141 matches found
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-322-01 Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio ICSA-25-322-02 Shel...
CISA Releases 10 Industrial Control Systems Advisories
CISA released 10 Industrial Control Systems ICS advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-294-01 Rockwell Automation 1783-NATR ICSA-25-294-02 Rockwell Automation Compact GuardLogix 5370...
EUVD-2020-20705
Malware in sbrugna...
EUVD-2012-3739
Malware in sbrugna...
EUVD-2015-7819
Malware in sbrugna...
EUVD-2018-19544
Malware in sbrugna...
EUVD-2017-18870
Malware in sbrugna...
EUVD-2016-3375
Malware in sbrugna...
EUVD-2016-3374
Malware in sbrugna...
EUVD-2016-3376
Malware in sbrugna...
EUVD-2012-3740
Malware in sbrugna...
EUVD-2022-44856
Malicious code in bioql PyPI...
EUVD-2022-44853
Malicious code in bioql PyPI...
EUVD-2022-44854
Malicious code in bioql PyPI...
EUVD-2022-44858
Malicious code in bioql PyPI...
EUVD-2022-44855
Malicious code in bioql PyPI...
CVE-2022-41668
A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from an adversary-controlled network share which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3 Hotfix 1...
CVE-2022-41666
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3 Hotfix 1 or prior, Pro-face...
CVE-2022-41671
A CWE-89: Improper Neutralization of Special Elements used in SQL Command ‘SQL Injection’ vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected...
CVE-2022-41667
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3 Hotfi...