HOME TOOLS TRAINING NEWS CTF EVENTS CRYPTOJAMS CONTACT

NEWS

ALL NEWS - LIST VIEW "click here"

Major News Resources

Bleeping Computer

The Hacker News

FBI News

CISA Alerts & Advisories

Homeland Security News Wire

NSA Press Releases & Statements

New Exploits

Cybersecurity and Infrastructure Security Agency C

Siemens SiPass integrated AC5102/ACC-G2 and ACC-AP | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to execute commands on the device with root privileges and access sensitive data.
Siemens reports that the fo...
Cybersecurity and Infrastructure Security Agency C

Siemens SINEMA Remote Connect Client | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to overflow memory buffers, impersonate a legitimate user, maintain longer session times, gain elevated privi...
Cybersecurity and Infrastructure Security Agency C

Sungrow iSolarCloud Android App WiNet Firmware | CISA

View CSAF
Successful exploitation of these vulnerabilities could result in attackers being able to access and could modify sensitive information.
The following Sungrow software products are affected:
The Android app for iSolarCloud explicitly ignores certificate errors and is vulnerable to adversary-in-the-middle attacks. This may allow an attacker to impersonate the iSolarCloud server and communicate with the Android app.
CVE-2024-50691 has been assigned to this vulnerability. A CVSS v3.1 base...
Cybersecurity and Infrastructure Security Agency C

ABB ACS880 Drives Containing CODESYS RTS | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the device or cause a denial-of-service condition.
ABB reports that the following low-voltage DC drive and power controller products contain a vulnerable version of CODESYS Runtime:
After successful authentication as a user in multiple CODESYS products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read i...
Cybersecurity and Infrastructure Security Agency C

NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat | CISA

Today, CISA—in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand’s National Cyber Security Centre (NCSC-NZ)—released joint Cybersecurity Advisory Fast Flux: A National Security Threat (PDF, 841 KB). This advisory warns organizations, internet service providers (ISPs), and cybersecurity service providers of the ongoing...
Cybersecurity and Infrastructure Security Agency C

Hitachi Energy RTU500 Series | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.
The following Hitachi Energy products are affected:
A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled to exploit this vulnerabili...
Cybersecurity and Infrastructure Security Agency C

B&R APROL | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to execute commands, elevate privileges, gather sensitive information, or alter the product.
B&R reports that the following products are affected:
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands.
CVE-2024-45482 has been assigned to this vulnerabilit...
Cybersecurity and Infrastructure Security Agency C

CISA Releases Five Industrial Control Systems Advisories | CISA

CISA released five Industrial Control Systems (ICS) advisories on April 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA released five Industrial Control Systems (ICS) advisories on April 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and...
Cybersecurity and Infrastructure Security Agency C

ABB Low Voltage DC Drives and Power Controllers CODESYS RTS | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow attackers to trigger a denial-of-service condition or execute arbitrary code over the fieldbus interfaces.
ABB reports that the following low-voltage DC drive and power controller products contain a vulnerable version of the CODESYS Runtime:
After successful authentication as a user in multiple versions of multiple CODESYS products, specific crafted network communication requests with inconsistent content can cause the CmpApp...
Cybersecurity and Infrastructure Security Agency C

Hitachi Energy TRMTracker | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to execute limited remote commands, poison web-cache, or disclose and modify sensitive information.
The following products are affected:
The TRMTracker web application is vulnerable to LDAP injection attack potentially allowing an attacker to inject code into a query and execute remote commands that can read and update data on the website.
CVE-2025-27631 has been assigned to this vulnerability. A CVSS v3.1 base sc...
Cybersecurity and Infrastructure Security Agency C

Fast Flux: A National Security Threat | CISA

Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection. Malicious cyber actors, including cybercriminals and nation-state actors, use fast flux to obfuscate the locations of malicious servers by rapidly changing Domain Name System (DNS) records. Additionally, they can create resilient, highly available command a...
Cybersecurity and Infrastructure Security Agency C

Rockwell Automation Lifecycle Services with Veeam Backup and Replication | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker with administrative privileges to execute code on the target system.
Rockwell Automation reports the following Lifecycle Services with Veeam Backup and Replication are affected:
A remote code execution vulnerability exists in Veeam Backup and Replication, which the affected products use. Exploitation of the vulnerability can allow a threat actor to execute code on the target system.
CVE-2025-23120 has been assigned t...
Cybersecurity and Infrastructure Security Agency C

