• 1
  • 2 (current)
Dienstag, 12.11.2024
01:00
SIEMENS CERT
SSA-097435 V1.4 (Last Update: 2024-11-12): Usernames Disclosure Vulnerability in Mendix Runtime
Titel
SSA-097435 V1.4 (Last Update: 2024-11-12): Usernames Disclosure Vulnerability in Mendix Runtime
Veröffentlicht
12. November 2024 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-097435.html
Text
Mendix Runtime contains an observable response discrepancy vulnerability when validating usernames during authentication. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames. Siemens has released new versions for the affected products and recommends to update to the latest versions.
01:00
SIEMENS CERT
SSA-064257 V1.0: Privilege Escalation Vulnerability in SIPORT Before V3.4.0
Titel
SSA-064257 V1.0: Privilege Escalation Vulnerability in SIPORT Before V3.4.0
Veröffentlicht
12. November 2024 01:00
URL
https://cert-portal.siemens.com/productcert/html/ssa-064257.html
Text
SIPORT before V3.4.0 contains a privilege escalation vulnerability which could allow a local attacker with an unprivileged account to override or modify the service executable and subsequently gain elevated privileges. Siemens has released a new version for SIPORT and recommends to update to the latest version.
Freitag, 08.11.2024
22:04
US CERT
2023 Top Routinely Exploited Vulnerabilities
Titel
2023 Top Routinely Exploited Vulnerabilities
Veröffentlicht
8. November 2024 22:04
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
Text
Summary The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (hereafter collectively referred to as the authoring agencies): United States: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and National Security Agency (NSA) Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) Canada: Canadian Centre ...
Donnerstag, 07.11.2024
13:00
US CERT (ICS)
Beckhoff Automation TwinCAT Package Manager
Titel
Beckhoff Automation TwinCAT Package Manager
Veröffentlicht
7. November 2024 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-01
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low Attack Complexity Vendor: Beckhoff Automation Equipment: TwinCAT Package Manager Vulnerability: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation this vulnerability could allow a local attacker with administrative access rights to ...
13:00
US CERT (ICS)
Bosch Rexroth IndraDrive
Titel
Bosch Rexroth IndraDrive
Veröffentlicht
7. November 2024 13:00
URL
https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-03
Text
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bosch Rexroth Equipment: IndraDrive Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service, rendering the device unresponsive by sending arbitrary UDP messages. 3. TECHNICAL DETAILS ...
  • 1
  • 2 (current)

Letzte Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
13.11.2024
US CERT
08.11.2024
US CERT (ICS)
12.11.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds