Siemens SIMATIC RFID Readers Hidden Function Vulnerability (CNVD-2024-38007)

SIMATIC RF600 Readers are used for contactless identification of a variety of objects such as shipping containers, pallets, production goods, or often for recording bulk goods.SIMATIC RF1100 is an RFID-based solution for simple and versatile electronic authorization management.SIMATIC RF360R read...

CVE-2024-8692

A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The...

CVE-2024-43690

Inclusion of Functionality from Untrusted Control SphereCWE-829 in the Command Centre Server and Workstations may allow an attacker to perform Remote Code Execution RCE. This issue affects: Command Centre Server and Command Centre Workstations 9.10 prior to vEL9.10.1530 MR2, 9.00 prior to...

CVE-2024-43690

CVE-2024-43690 describes that Gallagher Command Centre Server and Command Centre Workstations are affected by CWE-829 due to the inclusion of functionality from an untrusted control sphere, which may allow an attacker to perform Remote Code Execution (RCE). Affected products/versions include: Com...

PT-2024-39190 · Unknown · Code-Projects Inventory Management

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management version 1.0 Description: A critical vulnerability was found in the code-projects Inventory Management software. The issue affects an unknown functionality of the file /model/viewProduct.php of the component...

CVE-2024-8322

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...

CVE-2024-8322

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...

CVE-2024-8322

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...

CVE-2024-8322

Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...

CVE-2024-8322

Ivanti Endpoint Manager (EPM) is affected by CVE-2024-8322 due to weak authentication in Patch Management prior to 2022 SU6 or the 2024 September update. The issue allows a remote authenticated attacker to access restricted functionality. Public references describe it as part of a set of EPM vuln...

CVE-2024-37994

Siemens SIMATIC RFID Readers are affected by CVE-2024-37994. A hidden configuration item enables debug functionality, allowing an attacker to gain insight into internal deployment configuration. Affected devices include multiple RF610R/RF615R/RF650R/RF680R/RF685R families (CMIIT/ETSI/FCC/ARIB var...

CVE-2024-37994

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

CVE-2024-37994

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft USA. A security vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to bypass certain functionality. The following products and versions are affected: Windows 11 Versio...

Siemens SIMATIC 安全漏洞

SIMATIC RF600 Readers are used for contactless identification of a variety of objects such as shipping containers, pallets, production goods, or often for recording bulk goods.SIMATIC RF1100 is an RFID-based solution for simple and versatile electronic authorization management.SIMATIC RF360R read...

PT-2024-7406 · Siemens · Simatic Reader Rf615R +11

Name of the Vulnerable Software and Affected Versions: SIMATIC Reader RF610R CMIIT versions prior to V4.2 SIMATIC Reader RF610R ETSI versions prior to V4.2 SIMATIC Reader RF610R FCC versions prior to V4.2 SIMATIC Reader RF615R CMIIT versions prior to V4.2 SIMATIC Reader RF615R ETSI versions prior...

Siemens SIMATIC RFID Readers

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Loki: a new private agent for the popular Mythic framework

In July 2024, we discovered the previously unknown Loki backdoor, which was used in a series of targeted attacks. By analyzing the malicious file and open sources, we determined that Loki is a private version of an agent for the open-source Mythic framework. One of the agent's decrypted strings O...

Malicious code in browser-cookies1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cabd14fc21e5314fd1778bac4e49f0cb8a145e773e147666070d85aa60e422c Package contains a compiled infostealer that is started instead of promised functionality --- Category: MALICIOUS - The campaign has clearly malicious intent,...

Malicious code in harthat-hash (npm)

The package contains a preinstall hook which silently executes a malicious script with downloader functionality. This is characteristic of an ongoing North Korean state-sponsored campaign...