ChamaleoNet: Programmable Passive Probe for Enhanced Visibility on Erroneous Traffic

Traffic visibility remains a key component for management and security operations. Observing unsolicited and erroneous traffic, such as unanswered traffic or errors, is fundamental to detect misconfiguration, temporary failures or attacks. ChamaleoNet transforms any production network into a...

Vulnerability fixed in Rockwell Automation FactoryTalk

Rockwell has fixed a vulnerability in Factory Talk View Machine Edition. An unauthenticated malicious person could exploit the exploit the vulnerability to execute arbitrary code on the vulnerable system. For successful exploitation, the malicious party must have access to the production network...

Vulnerability fixed in Schneider Electric PowerLogic

Schneider Electric has fixed a vulnerability in PowerLogic HDPM6000. A malicious party could exploit the vulnerability to cause a denial-of-service DoS, or possibly to execute arbitrary execute arbitrary code on the vulnerable system, by sending specially prepared Ethernet packets. To send the...

Vulnerabilities fixed in Aveva products

Aveva has fixed vulnerabilities in inTouch, PlantScada and Telemery Server. A malicious party could exploit the vulnerabilities to carry out attacks that could result in the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User rights Access to system...

Vulnerabilities fixed in IP stack of various SIEMENS products

Siemens has fixed two vulnerabilities in the Linux IP stack of various industrial products. An unauthenticated malicious person could exploit the vulnerabilities to cause a denial-of-service cause. The malicious party must have access to the production network. It is good practice not to have suc...

Vulnerabilities discovered in HMI Panels

Because SIMATIC HMI panels do not properly handle repeated login attempts correctly, they are susceptible to Brute-force attacks. A malicious party can use them to retrieve user names and passwords find out and thus issue random commands with permissions from the affected user account. To exploit...

Vulnerability discovered in Siemens SIMATIC S&-300 and S7-400 CPUs

Siemens has discovered a vulnerability in the SIMATIC S7-300 and S7-400 CPUs. An unauthenticated malicious person can exploit the exploit the vulnerability to eavesdrop on network traffic and thereby obtaining login credentials. To exploit the vulnerability, the attacker must have access to the...

Vulnerability discovered in several Siemens products

Researchers have revealed that several Industrial products from Siemens are vulnerable to the so-called "CrossTalk" vulnerability in Intel Processors. A local malicious person with the rights to install software can exploit the vulnerability to gain access gain access to sensitive data. To do so,...

WIBU CodeMeter vulnerabilities discovered in several Sieens products

WIBU systems has published a number of vulnerabilities, which would allow an unauthenticated remote malicious person is able to Manipulate license files, execute arbitrary code with application privileges or to cause a Denial-of-Service cause. WIBU gives the vulnerability with attribute...

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious party to perform Cross-Site Scripting and cause a Denial-of-Service. To exploit the vulnerabilities, the malicious party must have access to the production network. It is good practice the production networ...