ZLAN Information Technology Co. ZLAN5143D

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker bypassing authentication, or resetting the device password. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

EUVD-2022-35250

Malicious code in bioql PyPI...

CVE-2022-30036

MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability...

CVE-2022-30036

MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability...

CVE-2022-30036

MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability...

Design/Logic Flaw

MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability...

CVE-2022-30036

MA Lighting grandMA2 Light is affected by a trust/auth issue where the root account uses the default password

CVE-2022-30036

MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's position is that the product was designed for isolated networks. Also, the successor product, grandMA3, is not affected by this vulnerability...

Industrial Gear at Risk from Fuji Code-Execution Bugs

Industrial control software ICS from Fuji Electric is vulnerable to several high-severity arbitrary code-execution security bugs, according to a federal warning. Authorities are warning the flaws could allow physical attacks on factory and critical-infrastructure equipment. Fuji Electric’s Tellus...

Ramsey Malware

A new malware, called Ramsey, can jump air gaps: ESET said they've been able to track down three different versions of the Ramsay malware, one compiled in September 2019 Ramsay v1, and two others in early and late March 2020 Ramsay v2.a and v2.b. Each version was different and infected victims...

TP-Link Archer C3200 and Archer C2 Input Validation Error Vulnerability (CNVD-2019-31311)

The TP-Link Archer C3200 and Archer C2 are both a wireless router from China's P&L TP-Link. An input validation error vulnerability exists in the TP-Link Archer C3200 and Archer C2, which can be exploited by an attacker to transfer data between two isolated network segments on the same device...

GhostTunnel - A Covert Backdoor Transmission Method That Can Be Used In An Isolated Environment

GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...

Covert Backdoor Transmission Method: GhostTunnel

GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...