Siemens SIMATIC S7-PLCSIM

SUMMARY Affected products do not properly sanitize user-controllable input when parsing project files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Siemens has released new versions for several affected products and recommends...

CVE-2023-0868

Reflected cross-site scripting in graph results in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to steal session cookies. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon installation instructions state that they are...

CVE-2023-0872

The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizo...

CVE-2024-38530

CVE-2024-38530 affects the Open eClass platform (H5P module) via an arbitrary file upload in the module’s save.php, allowing unauthenticated uploads to the server filesystem. The underlying issue enables potential unrestricted remote code execution on the backend, since the upload location is int...

ChatGPT happy to write ransomware, just really bad at it

This morning I decided to write some ransomware. I've never done it before, and I can't code in C, the language ransomware is mostly commonly written in, but I have a reasonably good idea of what ransomware does. Previously, this lack of technical skills would have served as something of a barrie...

How Ready Are You for a Ransomware Attack?

Determining how hard a target you present for the current wave of human-driven ransomware involves multiple considerations. There are four steps to analyzing how prepared you are for a ransomware attack. Such analysis roughly breaks down as follows: 1 How easy it is to break into your environment...

NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks for all referenced threat actor techniques and mitigations. Over recent months, cyber actors...

CISA Releases Final Binding Operational Directive on Developing a Vulnerability Disclosure Policy

The Cybersecurity and Infrastructure Security Agency CISA has released Binding Operational Directive BOD 20-01, Develop and Publish a Vulnerability Disclosure Policy VDP. BOD 20-01 requires each federal agency to publish a VDP. Publication of agency VDPs will make it easier for users to report...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

RCE-CVE-2020-5902 BIG-IP F5 Remote Code Execution Descripti...

CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies

The U.S. government’s cybersecurity agency has issued a draft directive mandating all agencies to develop vulnerability disclosure policies, which would give ethical hackers clear guidelines for submitting bugs found in government systems. Security experts hope that the directive will light a fir...

CISA Releases Four New Insights Products

The Cybersecurity and Infrastructure Security Agency CISA has released four new CISA Insights products informed by U.S. intelligence and real-world events. Each of the following products provides a description of the threat, lessons learned, recommendations, and additional relevant resources:...

CISA Releases Binding Operational Directive on Vulnerability Remediation

The U.S. Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA issued Binding Operational Directive BOD 19-02, Vulnerability Remediation Requirements for Internet-Accessible Systems. BOD 19-02 requires federal agencies to ensure effective and timely remediation...

TPLINK TLWR740N路由器远程代码执行漏洞(CVE-2017-13772)

INTRODUCTION In October of 2017 we disclosed multiple vulnerabilities in TP-Link’s WR940n router that occurred due to multiple code paths calling strcpy on user controllable unsanitised input CVE-2017-13772 The httpd binary responsible for these vulnerabilities contained patterns of code that...

Information about LenovoEMC devices may be disclosed if the device has an Internet-accessible management interface - Lenovo Support US

No description provided...

Information about LenovoEMC devices may be disclosed if the device has an Internet-accessible management interface

Lenovo Security Advisory: LEN-3846 Potential Impact: Disclosure of information about device Severity:Low Summary: An unauthenticated user may be able to view device information about the LenovoEMC device if the management interface accessible over the internet. Even with this vunerability, no dat...

U.S. Dept Of Defense: Unrestricted File Upload

A Navy system had a file upload tool accessible from the Internet. This would have permitted an attacker to upload malicious files and potentially execute code on the server. Thanks to @hogarth45 for reporting it...

ManageEngine SupportCenter 7.90 - Multiple Vulnerabilities

Document Title: =============== ManageEngine SupportCenter 7.90 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1501 Release Date: ============= 2015-06-19 Vulnerability Laboratory ID VL-ID: ====================================...

Standard & Poors ComStock 4.2.4 Machine Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/1080/info Numerous vulnerabilities exist in the ComStock product, as sold by Standard & Poor's. ComStock is based on the RedHat 5.1 distribution, and contains many of the vulnerabilities found in the 5.1 distribution. In...