253 matches found
ABB SMU615 Improper Initialization (CVE-2021-22283)
Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1...
Protecting Against Malicious Use of Remote Monitoring and Management Software
Summary The Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, and Multi-State Information Sharing and Analysis Center MS-ISAC hereafter referred to as the “authoring organizations” are releasing this joint Cybersecurity Advisory CSA to warn network defenders abo...
U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software
At least two federal agencies in the U.S. fell victim to a "widespread cyber campaign" that involved the use of legitimate remote monitoring and management RMM software to perpetuate a phishing scam. "Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate...
U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software
At least two federal agencies in the U.S. fell victim to a "widespread cyber campaign" that involved the use of legitimate remote monitoring and management RMM software to perpetuate a phishing scam. "Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate...
CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software
Today, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, and the Multi-State Information Sharing and Analysis Center MS-ISAC released joint Cybersecurity Advisory CSA Protecting Against Malicious Use of Remote Monitoring and Management Software. The...
Hewlett Packard Enterprise Integrated Lights-Out 跨站脚本漏洞
Hewlett Packard Enterprise Integrated Lights-Out is a remote control solution from Hewlett Packard Enterprise. The solution enables remote monitoring and operation of IT assets such as servers. A security vulnerability exists in Hewlett Packard Enterprise Integrated Lights-Out. An attacker could...
Automated Tank Gauge (ATG) Remote Configuration Disclosure Exploit
In 2015, HD Moore, the creator of Metasploit, published an article disclosing over 5,800 gas station Automated Tank Gauges ATGs which were publicly accessible. Besides monitoring for leakage, these systems are also instrumental in gauging fluid levels, tank temperature, and can alert operators wh...
[SECURITY] Fedora 36 Update: glances-3.3.0.1-2.fc36
Glances is a cross-platform monitoring tool which aims to present a large amount of monitoring information through a curses or Web based interface. The information dynamically adapts depending on the size of the user interface It can also work in client/server mode. Remote monitoring could be don...
Hewlett Packard Enterprise Integrated Lights-Out 5 安全漏洞
Hewlett Packard Enterprise Integrated Lights-Out 5 iLO 5 is a remote control solution from Hewlett Packard Enterprise. The solution enables remote monitoring and operation of IT assets such as servers. A security vulnerability exists in Hewlett Packard Enterprise Integrated Lights-Out 5 version...
Fishtank 路径遍历漏洞
Fishtank is a remote monitoring and control interface by Rentaro Matsukata, a personal developer in the U.S. A path traversal vulnerability exists in Fishtank 2015-06-24 and earlier versions, which stems from a failure of Flask's sendfile function to properly filter special elements in resource o...
CVE-2022-29518
Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...
CVE-2022-29518
Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...
Authentication flaw
Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...
CVE-2022-29518
The CVE-2022-29518 issue affects Screen Creator Advance2 (versions before 0.1.1.3 Build01) and related HMI GC-A2 series (GC-A22W-CW, GC-A24W-C(W), GC-A26W-C(W), GC-A24, GC-A24-M, GC-A25, GC-A26, GC-A26-J2) and the Real time remote monitoring and control tool (Remote GC). It stems from an authenti...
PT-2022-19674 · Unknown +1 · Hmi Gc-A2 Series +2
Name of the Vulnerable Software and Affected Versions: Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01 HMI GC-A2 series versions including GC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2 Real time remote monitoring and control tool Remote GC...
CVE-2022-23711
A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance...
Sealevel Systems SeaConnect 370w out-of-bounds write vulnerability (CNVD-2022-10696)
Sealevel Systems SeaConnect 370W is an Industrial Internet of Things Iiot edge device from Sealevel Systems, Inc. used to remotely monitor and control the status of actual I/O processes. The Sealevel Systems SeaConnect 370w is vulnerable to an out-of-bounds write vulnerability that could be...
New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification
An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and a nine-year-old flaw concerning Microsoft's digital signature verification to siphon user credentials and sensitive information. Israeli cybersecurity company Check Point Research, which has been trackin...
The vulnerability of the software for remote monitoring and management of IT systems by Kaseya VSA, related to insufficient protection of registration data, allows a hacker to disclose sensitive information that should be protected.
The vulnerability of Kaseya VSA’s remote monitoring and management software lies in the insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to disclose the protected information...
The vulnerability of the Advantech WebAccess remote monitoring software arises from buffer overflows in the stack, allowing a hacker to execute arbitrary code.
The vulnerability of Advantech WebAccess remote monitoring software arises due to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...