145 matches found
Security Bulletin: This Power System update is being released to address CVE 2020-25705
Summary POWER9: In response to security issues with BMC's UDP network service, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-25705. Vulnerability Details CVEID: CVE-2020-25705 DESCRIPTION: Linux Kernel could allow a remo...
Security Bulletin: This Power System update is being released to address CVE 2021-3450 and CVE 2021-3449
Summary POWER9: In response to security issues with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue numbers CVE 2021-3450 and CVE 2021-3449. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a...
Security Bulletin: Incorrect file permissions allows authenticated users to recover IPMI user passwords
Summary A flaw in the file permissions may expose IPMI user passwords. This may lead to privilege escalations. Vulnerability Details CVEID: CVE-2020-14156 DESCRIPTION: OpenBMC phosphor-host-ipmid could allow a remote authenticated attacker to bypass security restrictions, caused by the failure to...
Security Bulletin: This Power System update is being released to address CVE 2020-16166
Summary POWER9: In response to a security issue with BMC's network service, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-16166. Vulnerability Details CVEID: CVE-2020-16166 DESCRIPTION: Linux Kernel could allow a remote...
Security Bulletin: This Power System update is being released to address CVE 2021-39296
Summary POWER9: In response to a security issue with BMC's IPMI LAN+ interface, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2021-39296. Vulnerability Details CVEID: CVE-2021-39296 DESCRIPTION: OpenBMC could allow a remote...
Security Bulletin: This Power System update is being released to address CVE 2020-1971
Summary POWER9: In response to a security issue with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-1971. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of...
Siemens Product WIBU Systems CodeMeter Runtime Denial of Service Vulnerability
PSSRCAPE is a transmission and distribution network protection simulation software. pssRE i is a power system simulation and analysis tool for transmission operation and planning. pssRODMS i is a transmission network modeling and analysis tool. sicam 230 is a scalable process control system for a...
Security Bulletin: The PowerVM hypervisor is vulnerable to a specially crafted sequence of hypervisor calls from a partition that can lead to a system crash
Summary An attacker that gains total control of a virtual machine running on the PowerVM hypervisor could issue a specially crafted sequence of hypervisor calls that will lead to a system crash and and an outage of all virtual machines running on the same system Vulnerability Details CVEID:...
Security Bulletin: The PowerVM Platform KeyStore functionality can be compromised if an attacker gains service access to the FSP
Summary An attacker that gains service access to the FSP can locate and through a series of service procedures decrypt data contained in the Platform KeyStore Vulnerability Details CVEID: CVE-2021-29765 DESCRIPTION: IBM PowerVM Hypervisor could allow an attacker to obtain sensitive information if...
Security Bulletin: This Power System update is being released to address CVE 2021-20505
Summary POWER9: In response to a weakness in a set of PowerVM service procedures a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2021-20505. Vulnerability Details CVEID: CVE-2021-20505 DESCRIPTION: The PowerVM Logical Partition...
IBM Power System 安全漏洞
IBM Power System is a Power processor-based server computer from IBM in the United States. A security vulnerability exists in the IBM Power System that could compromise the PowerVM Logical Partition Migration LPM encryption key exchange protocol. If an attacker could exploit the vulnerability to ...
IBM Power HMC Elevation of Privilege Vulnerability
IBM Power HMC is a set of graphical interface software for configuring and managing the Power System family of servers from IBM in the United States. The software is primarily used to manage hardware such as servers. IBM Power HMC has an elevation of privilege vulnerability that could be exploite...
Security Bulletin: This Power System update is being released to address CVE-2021-20487
Summary Power9: A new Power Systems firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2021-20487. The Self Boot EngineSBE can be compromised from the service processor to allow injection of malicious code. An attacker that gains root access to the...
Chinese Hackers Targeted India's Power Grid Amid Geopolitical Tensions
Amid heightened border tensions between India and China, cybersecurity researchers have revealed a concerted campaign against India's critical infrastructure, including the nation's power grid, from Chinese state-sponsored groups. The attacks, which coincided with the standoff between the two...
IBM i 安全漏洞
The IBM Power System is a Power processor-based server computer from IBM in the United States. A security vulnerability exists in IBM Power9 processor, which can be exploited by an attacker to obtain sensitive information from data in the L1 cache under the right circumstances...
Denial of Service Vulnerability in Zhongyuan Huadian Digital-Analog Recording ZH-3D Dynamic Recording Device (CNVD-2020-01308)
Zhongyuan Huadian digital and analog recording ZH-3D dynamic recording device is a power system fault recording system primary voltage and current waveforms and secondary equipment action behavior, to achieve the power system fault analysis and fault ranging and positioning equipment. A denial of...
Denial of Service Vulnerability in Zhongyuan Huadian Digital-Analog Recording ZH-3D Dynamic Recording Device
Zhongyuan Huadian digital and analog recording ZH-3D dynamic recording device is a power system fault recording system primary voltage and current waveforms and secondary equipment action behavior, to achieve the power system fault analysis and fault ranging and positioning equipment. A denial of...
Denial of Service Vulnerability in FTR-100 Power System Dynamic Recording Device (CNVD-2020-01299)
FTR-100 Power System Dynamic Recording Device is a device for power system digital substation. A denial of service vulnerability exists in the FTR-100 Power System Dynamic Recording Device, which can be exploited by attackers to cause a denial of service...
Denial of Service Vulnerability in DPR-343-DA-G Power System Dynamic Recording Device of Guodian Nanrui Technology Co.
DPR-343-DA-G Power System Dynamic Recording Device is a fault recording device based on DL/T860 framework and applied in new generation intelligent substation. A denial of service vulnerability exists in the DPR-343-DA-G Power System Dynamic Recording Device of Guodian Nanrui Technology...
Denial of Service Vulnerability in DPR-343-DA-G Power System Dynamic Recording Device of Guodian Nanrui Science and Technology Co.(CNVD-2020-01585)
DPR-343-DA-G Power System Dynamic Recording Device is a fault recording device based on DL/T860 framework and applied in new generation intelligent substation. A denial-of-service vulnerability exists in the DPR-343-DA-G Power System Dynamic Recording Device of Guodian Nanrui Technology...