Scheduler. CVE-2019-11250. Vulnerability Details ** CVEID: CVE-2019-11250 DESCRIPTION: **Kubernetes could allow a local authenticated attacker to obtain sensitive information,.....

Security Bulletin: IBM Cloud Pak for Data Scheduling binaries were built with a go compiler with vulnerabilities( CVE-2023-39318, CVE-2023-39319, CVE-2023-39533 )

Summary Golang compiler is used to build the binaries of IBM Cloud Pak for Data Scheduling. Vulnerability Details ** CVEID: CVE-2023-39318 DESCRIPTION: **Golang Go is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the html/template package. A remote...

Security Bulletin: IBM Cloud Pak for Data Scheduling was built with a vulnerable golang compiler. ( CVE-2023-29406, CVE-2023-29409 )

Summary Golang compiler is used by IBM Cloud Pak for Data Scheduling to build the scheduler binaries. Vulnerability Details ** CVEID: CVE-2023-29406 DESCRIPTION: **Golang Go is vulnerable to HTTP header injection, caused by improper contents validation of Host header by the HTTP/1 client. By...

Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to DOS due to opm ( CVE-2023-25173, CVE-2023-25153 ).

Summary Opm is used by IBM Cloud Pak for Data Scheduling as part of the ibm-cpd-scheduler-operator-catalog image used for installation of the Scheduler. Vulnerability Details ** CVEID: CVE-2023-25173 DESCRIPTION: **containerd could allow a local authenticated attacker to bypass security...

Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to python vulnerability ( CVE-2022-40897 )

Summary Python is used by IBM Cloud Pak for Data as part of the Ansible operator for installation. Vulnerability Details ** CVEID: CVE-2022-40897 DESCRIPTION: **Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted...

Security Bulletin: IBM Cloud Pak for Data Scheduling is affected by opm vulnerability ( CVE-2023-2253 )

Summary Opm is used by IBM Cloud Pak for Data Scheduling as part of the ibm-cpd-scheduler-operator-catalog image used for installation of the Scheduler. Vulnerability Details ** CVEID: CVE-2023-2253 DESCRIPTION: **Distribution is vulnerable to a denial of service, caused by improper input...

New macOS Trojan-Proxy piggybacking on cracked software

Illegally distributed software historically has served as a way to sneak malware onto victims' devices. Oftentimes, users are not willing to pay for software tools they need, so they go searching the Web for a "free lunch". They are an excellent target for cybercriminals who realize that an...

CVE-2023-6357

A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the...

BlueNoroff: new Trojan attacking macOS users

We recently discovered a new variety of malicious loader that targets macOS, presumably linked to the BlueNoroff APT gang and its ongoing campaign known as RustBucket. The threat actor is known to attack financial organizations, particularly companies, whose activity is in any way related to...

Amazon Linux 2 : glibc (ALAS-2023-2371)

The version of glibc installed on the remote host is prior to 2.26-57. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2371 advisory. The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the...