Malware targeting industrial plants: a threat to physical security

We live in a world where more and more manufacturing processes are controlled by computers that send instructions to robots. This might sound like a safe and efficient way of work, as it rules out human error, but what happens when a threat actor decides to target production servers? Consider the...

Siemens Automation License Manager Detection (Windows SMB Login)

SMB login-based detection of Siemens Automation License Manager. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

DEBIAN-CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

UBUNTU-CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

Buffer overflow

The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. The devices transmit process control information via unencrypted Modbus communications. Impact: A...

BruCON Primer: 10 Years and Cisco Talos Talks

Cisco Talos will have a significant presence at the 10th edition of BruCON, which kicks off this week. Below, you will find the presentations that Talos researchers will give, along with a brief overview of the topics they will discuss. We are fortunate to have multiple speakers presenting this...

Node.js: Pull Request #12949 - Security Implications without CVE assignment

Summary: Pull Request 12949 has security implications but it was not assigned a CVE by the Node team. It is being reported by Qualys as a 6.8 severity issue without a CVE. Description: Here is the commit and pull request - https://github.com/nodejs/node/commit/010f864426...

Siemens OpenSSL Vulnerabilities (Update G)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-14-198-03F Siemens OpenSSL Vulnerabilities that was published October 16, 2014, on the NCCIC/ICS-CERT web site. --------- Begin Update G Part 1 of 3 -------- Siemens has identified four vulnerabilities in its OpenSS...

Code injection

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...

CVE-2018-10607

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...

CVE-2018-10607

CVE-2018-10607 affects Martem TELEM-GW6 and GWM devices. The vulnerability allows creating new connections to one or more IOAs without properly closing them, causing a denial of service in the industrial process control channel. Affected firmware: 2018.04.18-linux_4-01-601cb47 and prior; remediat...

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service Vulnerability

Exploit for hardware platform in category dos / poc Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 build...

CVE-2018-5163

If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache JSBC for other JavaScript code. If the parent process then runs this replaced code, the...

Martem TELEM-GW6/GWM Denial of Service Vulnerability

Martem specializes in providing remote control systems for monitoring and controlling distribution networks, and its customers include distribution companies as well as industrial and transportation companies that own their own power grids. A denial of service vulnerability exists in the Martem...

Martem TELEM-GW6/GWM (Update B)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Martem Equipment : TELEM-GW6/GWM --------- Begin Update B Part 1 of 5 -------- Vulnerabilities : Missing Authentication for Critical Function, Incorrect Default Permissions, Resource Exhaustion,...

Microsoft Windows 10: Take ownership of files or other objects

This policy setting determines which users can take ownership of any securable object in the device, including Active Directory objects, NTFS files and folders, printers, registry keys, services, processes, and threads. Every object has an owner, whether the object resides in an NTFS volume or...

CVE-2017-13261

In bnepprocesscontrolpacket of bneputils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1,...

SUSE-SU-2018:0866-1 Security update for coreutils

This update for coreutils fixes one issue. This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041...

Supervisor XML-RPC Authenticated Remote Code Execution Exploit

This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending o...

Siemens SIMATIC WinCC/PCS 7/WinCCRuntime Professional has a Remote Code Execution Vulnerability

SIMATIC WinCC Windows Control Center, Siemens' process monitoring system, provides complete supervisory control and data acquisition SCADA functionality for industry; the PCS 7 system is a seamlessly integrated automation solution that can be used in all areas of industry. A remote code execution...