CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on May 02, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-123-01 CyberPower PowerPanel ICSA-24-123-02 Delta Electronics DIAEnergie ICSA-24-067-01...

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on April 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-116-01 Multiple Vulnerabilities in Hitachi Energy RTU500 Series ICSA-24-116-02 Hitachi...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on April 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-051-03 Mitsubishi Electric Electrical Discharge Machines Update A ICSA-24-067-01 Chirp...

Crickets from Chirp Systems in Smart Lock Key Leak

The U.S. government is warning that "smart locks" securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The locks maker Chirp Systems remains unresponsive, even though it was first notified about the critical...

Chirp Access Trust Management Issues Vulnerability

Chirp Systems Chirp Access is a feature or service from Chirp Systems that helps users access and manage their Chirp accounts. Chirp Access suffers from a trust management issue vulnerability that stems from storing credentials in its source code, which could expose sensitive information to an...

CVE-2024-2197 Chirp Systems Chirp Access Use of Hard-coded Password

The Chirp Access app contains a hard-coded password, BEACONPASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the application's ability to notify users when they are near a Beacon-enabled access point. This variable...

CVE-2024-2197 Chirp Systems Chirp Access Use of Hard-coded Password

The Chirp Access app contains a hard-coded password, BEACONPASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the application's ability to notify users when they are near a Beacon-enabled access point. This variable...