CISA Releases Two Industrial Control Systems Advisories | CISA

CISA released two Industrial Control Systems (ICS) advisories on April 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA released two Industrial Control Systems (ICS) advisories on April 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and e...
Cybersecurity and Infrastructure Security Agency C

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs)...
Cybersecurity and Infrastructure Security Agency C

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs)...
Cybersecurity and Infrastructure Security Agency C

MAR-25993211-r1.v1 Ivanti Connect Secure (RESURGE) | CISA

CISA analyzed three files obtained from a critical infrastructure’s Ivanti Connect Secure device after threat actors exploited Ivanti CVE-2025-0282 for initial access. One file—that CISA is calling RESURGE—has functionality similar to SPAWNCHIMERA in how it creates a Secure Shell (SSH) tunnel for command and control (C2). RESURGE also contains a series of commands that can modify files, manipulate integrity checks, and create a web shell that is copied to the running Ivanti boot disk. The second...
Cybersecurity and Infrastructure Security Agency C

CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure | CISA

CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures on a new malware variant CISA has identified as RESURGE. RESURGE contains capabilities of the SPAWNCHIMERA[1] malware variant, including surviving reboots; however, RESURGE contains distinctive commands that alter its behavior. These commands: 

RESURGE is associated with the exploitation of CVE-2025-0282 in Ivanti Connect Secure appliances. CVE-2025-0282 is a stack-based buffer overflow vulnera...
Cybersecurity and Infrastructure Security Agency C

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs)...
Cybersecurity and Infrastructure Security Agency C

CISA Releases One Industrial Control Systems Advisory | CISA

CISA released one Industrial Control Systems (ICS) advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA released one Industrial Control Systems (ICS) advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exp...
Cybersecurity and Infrastructure Security Agency C

Supply Chain Compromise of Third-Party tj-actions/changed-files (CVE-2025-30066) and reviewdog/action-setup@v1 (CVE-2025-30154) | CISA

A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. tj-actions/changed-files is designed to detect which files have changed in a pull request or commit. The supply chain compromise allows for information disclosure of secrets including, but not limited to, valid access keys, GitHub Personal Access Tokens (PATs), npm tokens, and private RSA keys. This has been patched in v46.0.1. 

(Updated March 19, 2025) The compromise of tj-actions/chang...
Cybersecurity and Infrastructure Security Agency C

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVE...
Cybersecurity and Infrastructure Security Agency C

ABB RMC-100 | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the web UI, causing a temporary denial of service until the interface can be restarted.
ABB reports that the following products are affected when the REST interface is enabled:
A vulnerability exists in the web UI (REST interface) included in the product versions listed above. An attacker could exploit the vulnerability by sending a specially crafted message to the web UI node,...
Cybersecurity and Infrastructure Security Agency C

CISA Releases Four Industrial Control Systems Advisories | CISA

CISA released four Industrial Control Systems (ICS) advisories on March 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA released four Industrial Control Systems (ICS) advisories on March 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, a...
Cybersecurity and Infrastructure Security Agency C

Rockwell Automation Verve Asset Manager | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service.
Rockwell Automation reports the following versions of Verve Asset Manager are affected:
A vulnerability exists in the affected product due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Active Directory Interface (ADI) capability (deprecated since the 1.36 re...
Cybersecurity and Infrastructure Security Agency C

Rockwell Automation 440G TLS-Z | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker to take over the device.
Rockwell Automation reports the following products are affected by a vulnerability because they use STMicroelectronics STM32L4 devices:
A local code execution vulnerability exists in the STMicroelectronics STM32L4 devices due to having incorrect access controls. The affected product utilizes the STMicroelectronics STM32L4 device and because of the vulnerability, a threat actor could reverse p...
Cybersecurity and Infrastructure Security Agency C

Inaba Denki Sangyo CHOCO TEI WATCHER Mini | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to obtain the product's login password, gain unauthorized access, tamper with product's data, and/or modify product settings.
The following versions of CHOCO TEI WATCHER are affected:
The affected product is vulnerable to a use of client-side authentication vulnerability, which may allow an attacker to obtain the product's login password without authentication.
CVE-2025-24517 has been assigned to this vulnerabilit...
Cybersecurity and Infrastructure Security Agency C

