253 matches found
CISA Releases Cybersecurity Advisory on SimpleHelp RMM Vulnerability
Today, CISA released Cybersecurity Advisory: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider. This advisory is in response to ransomware actors targeting customers of a utility billing software provider through...
CVE-2022-29518
Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...
CVE-2018-7820
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled...
CVE-1999-0031
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability...
Siemens OZW Web Servers Code Execution and SQL Injection Vulnerability
The OZW device web server is used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning status. A code execution and SQL injection vulnerability exists in the Siemens OZW672 and OZW772 web servers, which can be exploited by an attacker to...
Siemens OZW Web Server Code Execution and SQL Injection Vulnerabilities (CNVD-2025-10579 )
The OZW device web server is used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning status. A code execution and SQL injection vulnerability exists in the Siemens OZW672 and OZW772 web servers, which can be exploited by an attacker to...
SunGrow Logger1000 安全漏洞
SunGrow Logger1000 is a photovoltaic plant data collector from SunGrow China that supports multi-protocol conversion and remote monitoring. A security vulnerability exists in SunGrow Logger1000 version 01A, which stems from a weak password requirement...
Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management RMM software since January 2025. "The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entic...
Spam campaign targeting Brazil abuses Remote Monitoring and Management tools
Cisco Talos identified a spam campaign targeting Brazilian users with commercial remote monitoring and management RMM tools since at least January 2025. Talos observed the use of PDQ Connect and N-able remote access tools in this campaign. The spam message uses the Brazilian electronic invoice...
The vulnerability of the GetConnectionVariables method in the software for managing and monitoring remote objects in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the GetConnectionVariables method in software for controlling and monitoring remote objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise t...
Siemens TeleControl Server Basic SQL Injection Vulnerability
TeleControl Server Basic is a server software for remote monitoring and control, widely used in industrial automation. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internal use of the LockProjectCrossCommunications method that fails to properly...
Multiple SQL Injection Vulnerabilities in Siemens TeleControl Server Basic
TeleControl Server Basic is Siemens' software for the TeleControl Basic control center, which allows remote monitoring and control of devices via WAN/LAN. Siemens TeleControl Server Basic versions prior to v3.1.2.2 contain multiple SQL injection vulnerabilities that can be exploited by an attacke...
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT. "EncryptHub has been observed targeting users of popular applications, ...
CVE-2024-5466
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option...
CVE-2024-6748
Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM versions 128317 and below are vulnerable to authenticated SQL injection in the URL monitoring...
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow Code Execution Vulnerability
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by Fuji Electric Japan for collecting real-time data from PLCs, temperature controllers, inverters and other devices. Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow...
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow Code Execution Vulnerability (CNVD-2025-21316)
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by Fuji Electric Japan for collecting real-time data from PLCs, temperature controllers, inverters, and other devices. Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow...
Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow Code Execution Vulnerability (CNVD-2025-21318)
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by Fuji Electric Japan for collecting real-time data from PLCs, temperature controllers, inverters, and other devices. Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow...
Fuji Electric V-Server和Fuji Electric V-Server Lite 缓冲区错误漏洞
Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a software package for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...
Siemens OZW devices (web servers) cross-site scripting vulnerability
OZW devices web servers are used for remote monitoring of building controller devices, e.g. for monitoring heating control or air conditioning. A cross-site scripting vulnerability exists in Siemens OZW devices web servers, which can be exploited by an attacker to inject arbitrary JavaScript code...