Defense in depth for autonomous AI agents

Designing Secure Autonomous AI Agents with Defense in Depth AI agents are moving beyond assistance and into action. Instead of generating content, they invoke tools, modify data, trigger workflows, and operate across systems with increasing autonomy. This shift changes the security problem...

EUVD-2024-54009

Malicious code in bioql PyPI...

EUVD-2025-14389

Malicious code in bioql PyPI...

Real-World Evaluation of Protocol-Compliant Denial-Of-Service Attacks on C-V2X-Based Forward Collision Warning Systems

Cellular Vehicle-to-Everything C-V2X technology enables low-latency, reliable communications essential for safety applications such as a Forward Collision Warning FCW system. C-V2X deployments operate under strict protocol compliance with the 3rd Generation Partnership Project 3GPP and the Societ...

CVE-2025-24007

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. Affected devices only provide weak password obfuscation. An attacker with network access could retrieve and de-obfuscate the safety password used for protection again...

CVE-2025-24008

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. The affected devices do not encrypt data in transit. An attacker with network access could eavesdrop the connection and retrieve sensitive information, including...

CVE-2025-24009

The CVE-2025-24009 issue affects Siemens SIRIUS 3RK3 Modular Safety System (MSS) and SIRIUS Safety Relays 3SK2 (all versions). The root cause is lack of authentication to access critical resources, allowing an attacker with network access to retrieve sensitive data from certain records, including...

CVE-2025-24009

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. The affected devices do not require authentication to access critical resources. An attacker with network access could retrieve sensitive information from certain dat...

CVE-2025-24008

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. The affected devices do not encrypt data in transit. An attacker with network access could eavesdrop the connection and retrieve sensitive information, including...

CVE-2025-24008

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. The affected devices do not encrypt data in transit. An attacker with network access could eavesdrop the connection and retrieve sensitive information, including...

CVE-2025-24008

CVE-2025-24008 affects Siemens SIRIUS 3RK3 Modular Safety System (MSS) and SIRIUS Safety Relays 3SK2 (all versions). The root cause is lack of encryption for data in transit, allowing a network-accessible attacker to eavesdrop and potentially retrieve sensitive information, including obfuscated s...

CVE-2025-24007

The CVE-2025-24007 issue affects Siemens SIRIUS 3RK3 Modular Safety System (MSS) and SIRIUS Safety Relays 3SK2 (all versions). The root cause is weak password obfuscation enabling an attacker with network access to retrieve and de-obfuscate the safety password used for protection against inadvert...

CVE-2025-24007

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. Affected devices only provide weak password obfuscation. An attacker with network access could retrieve and de-obfuscate the safety password used for protection again...

PT-2025-20848 · Siemens · Sirius 3Rk3 Modular Safety System +1

Name of the Vulnerable Software and Affected Versions: SIRIUS 3RK3 Modular Safety System MSS All versions SIRIUS Safety Relays 3SK2 All versions Description: A vulnerability has been identified where affected devices only provide weak password obfuscation. An attacker with network access could...

Siemens SIRIUS 3RK3 Modular Safety System和Siemens SIRIUS Safety Relays 3SK2 安全漏洞

Siemens SIRIUS 3RK3 Modular Safety System and Siemens SIRIUS Safety Relays 3SK2 are both products of Siemens, Germany.Siemens SIRIUS 3RK3 Modular Safety System is a modular safety control system. Siemens SIRIUS Safety Relays 3SK2 is a safety relay. A security vulnerability exists in the Siemens...

PT-2025-20850 · Siemens · Sirius 3Rk3 Modular Safety System +1

Name of the Vulnerable Software and Affected Versions: SIRIUS 3RK3 Modular Safety System MSS All versions SIRIUS Safety Relays 3SK2 All versions Description: A vulnerability has been identified where the affected devices do not require authentication to access critical resources. An attacker with...

CVE-2024-12146 SQLi in Finder Fire Safety's Finder ERP/CRM (New System)

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Finder Fire Safety Finder ERP/CRM New System allows SQL Injection. This issue affects Finder ERP/CRM New System: before 18.12.2024...

SICK ICR890-4 安全漏洞

The SICK ICR890-4 is a track and trace system from SICK, Germany. A security vulnerability exists in the SICK ICR890-4 that arises from the transmission of sensitive information in clear text...

CVE-2022-30260

Emerson DeltaV Distributed Control System DCS has insufficient verification of firmware integrity an inadequate checksum approach, and no signature. This affects versions before 14.3 of DeltaV M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV CIOC/EIOC/WIOC IO cards...

Denial of Service Vulnerability in Schneider Tricon Safety Instrumented Systems TCM 4351B Communication Card (CNVD-2020-70795)

Tricon Safety Instrumented System is a safety instrumented system from Schneider Electric Co. The TCM 4351B communication card is a communication card for the Tricon Safety Instrumented System from Schneider, which supports Ethernet as well as serial communication. A denial of service vulnerabili...