A Few More Reasons Why RDP is Insecure (Surprise!)

If it seems like Remote Desktop Protocol RDP has been around forever, it's because it has at least compared to the many technologies that rise and fall within just a few years. The initial version, known as "Remote Desktop Protocol 4.0," was released in 1996 as part of the Windows NT 4.0 Terminal...

WellinTech KingHistorian

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: WellinTech Equipment: KingHistorian Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Signed to Unsigned Conversion Error 2. RISK EVALUATION...

Rockwell Automation Kinetix 5700 DC Bus Power Supply

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Kinetix 5700 Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service attack...

CVE-2023-38405

On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash...

CVE-2023-38405

CVE-2023-38405 affects Crestron 3-Series Control Systems prior to version 1.8001.0187. A device crash can be triggered by crafting and sending a specific BACnet packet to the system. The public materials describe the issue as a crash caused by a malformed BACnet packet, with remediation guidance ...

CVE-2023-38405

On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash...

CISA Releases One Industrial Control Systems Advisory

CISA released one Critical Industrial Control Systems ICS advisory on July 12, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-193-01 Rockwell Automation Select Communication Modules CISA encourages users and...

CISA Releases Three Industrial Control Systems Advisories

CISA has released three Industrial Control Systems ICS advisories on July 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...

The vulnerabilities of Siemens SIMATIC PCS 7, SIMATIC S7-PM, and SIMATIC STEP 7 operating systems allow attackers to gain increased privileges.

The vulnerability of Siemens SIMATIC PCS 7, SIMATIC S7-PM, and SIMATIC STEP 7 process control systems is related to incorrect code generation. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

The vulnerability of motion controllers and motion control systems like SIMOTION allows a intruder to disclose the protected information.

The vulnerability of SIMOTION motion controllers and motion control systems lies in the lack of protection for mission-critical data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on June 29, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-180-01 Delta Electronics InfraSuite Device Master ICSA-23-180-02 Schneider Electric...

Schneider Electric EcoStruxure Operator Terminal Expert

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity/public exploits are available Vendor: Schneider Electric Equipment: EcoStruxure Operator Terminal Expert VXDZ Vulnerability: Improper Control of Generation of Code 'Code Injection' 2. RISK EVALUATION Successful exploitation of this...

Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control

Drones that don't have any known security weaknesses could be the target of electromagnetic fault injection EMFI attacks, potentially enabling a threat actor to achieve arbitrary code execution and compromise their functionality and safety. The research comes from IOActive, which found that it is...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on June 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-178-01 Hitachi EnergyFOXMAN-UN and UNEM Products CISA encourages users and administrators t...

CVE-2023-2828

creationtimestamp| type| source ---|---|--- 2023-06-26 15:40:05+00:00| seen| https://t.me/truesecator/4544 2025-04-15 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on June 20, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-171-01 Enphase Envoy ICSA-23-171-02 Enphase Installer Toolkit Android App CISA encourages...

CVE-2023-35827

creationtimestamp| type| source ---|---|--- 2023-06-19 02:25:01+00:00| seen| https://t.me/cibsecurity/65326 2023-11-29 15:34:18+00:00| seen| https://t.me/arpsyndicate/759 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-15...

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on June 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-166-01 SUBNET PowerSYSTEM Center ICSA-23-166-02 Advantech WebAccessSCADA...

Rockwell Automation FactoryTalk Edge Gateway

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Edge Gateway Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local user to cause the program to crash, causing a...

Siemens SIMATIC STEP 7 and Derived Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...