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs)...
Cybersecurity and Infrastructure Security Agency C

CISA Releases Five Industrial Control Systems Advisories | CISA

CISA released five Industrial Control Systems (ICS) advisories on March 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA released five Industrial Control Systems (ICS) advisories on March 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, a...
Cybersecurity and Infrastructure Security Agency C

Schneider Electric Enerlin’X IFE and eIFE | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition which would require the device to need to be manually rebooted.
The following versions of Enerlin'X IFE interface and Enerlin'X eIFE are affected:
An improper input validation vulnerability exists that could cause a denial of service of the product when malicious IPV6 packets are sent to the device.
CVE-2025-0816 has been assigned to this vulnerability. A CVSS v3.1 base score...
Cybersecurity and Infrastructure Security Agency C

Siemens Simcenter Femap | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of this vulnerability could allow an attacker to execute code within the current process of the product.
Siemens reports that the following products are affec...
Cybersecurity and Infrastructure Security Agency C

SMA Sunny Portal | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker to upload and remotely execute code.
The following versions of SMA Sunny Portal are affected:
The SMA Sunny Portal is vulnerable to an unauthenticated remote attacker who can upload a .aspx file instead of a PV system picture through the demo account. The code can only be executed in the security context of the user.
CVE-2025-0731 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.5 has been calcula...
Cybersecurity and Infrastructure Security Agency C

Santesoft Sante DICOM Viewer Pro | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker to cause memory corruption that would result in execution of arbitrary code.
The following Santesoft products are affected:
The affected product is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker.
CVE-2025-2480 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vecto...
Cybersecurity and Infrastructure Security Agency C

Schneider Electric EcoStruxure™ | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker to cause a local privilege escalation, which could result in loss of confidentiality, integrity and availability of the engineering workstation.
The following versions of EcoStruxure™ are affected:
An improper privilege management vulnerability exists for two services, one managing audit trail data and the other acting as server managing client request, that could cause a loss of confidentiality, integrity, and avail...
Cybersecurity and Infrastructure Security Agency C

CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (C...
Cybersecurity and Infrastructure Security Agency C

CISA Releases Seven Industrial Control Systems Advisories | CISA

CISA released seven Industrial Control Systems (ICS) advisories on March 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA released seven Industrial Control Systems (ICS) advisories on March 18, 2025. These advisories provide timely information about current security issues, vulnerabilities,...
Cybersecurity and Infrastructure Security Agency C

Schneider Electric EcoStruxure Panel Server | CISA

View CSAF
Successful exploitation of this vulnerability could allow disclosure of sensitive information, including the disclosure of credentials.
Schneider Electric reports the following versions of EcoStruxure Panel Server are affected:
There is an insertion of sensitive information into log files vulnerability that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are export...
Cybersecurity and Infrastructure Security Agency C

Schneider Electric EcoStruxure Power Automation System | CISA

View CSAF
Successful exploitation of this vulnerability could allow unauthorized access to the underlying software application running WebHMI.
Schneider Electric reports the following products are affected because they use WebHMI v4.1.0.0 and prior:
An initialization of a resource with an insecure default vulnerability exists that could cause an attacker to execute unauthorized commands when a system's default password credentials have not been changed on first use. The default username is not d...
Cybersecurity and Infrastructure Security Agency C

Rockwell Automation Lifecycle Services with VMware | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker with local administrative privileges to execute code.
The following versions of Rockwell Automation Lifecycle Services with VMware are affected:
A time of check time of use (TOCTOU) vulnerability exists in VMware ESXi, which the affected products use. Exploitation of the vulnerability can allow a threat actor with local administrative privileges to execute code as the virtual machine's VMX process running on the h...
Cybersecurity and Infrastructure Security Agency C

Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066 | CISA

A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. This GitHub Action is designed to detect which files have changed in a pull request or commit. The supply chain compromise allows for information disclosure of secrets including, but not limited to, valid access keys, GitHub Personal Access Tokens (PATs), npm tokens, and private RSA keys. This has been patched in v46.0.1. 

