B&R Industrial Automation Security Vulnerabilities

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for March 2023.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 23.0.2-IF003. Vulnerability Details ** CVEID: CVE-2024-26308 DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. By persuading a victim to open a...

CVE-2023-46285

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-46282

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: tkn, zarf, flux-notification-controller, kubescape, boring-registry, apko, pulumi-language-yaml, scorecard, slsa-verifier, sops, flux-notification-controller-2.0, flux-source-controller-0.37, aactl, pulumi-language-dotnet, wolfictl, skaffold, cosign, pulumi, keda,...

CVE-2023-46283

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

r-nagata.co.jp Cross Site Scripting vulnerability OBB-3877772

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.2 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.2 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-34055 DESCRIPTION: **VMware Tanzu Spring Boot is vulnerable to a denial of service, caused by a flaw when application uses Spring MVC...

CVE-2023-3242

Improper initialization implementation in Portmapper used in B&R Industrial Automation Automation...

Security Bulletin: IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service

Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2023-51775) Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions...

CVE-2023-3242

Improper initialization implementation in Portmapper used in B&R Industrial Automation Automation...

CVE-2023-46284

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-38999

A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/halt) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service (DoS) via a crafted GET...

CVE-2023-39005

Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before...

CVE-2023-27772

libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at...

CVE-2023-46281

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All ver...

CVE-2023-38997

A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP...

CVE-2023-27152

DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass...

CVE-2023-39000

A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to inject arbitrary JavaScript via the URL...

CVE-2023-44276

OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby...

CVE-2023-39003

OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory...

CVE-2023-39001

A command injection vulnerability in the component diag_backup.php of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary commands via a crafted backup configuration...

CVE-2023-38998

An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted...

Fedora: Security Advisory for R (FEDORA-2024-07b7b83a4f)

The remote host is missing an update for...

Fedora: Security Advisory for R (FEDORA-2024-bc590cb3f1)

The remote host is missing an update for...

[ADT-3 R] RVC - CTS: StagefrightTest#testStagefright_bug_65483665 failure

In process of C2SoftHevcDec.cpp, there is a possible out of bounds write due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...

CVE-2023-44275

OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby...

CVE-2023-39004

Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege...

CVE-2023-39006

The Crash Reporter (crash_reporter.php) component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 mishandles input...

CVE-2023-39008

A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system...

CVE-2023-39007

/ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows XSS via openAction in...

CVE-2023-39002

A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted...

Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass Vulnerability

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a.....

r-fujita.jcp-ota.jp Cross Site Scripting vulnerability OBB-3869760

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Siemens SIMATIC S7 Device Detection Consolidation

Consolidation of Siemens SIMATIC S7 device...

CVE-2023-2765

A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit.....

CVE-2021-42306

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in...

(RHSA-2024:3483) Moderate: Red Hat Ansible Automation Platform 2.4 Container Security and Bug Fix Update

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that...

CVE-2023-2766

A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown processing of the file /building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini. The manipulation leads to files or directories accessible. The attack may be initiated remotely. The...

Exploit for OS Command Injection in Proscend M330-W Firmware

CVE-2022-36779 exploit code for Unauthenticated OS...

Honeywell PM43 Printers - Command Injection

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g....

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of...

HP Client Automation Default Credentials

The remote install of HP Client Automation has a default password ('secret') set. An attacker may connect to it to reconfigure the application and control remote...

Milesight Routers - Information Disclosure

A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router...

Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce < 5.7.18 - Missing Authorization

Description The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_template_content function in all versions up to, and including,....

r-b-a.ru Cross Site Scripting vulnerability OBB-3906108

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Security Bulletin: IBM Workload Automation is potentially affected by a vulnerability in OpenSSL that might cause Denial of Service

Summary IBM Workload Automation is potentially affected by multiple vulnerabilities in OpenSSL that could cause Denial of Service (CVE-2023-4807, CVE-2023-3817) Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a state corruption...

r-toyota.co.jp Cross Site Scripting vulnerability OBB-3916414

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Authorization Bypass Vulnerability

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Inactive-to-Active ACL Bypass Vulnerability

A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected...

Exploit for Incorrect Authorization in Atlassian Confluence Data Center

CVE-2023-22518 Improper Authorization Vulnerability in...