157 matches found
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41004)
tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock get a reference those event file reference in module init function, and unlock and delete it in module exit function. This is because those are designed for playing as...
Everyone Needs AIR: An Agnostic Incident Reporting Framework for Cybersecurity in Operational Technology
Operational technology OT networks are increasingly coupled with information technology IT, expanding the attack surface and complicating incident response. Although OT standards emphasise incident reporting and evidence preservation, they do not specify what data to capture during an incident,...
Nozomi Networks Guardian和Nozomi Networks CMC 路径遍历漏洞
Nozomi Networks Guardian and Nozomi Networks CMC are both products of Nozomi Networks, U.S.A. Nozomi Networks Guardian is an IoT device and software inspection system.Nozomi Networks CMC is a software application. It provides centralized OT and IoT security management. Nozomi Networks Guardian an...
Global Exposure of 180,000 ICS/OT Devices Raises Safety Concerns
Bitsight warns ICS/OT exposure jumped 12% in 2024, leaving 180,000+ critical infrastructure systems open to attack. Learn about the possible vulnerabilities and new malware strains...
CISA and UK NCSC Release Joint Guidance for Securing OT Systems
CISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security Centre, and other international partners has released new joint cybersecurity guidance: Creating and Maintaining a Definitive View of Your Operational Technology OT Architecture. Building...
From Protest to Power Plant: Interpreting the Role of Escalatory Hacktivism in Cyber Conflict
Since 2022, hacktivist groups have escalated their tactics, expanding from distributed denial-of-service attacks and document leaks to include targeting operational technology OT. By 2024, attacks on the OT of critical national infrastructure CNI had been linked to partisan hacktivist efforts in...
PT-2025-34748
Name of the Vulnerable Software and Affected Versions: Delta Electronics COMMGR affected versions not specified Description: Delta Electronics COMMGR is susceptible to a stack-based buffer overflow. This issue poses a remote code execution RCE risk on Operational Technology OT systems. The...
CISA and Partners Release Asset Inventory Guidance for Operational Technology Owners and Operators
CISA, along with the National Security Agency, the Federal Bureau of Investigation, Environmental Protection Agency, and several international partners, released comprehensive guidance to help operational technology OT owners and operators across all critical infrastructure sectors create and...
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform OTP SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology OT networks. The vulnerability in questio...
An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 1)
Building the Bench This is the first in a three part series on building and using a testing bench for ICS systems. In this series we will build a physical test bench, review program logic to find flaws, perform manual exploitation of commonly used ICS protocols such as Modbus, then develop malwar...
CISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical Environment
Today, CISA, in collaboration with the Federal Bureau of Investigation FBI, the Department of Defense Cyber Crime Center DC3, and the National Security Agency NSA, released a Fact Sheet urging organizations to remain vigilant against potential targeted cyber operations by Iranian state-sponsored ...
CISA: Primary Mitigations to Reduce Cyber Threats to Operational Technology
The Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Environmental Protection Agency EPA, and Department of Energy DOE are aware of cyber incidents affecting the operational technology OT and industrial control systems ICS of critical infrastructure...
Unsophisticated Cyber Actor(s) Targeting Operational Technology
CISA is increasingly aware of unsophisticated cyber actors targeting ICS/SCADA systems within U.S. critical Infrastructure sectors Oil and Natural Gas, specifically in Energy and Transportation Systems. Although these activities often include basic and elementary intrusion techniques, the presenc...
Device Mode Transition Detected (High)
The state of the controller code changed, regardless of the state expected by the process. When not part of scheduled maintenance, forcing can be used to introduce hard-to-detect, long-lasting changes that are harmful to operations. This plugin only works with Tenable.ot. Please visit...
Device Status Modification Detected (High)
Changes in the controller state can stop operations altogether or start an operation that should not have been started. These operations can be used by an attacker to disrupt normal operation, cause production losses, or create safety concerns. This plugin only works with Tenable.ot. Please visit...
CISA: Key Secure by Demand Elements for Operational Technology Fact Sheet
This fact sheet addresses key elements for operational technology OT owners and operators to consider when purchasing digital products that automate physical processes, e.g. programmable logic controllers PLCs, human-machine interfaces HMIs, and remote terminal units RTUs. CISA strongly advises...
Firmware Version Change Detected (Low)
Changes in the controller firmware represent a major change in the behavior of the device and usually cause a temporary interruption of operations. An attacker could use firmware changes to add malicious code to the controller, causing it to perform harmful operations which are hard to detect. Th...
Siemens SIMATIC S7-1500 TM MFP BIOS Out-of-bounds Write (CVE-2020-10029)
The GNU C Library aka glibc or libc6 before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to...
Siemens SIMATIC Devices Linux Kernel Missing Release of Memory after Effective Lifetime (CVE-2022-1012)
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. This plugin only works with Tenable.ot. Please visit...
The High-Stakes Disconnect For ICS/OT Security
Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn't just ineffective—it's high risk. In the rapidly evolving domain of cybersecurity, the specific challenges and needs for Industrial Control Systems ICS...