Lucene search
K

253 matches found

CISA
CISA
added 2025/06/12 12:0 p.m.7 views

CISA Releases Cybersecurity Advisory on SimpleHelp RMM Vulnerability

Today, CISA released Cybersecurity Advisory: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider. This advisory is in response to ransomware actors targeting customers of a utility billing software provider through...

9.1CVSS7.6AI score0.95151EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2025/05/23 12:58 a.m.10 views

CVE-2022-29518

Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...

7CVSS7AI score0.00209EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:0 a.m.6 views

CVE-2018-7820

A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled...

9.8CVSS6.9AI score0.01032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:24 p.m.8 views

CVE-1999-0031

JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability...

2.6CVSS7AI score0.18298EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/13 12:0 a.m.2 views

Siemens OZW Web Servers Code Execution and SQL Injection Vulnerability

The OZW device web server is used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning status. A code execution and SQL injection vulnerability exists in the Siemens OZW672 and OZW772 web servers, which can be exploited by an attacker to...

9.8CVSS9AI score0.00553EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/13 12:0 a.m.5 views

Siemens OZW Web Server Code Execution and SQL Injection Vulnerabilities (CNVD-2025-10579 )

The OZW device web server is used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning status. A code execution and SQL injection vulnerability exists in the Siemens OZW672 and OZW772 web servers, which can be exploited by an attacker to...

10CVSS9AI score0.00821EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/11 12:0 a.m.5 views

SunGrow Logger1000 安全漏洞

SunGrow Logger1000 is a photovoltaic plant data collector from SunGrow China that supports multi-protocol conversion and remote monitoring. A security vulnerability exists in SunGrow Logger1000 version 01A, which stems from a weak password requirement...

6.3CVSS5AI score0.00346EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2025/05/09 11:40 a.m.31 views

Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials

Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management RMM software since January 2025. "The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entic...

7.8CVSS8.1AI score0.99945EPSS
Exploits33
Talos Blog
Talos Blog
added 2025/05/08 10:0 a.m.10 views

Spam campaign targeting Brazil abuses Remote Monitoring and Management tools

Cisco Talos identified a spam campaign targeting Brazilian users with commercial remote monitoring and management RMM tools since at least January 2025. Talos observed the use of PDQ Connect and N-able remote access tools in this campaign. The spam message uses the Brazilian electronic invoice...

7.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/25 12:0 a.m.7 views

The vulnerability of the GetConnectionVariables method in the software for managing and monitoring remote objects in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the GetConnectionVariables method in software for controlling and monitoring remote objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise t...

9CVSS5.7AI score0.00683EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability

TeleControl Server Basic is a server software for remote monitoring and control, widely used in industrial automation. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internal use of the LockProjectCrossCommunications method that fails to properly...

8.8CVSS8AI score0.00683EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/16 12:0 a.m.3 views

Multiple SQL Injection Vulnerabilities in Siemens TeleControl Server Basic

TeleControl Server Basic is Siemens' software for the TeleControl Basic control center, which allows remote monitoring and control of devices via WAN/LAN. Siemens TeleControl Server Basic versions prior to v3.1.2.2 contain multiple SQL injection vulnerabilities that can be exploited by an attacke...

8.6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2025/03/06 12:15 p.m.18 views

EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing

The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT. "EncryptHub has been observed targeting users of popular applications, ...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 6:33 a.m.8 views

CVE-2024-5466

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option...

8.8CVSS7.8AI score0.06911EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:2 a.m.7 views

CVE-2024-6748

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM versions 128317 and below are vulnerable to authenticated SQL injection in the URL monitoring...

8.3CVSS7.9AI score0.23784EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/03 12:0 a.m.5 views

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow Code Execution Vulnerability

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by Fuji Electric Japan for collecting real-time data from PLCs, temperature controllers, inverters and other devices. Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow...

7.8CVSS8AI score0.00268EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/03 12:0 a.m.1 views

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow Code Execution Vulnerability (CNVD-2025-21316)

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by Fuji Electric Japan for collecting real-time data from PLCs, temperature controllers, inverters, and other devices. Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow...

7.8CVSS8AI score0.00268EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/03 12:0 a.m.2 views

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow Code Execution Vulnerability (CNVD-2025-21318)

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by Fuji Electric Japan for collecting real-time data from PLCs, temperature controllers, inverters, and other devices. Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow...

7.8CVSS8AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.3 views

Fuji Electric V-Server和Fuji Electric V-Server Lite 缓冲区错误漏洞

Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a software package for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...

7.8CVSS7AI score0.00188EPSS
Exploits0References3
CNVD
CNVD
added 2024/11/13 12:0 a.m.10 views

Siemens OZW devices (web servers) cross-site scripting vulnerability

OZW devices web servers are used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning. A cross-site scripting vulnerability exists in Siemens OZW devices web servers, which can be exploited by an attacker to inject arbitrary JavaScript code...

8.2CVSS6.3AI score0.00289EPSS
Exploits0References1
Rows per page
Query Builder