CISA added CVE-2025-30066 to its Known Exploited Vulnerabilities...
Cybersecurity and Infrastructure Security Agency C

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVE...
Cybersecurity and Infrastructure Security Agency C

Schneider Electric EcoStruxure Power Automation System User Interface (EPAS-UI) | CISA

View CSAF
Successful exploitation of this vulnerability could allow an attacker to bypass device authentication, potentially gain access to sensitive information, or execute arbitrary code.
Schneider Electric reports that the following products are affected:
The Schneider Electric EcoStruxure Power Automation System User Interface (EPAS-UI) is vulnerable to authentication bypass. This occurs when an unauthorized user, without permission rights, has physical access to the EPAS-UI computer and is...
Cybersecurity and Infrastructure Security Agency C

Schneider Electric ASCO 5310/5350 Remote Annunciator | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to perform a denial of service, loss of availability, or loss of device integrity.
Schneider Electric reports the following products are affected:
Schneider Electric ASCO 5310 / 5350 remote annunciator is vulnerable to a download of code without integrity check vulnerability that could render the device inoperable when malicious firmware is downloaded.
CVE-2025-1058 has been assigned to this vulnerability. A CVSS...
Cybersecurity and Infrastructure Security Agency C

Siemens SCALANCE M-800 and SC-600 Families | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of this vulnerability could allow an attacker to obtain partial invalid usernames accepted by the server. A remote attacker would need access to a valid certi...
Cybersecurity and Infrastructure Security Agency C

Siemens SIMATIC S7-1500 TM MFP | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service condition, or gain unauthorized access to sensitive info...
Cybersecurity and Infrastructure Security Agency C

Siemens SINAMICS S200 | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of this vulnerability could allow an attacker to download untrusted firmware that could damage or compromise the device.
Siemens reports that the following pr...
Cybersecurity and Infrastructure Security Agency C

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVE...
Cybersecurity and Infrastructure Security Agency C

Siemens SCALANCE LPE9403 | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of these vulnerabilities allow a remote attacker to execute arbitrary code, read and write arbitrary files, escalate privileges, or execute a limited set of b...
Cybersecurity and Infrastructure Security Agency C

Siemens Tecnomatix Plant Simulation | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of these vulnerabilities could allow an unauthorized attacker to read or delete arbitrary files or the entire file system of the device.
Siemens reports that...
Cybersecurity and Infrastructure Security Agency C

Siemens SiPass integrated AC5102/ACC-G2 and ACC-AP | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to execute commands on the device with root privileges and access sensitive data.
Siemens reports that the fo...
Cybersecurity and Infrastructure Security Agency C

Siemens SINEMA Remote Connect Client | CISA

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to overflow memory buffers, impersonate a legitimate user, maintain longer session times, gain elevated privi...
Cybersecurity and Infrastructure Security Agency C

Sungrow iSolarCloud Android App WiNet Firmware | CISA

View CSAF
Successful exploitation of these vulnerabilities could result in attackers being able to access and could modify sensitive information.
The following Sungrow software products are affected:
The Android app for iSolarCloud explicitly ignores certificate errors and is vulnerable to adversary-in-the-middle attacks. This may allow an attacker to impersonate the iSolarCloud server and communicate with the Android app.
CVE-2024-50691 has been assigned to this vulnerability. A CVSS v3.1 base...
Cybersecurity and Infrastructure Security Agency C

ABB ACS880 Drives Containing CODESYS RTS | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the device or cause a denial-of-service condition.
ABB reports that the following low-voltage DC drive and power controller products contain a vulnerable version of CODESYS Runtime:
After successful authentication as a user in multiple CODESYS products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read i...
Cybersecurity and Infrastructure Security Agency C

NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat | CISA

Today, CISA—in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand’s National Cyber Security Centre (NCSC-NZ)—released joint Cybersecurity Advisory Fast Flux: A National Security Threat (PDF, 841 KB). This advisory warns organizations, internet service providers (ISPs), and cybersecurity service providers of the ongoing...
Cybersecurity and Infrastructure Security Agency C

Hitachi Energy RTU500 Series | CISA

View CSAF
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.
The following Hitachi Energy products are affected:
A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled to exploit this vulnerabili...