The vulnerability of Schneider Electric EcoStruxure IT Gateway’s software for communicating with controlled devices lies in the absence of authentication procedures, allowing attackers to gain full access to the vulnerable software.

The vulnerability of Schneider Electric EcoStruxure IT Gateway’s software for communicating with controlled devices is related to the absence of an authentication procedure. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the vulnerable...

PT-2024-7818 · Schneider Electric · Ecostruxure It Gateway

Name of the Vulnerable Software and Affected Versions: Schneider Electric EcoStruxure IT Gateway affected versions not specified Description: A Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance PCA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to the...

You Can Hijack Nearly Any Drone Mid-flight Using This Tiny Gadget

Now you can hijack nearly any drone mid-flight just by using a tiny gadget. Security researcher Jonathan Andersson has devised a small hardware, dubbed Icarus, that can hijack a variety of popular drones mid-flight, allowing attackers to lock the owner out and give them complete control over the...