EUVD-2019-2686

Malware in sbrugna...

CVE-2019-10972

Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file .frc2. Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application i...

Vulnerability fixed in Schneider Electric EcoStruxure Power Design

Schneider Electric has fixed a vulnerability in EcoStruxure Power Design. A malicious party could exploit the vulnerability to execute arbitrary code with privileges of the Power Design user. Successful exploitation requires the malicious party to trick the victim into opening and executing a rog...

Crypto Hardware Wallet Ledger's Supply Chain Breach Results in $600,000 Theft

Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishi...

Vulnerabilities fixed in GitLab CE and EE

Vulnerabilities have been fixed in GitLab Enterprise Edition EE and Community Edition CE. The vulnerabilities can be exploited by a malicious party to gain access to sensitive data, manipulate data without being authorized to do so be authorized, to perform a Cross-Site-Scripting XSS attack or to...

Design/Logic Flaw

Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file .frc2. Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application i...

CVE-2019-10972

CVE-2019-10972 affects Mitsubishi Electric FR Configurator2 (Version 1.16S and earlier). The vulnerability arises when a rogue project file (.frc2) is opened, triggering CPU exhaustion and causing the application to stop responding until restart. Connected advisories corroborate an Uncontrolled R...

CVE-2019-10972

Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file .frc2. Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application i...